Is Your eCommerce Fraud Prevention in Shape for This Summer’s “Breach Party”?
High-profile breaches continued to flare up in the first part of 2016, likely exposing eCommerce merchants to higher levels of card-not-present fraud this summer:
- Trump Hotel Collection. Republican presidential candidate Donald Trump’s luxury properties have apparently had a breach of their credit card systems. Again.
- Hyatt. The hospitality chain said a card breach hit 250 of their Hyatt hotels in 50 countries around the world.
- Verizon Enterprise Solutions. According to Krebs on Security, the contact information of 1.5 million Verizon Enterprise customers was posted for sale on a hacker marketplace. Ironically, this is the unit of Verizon that helps companies respond to data breaches.
- Wendy’s. It’s early in the Breach Bingo process, so we don’t know the full extent of the breach at the fast-food chain. But right now, Wendy’s is saying systems at least 300 stores out of 6,500 appear to have been compromised.
- Noodles & Company. Third party investigators are evaluating reports that some of the restaurant chain’s locations suffered credit card breaches.
- Equifax Inc. Hackers stole tax and salary info (i.e., Social Security numbers, email addresses, etc.) of Kroger employees. No word yet just how many of the 431,000 employees are affected.
- Steam. The online video game platform admitted that 77,000 of its gamer accounts are hacked every month. That’s nearly 1 million accounts a year for those of you scoring at home.
- Government. Sixty-five percent of federal security execs surveyed in a new report say that the government is unable to detect ongoing cyber attacks. So that could mean anywhere from none to 300 million potentially-breached government accounts.
- LinkedIn. Turns out the 2012 breach that “only” exposed 6.5 million LinkedIn passwords was more like 117 million accounts (only off by 1800%!) and that more than just LinkedIn accounts may be at risk.
All these breaches point to a long, hot summer of higher eCommerce fraud:
- 29.1% of eCommerce merchants reported that fraud increases following major data breaches.
- Juniper Research says cybercriminals will move to card-not-present (CNP) transactions with focus on ecommerce, pushing online transaction fraud to $25.6 billion by 2020.
What do you need to do in the next 30 days to get your fraud prevention in shape for this summer's “breach party”?
- Make sure you’re using solutions with proven technologies like Device ID/Fingerprinting, Geo-location, Velocity Checks, and AI/Machine Intelligence as a first line of defense. These tools – applied in an automated fashion – screen out most fraudsters quickly and easily.
- Capitalize on solutions that provide easy-to-use workflow management and real-time decisioning capabilities to reduce manual reviews so you don’t get overwhelmed and lose orders due to delays caused by manual screening.
- Consider on-demand fraud prevention solutions that let you scale rapidly and cost-effectively in response to “fraud surges” without incurring the costly, long-term IT expense associated with DIY solutions (hardware capital expense, software/integration services, support/maintenance contracts, headcount, etc.).
- Don’t forget mobile. Mobile is the fastest growing channel in eCommerce, especially for key segments like apparel & accessories, automotive, electronics, and food & beverage. At the same time, mobile is up to 2X more likely to involve fraud. Make sure you have key mobile fraud prevention capabilities in place, like Device ID/Recognition, “True” Geo-location and more.