EMV's Reality: More Online Fraud
Today is an important day for U.S. merchants. It marks the deadline for retailers to upgrade their point-of-sale terminals to EMV-compliant machines. After this, merchants that don’t support payment cards with embedded chips will be liable for in-store fraud.
While this technology has been the norm in Europe for the past ten years, the U.S. is just getting around to adopting EMV technology, prompted by a need to combat the ever increasing costs of card fraud, which was valued at $11 billion in 2014 according to the authoritative LexisNexis survey of merchants.
With the deadline less than a month away, many merchants are dragging their feet to become compliant. Only 22% of small to mid-sized retailers reported that they are prepared to meet the deadline. And, according to a recent SoftwareAdvice.com study, 23% believe upgrading to EMV is unnecessary.
Additional data from a large research firm suggests that almost 50% of U.S. retailers will not be EMV-compliant by the end of 2015. These merchants, just under half of all U.S. retailers, will be in for a rude awakening when they start receiving chargeback bills for fraudulent transactions.
The shift to EMV should significantly reduce in-store fraud for retailers that upgrade their payments processing systems, as the new cards will have an embedded chip that generates a unique token for each transaction, making them extremely difficult or nearly impossible to counterfeit. However, fraudsters will not just throw in the towel and get day jobs, they will simply change their tactics to exploit less secure payment channels.
In many ways, criminal fraud is like running water, when one area is firmly sealed off, it simply flows to the next open gap, which in this case is e-commerce. In the digital world, only the card digits and Card Verification Value (CVV) are used, and chip technology cannot help, which will make digital payments an easier, more lucrative target for fraudsters to target. According to a study by the Aite Group, in Australia, online or card not present (CNP), fraud increased from $72.6 million AU in 2008 to $198.1 million AU in 2011 – a 100 percent increase in CNP fraud in three years following the EMV upgrade. A similar spike occurred in Canada and the UK after each country migrated to EMV terminals.
The same, or worse is expected to happen in the U.S. As the volume of transactions made online surpasses 10% over the next three years, Javelin Strategy & Research predicts CNP fraud will rise exponentially.
With the expected rapid increase of online fraud, the best way to combat this coming threat is to start working on the problem ahead of time. It is important that merchants invest in fraud prevention technologies that adapt to the evolving tactics of criminals.
As we saw with the Target breach, adding new countermeasures to prevent fraud work best when they’re incorporated well in advance. With the EMV shift in October and the holiday season right around the corner, now is the time to upgrade technology to combat the impending rise of e-commerce fraud.
Rurik Bradbury is chief marketing officer at Trustev.