With the holiday shopping season, there is an inevitable dark side — an increase in transactions means an increase in fraud. This is to some extent the cost of doing business; fraud will always be a percentage of overall transaction volume.
However, with the shocking Equifax data breach setting a high-water mark for exposed PII and payment credentials, 2017 has the potential to be a record year for retail fraud.
With heightened awareness of data breaches, amplified by the recent news of Uber exposing 57 million records in a 2016 hack, consumers have a right to be concerned. But will fears of fraud have any material impact on shopping behavior, or will it just be business as usual?
It has been a bumper year for fraudsters, according to data published by ACI Worldwide. Fraud rates have increased 30% compared to 2016 figures, with a couple of notable spikes through the year.
In March, fraud peaked at 2% of transaction volume stemming from a number of bot attacks at several merchants. August and October also have high fraud rates, with data compromise believed to be the driver. According to ACI, identity theft (via data breaches), account takeover (including phishing attacks) and friendly fraud (chargebacks) remain the biggest challenges to consumers and retailers. ACI also predicts that average attempted fraud ticket value (ATV), a retailer’s average sales size by individual credit card, will increase to $215 in 2017 from $210 in 2016. Fraudsters continue to favor electronics and home goods (vacuums, blenders, cookers).
Comparative data are not available for November and December from the ACI research, but there are early signs that the 2017 fraud patterns will continue the same trend through the rest of the year.
According to research published Tuesday by Enigma Software, malware infections spiked 123% over the 2017 Thanksgiving holiday weekend, with the biggest jump of infections (137%) occurring on Cyber Monday. While much of this can be attributed to a greater volume of transactions, Enigma concluded that malware makers are taking advantage of people’s online habits to trick them into clicking on links that will cause infections, with sophisticated phishing attacks appear to be particularly strong this season.
It seems that the Equifax data breach, among others, has struck fear into the hearts of the U.S. shopper.
Combined data from Netsparker and Generali Global Assistance show that online data breaches are a major concern for consumers when it comes to holiday shopping. It would seem that the Target data breach during the holiday shopping season of 2013 is a distant memory — just 22% of U.S. consumers considered brick and mortar data breaches a concern this year.
Other threats are closer to home, literally. Thirty-nine percent of consumers were concerned about theft of packages from their doorstep, highlighting the increase in online shopping, but also that there is no clear solution yet to the conundrum of safely storing packages once they are delivered — despite numerous pilots in the works from Amazon and others to gain access to secure locations such as foyers, car trunks and even the house of the recipient. More traditional forms of crime such as robberies and car break-ins were not considered particularly worrisome.
Over half of Americans (55%) would have more confidence that businesses are actively working to protect their data, and reduce their risk of identity theft or fraud, if these businesses were to offer identity protection services, whether for free or at a cost, according to the survey. Similarly, retail businesses that currently offer identity protection services, or that plan to do so in the future, instill greater confidence in 56% of Americans.
While fears may be rife for cyber fraud attacks, it appears that this is having a negligible effect on the payment behavior of consumers in the U.S.
Credit cards, the intended target for fraudsters, remain the preferred form of payment for holiday shopping. According to Generali Global Assistance, 56% of U.S. shoppers prefer to pay for holiday purchases with credit cards. However, cash still retains a strong second place for shoppers, with just under half of consumers preferring to pay with cash for the holidays. Forty-one percent of consumers prefer debit cards, with just 8% paying by check. Mobile payments, though in their infancy, are expected to be the method of choice by 3% of consumers.
What these findings may point to is that despite significant fears of online fraud occurring, consumers have little choice but to pay for holiday gifts using credit and debit cards since, for the vast majority, these are the de facto way to pay online. There may also be something of a battle fatigue setting in for shoppers, with data breaches being so commonplace that they are essentially background noise.
There is a clear marketing drive to persuade consumers to adopt digital wallets such as Masterpass and Visa Checkout, but for the public at large, awareness is limited.
On the flip side of the holiday transaction equation are retailers, and they too have concerns relating to the flood of fraud and chargeback activity that occurs over the holiday season.
However, this is close to the bottom of their overall list of holiday worries. In a survey of over 1,000 retail brands conducted by BigCommerce.com, fraud and chargebacks were seen as a concern by 21% of those surveyed. This ranks close to bottom, behind a string of far less hypothetical problems such as inventory, shipping rates, advertising costs, meeting customer service needs and online competition. Only staffing requirements ranked lower than fraud and chargebacks, along with the catchall category of “other.”
In retailers' minds, fraud and chargebacks are simply a part of business and something that is, in many ways, beyond their control.
Social media has spawned thousands of ways for individuals to get paid by touting products in videos, photos and blogs, but the payments flow between companies and these so-called influencers can be rocky.
Digital financial services proponent Mobey Forum has added the Payments Expert Group, joining other domains pertinent to its mission, such as open banking, artificial intelligence, data security and digital identity.
Since July, Visa has noticed an uptick in unemployment insurance fraud with prepaid cards being used as a key disbursement vehicle. And the best solution may be rooted in technology, not law enforcement.
If the Senate confirms Trump's nominee for the Supreme Court, it will cement a conservative majority that will likely decide a variety of fintech issues, including the rules digital payment companies have to follow when providing broader financial services.
As the coronavirus pandemic has driven more people to work from home and shop online, the demands on digital, faster payment systems have been heightened — as have the opportunities for fraudsters to exploit them.