One of the drawbacks of survey-based data is that, invariably, it focuses on a single audience. In the banking and payments domain, this typically falls into one of three groups — consumers, financial institutions and businesses. Therefore, a comprehensive view of the landscape is usually not available.
However, in recent weeks three surveys have been released that assess the U.S. fraud landscape across all of these audiences. Conducted in similar time frames, these reports provide a holistic snapshot of where payments fraud in the U.S. is today.
Released this week, the 15th annual identity fraud study by Javelin Strategy and Research provides a picture of the consumer fraud experience, based on a survey of 5,000 U.S. adults. Given the longevity of the study, there are valuable trends that can be ascertained across a wide variety of fraud categories.
The first of these to note is that fraud is growing for the third straight year after a significant drop between 2012 and 2015, costing consumers $16.8 billion in 2017. What may be more alarming is the incidence of fraud among U.S. consumers — this has risen to 6.64% of consumers in 2017 from 6.15% of consumers in 2016, the highest rates since 2011. With the massive Equifax data breach in 2017 bringing fresh PII into the public domain, it can be expected that this figure will only rise.
Focusing on the dynamics of online and offline card fraud, it would appear that the shift to EMV has had a material impact on fraud at the point of sale (POS). Card-present fraud was growing year on year from 2012 until 2016, when it reached 2.4% of consumers experiencing a misused card. However, in 2017 it took a downturn, dropping to 2.1% of consumers.
On the flipside, card not present (CNP) fraud has been growing since 2014, with a particularly aggressive uptick between 2015 and 2016, to 3.4% of consumers from 2.4% of consumers. The trajectory decreased slightly in 2017, but it still reached an all time high of 3.8% of consumers experiencing CNP fraud.
It can be expected that the continued clampdown on card present fraud via EMV’s increased penetration in retail and expansion to ATMs and gas pumps, combined with the ever increasing volume of online transactions, will mean that CNP will continue to rise this year.
One alarming shift that has been notable between 2016 and 2017 is in new accounts fraud. While credit card fraud remains the largest category, it has reduced to 26% from 30% in the past year. While this is something of a silver lining, there remains a significant cloud in the expansion of new accounts fraud into every other category.
From new mobile phone accounts to personal loans and even mortgages, there has been a significant uptick in fraud. While fraudsters may be altering their modus operandi in the wake of tightening card fraud prevention measures, undoubtedly much of the new fraud occurring can be attributed to data breaches and the eye of the storm — Equifax.
Shifting focus from consumers to financial institutions, this week the Federal Reserve Bank of Minneapolis released a report based on a survey of 283 FIs conducted during July and August 2017.
From a financial institution perspective, the most prevalent type of fraud was debit. Signature debit was recorded to have the highest incidence of fraud, with 96% of institutions reporting losses in this category, closely followed by 81% of losses occurring with PIN debit. Credit card fraud resulted in losses for 77% of FIs. Check also remains a pervasive fraud channel — 74% of FIs reported losses in this category.
Notably, ACH and wire fraud remain relatively low in the U.S. It will be interesting to track whether these categories' fraud dynamics change with the introduction of same day ACH.
For FIs, debit is not only the largest fraud headache, but it is growing.
When asked whether fraud had increased since 2016, 63% of FIs reported that signature debit fraud had increased and 50% reported that PIN debit had increased. Credit is notably lower than debit, with just 41% of FIs reporting an increase in credit card fraud — the difference in debit and credit possibly attributable to credit card portfolios moving to EMV more quickly than debit card portfolios.
FIs were also asked what is impeding better fraud prevention.
FIs cited an overall lack of budgetary resources — the cost of implementing detection tools (55%), lack of staff resources (48%) and availability of tools needed (33%) were all seen as impediments to better fraud management.
Other handicaps were primarily around access to information — consumer data privacy restrictions (48%), access to shared information on fraud schemes across the industry (44%) and corporate reluctance to share information (28%) were all determined to be restricting fraud prevention.
Focusing on the fraud experience of U.S. businesses between September 6, 2017, and October 4, 2017, IDology deployed an online survey across several industries, including financial services, health care, insurance, e-commerce, age-restricted commerce and more. The survey generated 77 respondents.
As with consumers and FIs, businesses also cite card fraud as the most prevalent type of fraud — 65% of businesses surveyed stated that card fraud was prevalent in their industry.
However, account takeover, synthetic identity fraud, information theft and phishing were determined to be prevalent by a significant number of businesses — a trend likely attributable to fraudsters shifting their attention to PII and away from stolen card accounts. Lesser problems included mobile fraud and check fraud, presumably due to relatively low levels of usage by consumers in both categories.
Fraudsters are also flying below the radar, with the majority of fraud attempts being less than $1,000 to avoid red flags — nearly two thirds of fraud attempts were under $1,000.
However, there is also a sweet spot for fraudsters between $10,000 and $35,000, with 11% of businesses stating that they had experienced fraud attempts within this range.
From a business standpoint, the greatest problem with fraud prevention is the ever-changing tactics of fraudsters — 71% of businesses cited this as one of the biggest challenges.
However, their customers were seen as a significant cause in the inability to manage fraud. Forty-six percent of businesses stated that lack of customer awareness of fraud was major challenge, and 40% stated that customers' antipathy to increased effort or friction in fraud prevention was a hurdle to better management of the problem.
Other notable impediments were more internally facing, including insufficient resources (29%), organization silos (22%) and internal lack of awareness of fraud (17%).
Digital workforce collaboration apps like Slack are hot acquisition targets, particularly for a company like Salesforce, which needs to compete with enterprise technology companies while making it easy for its clients to execute an "invisible payment" that's embedded in cross-selling and marketing.
High profile companies like Facebook, Square and PayPal have brought attention to using cryptocurrency for payments — but speed is more important than buzz in getting stores to view crypto as tender, according to a group of developers who are building connections to merchants.
Moscow-based JSC Post Bank has established a merchant acquiring agreement with JCB International to allow JCB cardholders to withdraw cash from all of the bank's ATMs and make payments at Post Bank point-of-sale terminals in Russia.