The US has the third-highest card fraud rate in the world Source: BI
This story was delivered to BI Intelligence "Payments Briefing" subscribers. To learn more and subscribe, please click here.
On average, 30% of consumers globally have experienced card fraud in the past five years, according to new data from ACI Worldwide.
Even more, 14 out of 17 countries studied saw an increase in fraud between 2014 and 2016. But the US is one of the hardest hit — the country, which saw 47% of consumers experience fraud, has the third-highest rate of fraud worldwide, and was the only country to remain in the top three from 2014 to 2016.
Consistently high US fraud is likely due to two key factors. Because card spend in the US is so high, fraud rates in the country are likely to be high, according to the ACI study. But two ongoing issues exacerbate US card fraud in particular:
        Lagging EMV adoption: Once implemented, EMV will vastly improve the security of card-present transactions. But just 2% of US card-present transactions were EMV-compliant in 2015. That’s because, on the issuer end, it’s costly and time-consuming to upgrade all customers to chip cards, which has slowed down the process. And on the merchant front, a bottleneck in certification and installation has prevented merchants from switching on EMV terminals, which has delayed their ability to accept chip card transactions. That means fewer transactions are secure, which could lead to increased fraud.
        Growing e-commerce fraud: But at the same time, digital shopping is increasing — BI Intelligence forecasts that e-commerce will grow to $632 billion by 2020, up from $303 billion in 2014. And as the EMV migration accelerates and begins to improve in-store payment security, fraudsters will shift focus toward e-commerce sites, which could contribute to overall fraud growth
But as these issues persist, issuers could begin to feel a financial burden.
        Customer trust and loyalty decreases following a fraud incident. In the US, just 6% of customers change financial institutions following fraud incidents. But up to 30% of users opt to use cash or an alternative payment method following a card fraud incident.
        If it continues on a large scale, that could impact costs for card providers. That's because when fraud does occur, it's expensive — credit card fraud cost issuers roughly $9 per card issued in the past year, for example. That, combined with the consequences from shifting trust and loyalty, like decreased card usage or required investments in new customer acquisition and brand reputation, could rack up costs for these providers.
Fraud cost U.S. retailers approximately $32 billion in 2014, up from $23 billion just one year earlier. To solve the card fraud problem across in-store, online, and mobile payments, payment companies and merchants are implementing new payment protocols that could finally help mitigate fraud.
John Heggestuen, senior research analyst for BI Intelligence, Business Insider's premium research service, has compiled a detailed report on payment security that looks at how the dynamics of fraud are shifting across in-store and online channels and explains the top new types of security that are gaining traction across each of these channels, including on Apple Pay.
Here are some of the key takeaways from the report:
        EMV cards are being rolled out with an embedded microchip for added security. The microchip carries out real-time risk assessments on a person's card purchase activity based on the card user's profile. The chip also generates dynamic cryptograms when the card is inserted into a payment terminal. Because these cryptograms change with every purchase, it makes it difficult for fraudsters to make counterfeit cards that can be used for in-store transactions.
        To bolster security throughout the payments chain encryption of payments data is being widely implemented. Encryption degrades valuable data by using an algorithm to translate card numbers into new values. This makes it difficult for fraudsters to harvest the payments data for use in future transactions.
        Point-to-point encryption is the most tightly defined form of payments encryption. In this scheme, sensitive payment data is encrypted from the point of capture at the payments terminal all the way through to the gateway or acquirer. This makes it much more difficult for fraudsters to harvest usable data from transactions in stores and online.
        Tokenization increases the security of transactions made online and in stores. Tokenization schemes assign a random value to payment data, making it effectively impossible for hackers to access the sensitive data from the token itself. Tokens are often "multiuse," meaning merchants don't have to force consumers to re-enter their payment details. Apple Pay uses an emerging form of tokenization.
        3D Secure is an imperfect answer to user authentication online. One difficulty in fighting online fraud is that it is hard to tell whether the person using card data is actually the cardholder. 3D Secure adds a level of user authentication by requiring the customer to enter a passcode or biometric data in addition to payment data to complete a transaction online. Merchants who implement 3D Secure risk higher shopping-cart abandonment.
In full, the report:
        Assesses the fraud cost to US retailers and how that fraud is expected to shift in coming years
        Provides 5 high-level explanations of the top payment security protocols
        Includes 7 infographics illustrating what the transaction flow looks like when each type of security is implemented.
        Analyzes the strengths and weakness of each payment security protocol and the reasons why particular protocols are being put in place at different types of merchants.
To get your copy of this invaluable guide, choose one of these options:
        Subscribe to an ALL-ACCESS Membership with BI Intelligence and gain immediate access to this report AND over 100 other expertly researched deep-dive reports, subscriptions to all of our daily newsletters, and much more.
        Purchase the report and download it immediately from our research store.
The choice is yours. But however you decide to acquire this report, you’ve given yourself a powerful advantage in your understanding of payments security.
| }
|