Last week, a software firm FICO released an interactive map of European card fraud, which reveals the UK saw Europe’s largest annual jump in card fraud losses for 2015. Most of the 18 percent rise in losses came from online transactions, reflecting the growth in this channel, the ease of accessibility to funds and lower risk for criminals, and the theft of personal data through cybercrime. The online map, based on data from Euromonitor International, shows that card fraud rose in 10 of the 19 countries studied, with Greece, Denmark, France and Russia posting the highest rises after the UK.
The rise in UK card fraud equates to an additional £88.5 million lost. Some 75 percent (£66.7 million) of that increase was in card not present (CNP) fraud, and £42.4 million of CNP fraud came from e-commerce. The UK contributed about 43 percent of the total card fraud losses across the 19 European countries studied.
Why was the UK’s rise so steep? FICO fraud consultant Martin Warwick, who provided the commentary in the map, said that the increased rate of personal data compromised through data breaches was one likely cause, but that customer expectations for a seamless purchasing experience also had an influence.
“We cardholders are very demanding, and if we don’t get what we want then we let people know in the form of reviews and feedback, not to mention switching cards,” Warwick said. “Banks want to avoid intervening unnecessarily when customers are shopping on the internet. E-commerce spending in the UK has nearly quadrupled since 2007, so you see why this is such a target for criminals.”
More Analytics and Better Authentication Needed
Card fraud losses across the 19 countries were 10 percent higher than in 2014. CNP fraud was the dominant fraud type.
“This isn’t surprising, as Europe pushed criminals towards CNP with the rollout and success of chip & PIN at point-of-sale,” said Warwick. “The digital revolution also fuelled this migration, creating an online funds kitty that is just too tempting for criminals.”
Martin said the financial services industry will either have to find a way to make data useless to criminals, or make more use of fraud detection analysis. “FICO has introduced innovative analytics to try and make card fraud detection as painless as possible for the customer and still detect more fraud,” he said. “These include merchant profiling, adaptive analytics, behaviour-sorted lists and collaborative profiling.
“When executive dashboards in either retailers or card issuers start flashing red in terms of unacceptable fraud losses, change will have to take place”, Warwick added. “With the underlying trend being fuelled by compromises of personal and payment data, banks will find increased pressure to control the increased attack on how they identify and verify (ID&V) customers when they call in to customer services teams.”
As a share of total card payments for the researched markets in Europe, total value lost to fraud declined from .08% to .06% from 2010 to 2015 reflecting innovation in card payment security. However, the method of value lost to fraud is shifting to target the transition to online retailing.
“The UK, Denmark and France were among the markets where the value lost to fraud as a share of total card payment value did not decrease, and will benefit the most from additional security measures for card payments, and additional investments from merchants and issuers” said Kendrick Sands, Senior Analyst – Consumer Finance at Euromonitor. “The further projected increase in online payments over the forecast period suggests additional security measures will be required throughout Europe. While the decline in counterfeit cards has been significant from uniform EMV adoption, there has yet to be a similar effort to secure the online space. If greater security measures are not adopted to combat card not present fraud, the broader advance of card payments over paper alternatives could be negatively impacted.
“Following the Russian Federation’s more than 500 percent increase in total card payment value came a 130 percent increase in total value lost to fraud from 2010 to 2015,” Sands added. “For a market that has made the transition of consumer payments from paper to card and electronic alternatives a priority in recent years, increasing the security of transactions must remain a priority to increase consumer confidence in payments.”
The Guru reached out to NuData Security, an award winning behavioural biometrics company and fraud mitigation specialists, to get their thoughts on this report. Robert Capps, vice president of business development at NuData said “We’re saddened but not shocked to see these findings. Coupled with the data that cardholders have very high expectations, that they aren’t willing to change their habits when it comes to password security, and tech savvy users are the most likely targets, FI’s and e-retailers are being increasingly pressured to step-up their game in when it comes to online authentication. In fact, the pressure seems to be all on them.
In this study, the fact that fraud losses climbed 18% in one year in the UK is a sad state of affairs for consumers who can often bear the brunt of the costs (especially with regard to account takeover and new account fraud). It’s absolutely no wonder that consumers are pushing back on companies to improve security, holding them accountable for it, yet still want to have a good experience going through the gates.
With the incorporation of the EMV chip into cards, there is now no doubt that fraudsters have migrated online where the field is greener, especially since so many merchant and financial institutions are still using end-point authentication methods that just don’t provide a confident verification of the genuine user.
We can move beyond single-point solutions that are so obviously failing. The end game has to be customer satisfaction, as it should be. Companies should never have to put process and security above customers, and there are now tools on the market that can verify users by their own natural behaviour. That should be where we start and finish.”