CNP fraud a clear and present danger, Juniper warns

U.K.-based Juniper Research projects $130 billion in card-not-present (CNP) fraud over the next five years, largely driven by seasonal opportunism and emerging mobile and real-time payments schemes. Mass migration to new payment methods without advanced authentication and risk management protections will lead to catastrophic outcomes, researchers noted.
Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2018-2023, warns that a wholesale rush to innovation is a rush into the arms of awaiting fraudsters and criminals who stand ready to steal identities and wreak havoc on global economies. Without sufficient risk-based protection methods, faster payments will simply lead to faster fraud, according to the report.
“The real-time nature of instant payments will require the implementation of real-time fraud protection,” Juniper researchers wrote. “Any move from a batch-based transfer scheme to one that handles individual transactions will inevitably require investment to prevent new fraud from occurring.”
Multilayered security
Juniper researchers additionally found that criminals are using mobile and real-time approaches to identity theft and data compromises. They claim that as attack vectors shift from the dark market to social media platforms, cybercriminals are hiding in plain sight, flaunting their wares while believing law enforcement has more important crimes to investigate.
Research author Steffen Sorrell pointed out that retailers have not fully embraced multilayered forms of fraud prevention. He believes that fraudsters are capitalizing on the CNP merchant community’s relatively low fraud detection protection (FDP) spend.
Chris Marchand, vice president, business development at Verifi, agreed that a multilayered approach to security is the best defense against high-tech forms of CNP fraud that exploit flaws and vulnerabilities in technology platforms.
“It’s not surprising that Juniper Research came to this conclusion about retailers’ future CNP losses due to fraud,” Marchand said. “While this study focused more on online CNP fraud, it’s important for merchants to recognize that CNP fraud is not confined to online sales. Any transaction during which the customer with their payment card is not present is at risk for CNP fraud.”
Think outside perimeters
Marchand urged merchants to protect their complete environments with multilayered technologies designed to validate, authenticate and verify credit card details. This includes not only online sales but telephone and mail-based transactions, he stated.
Suresh Dakshina, president at Chargeback Gurus Inc. concurred, stating, “As merchants adopt new, faster CNP payment systems, they also need to be aware of new fraud prevention tools. Fully automated systems may reduce time spent on manual reviews but can also drive up false decline rates, so a business need to find a fraud prevention solution that meets their specific needs.”
Dakshina recommended applying the following criteria when evaluating fraud prevention tools:

  • Cost– Is the cost of the solution appropriate for the problem it’s solving?
  • Resources– How much management time and expertise is needed to manage fraud?
  • Effectiveness– Can you measure the success of the fraud tool in terms of ROI?

While 3-D Secure (3DS) only achieved 3 percent adoption in North America, Juniper researchers are optimistic that 3DS 2.0 will address former shortcomings when implemented in key ecommerce venues. “The new standard focuses on adopting a risk-based strategy which should render 100 percent challenge rates obsolete where it is implemented,” they noted.
Juniper analysts project $9.6 billion in annual FDP solution spend by financial institutions and payment service providers by 2023. They also expect increasing adoption of open banking systems and instant payment mechanisms to lead to a heightened appreciation of FDP features and benefits.
This article first appeared on The Green Sheet on January 3rd, 2019.