March 2016 Cyber Security Concerns

Each month, we’ll help you navigate the emerging trends and forecasts for card-not-present (CNP) merchants with (what we think) are the best pieces of advice from Verifi, as well as from across the web. We promise to keep this newsletter short and sweet, so let’s get started!

Question of the Month

What’s the forecast for post-EMV CNP fraud, how is mobile shaping payments and what’s the deal with Millennials?

This month, we’re looking at Millennials and how this large and in charge generation of consumers is shaping the payments industry. Given their inclination to use mobile to pay, there are key things merchants need to know to keep mobile payments safe. We’ll also explore the post-EMV payments world and what it means for CNP fraud.
Spoiler alert: EMV caused CNP fraud to skyrocket overseas and there are some valuable lessons for US merchants to learn from that experience. [Tweet This]
Payments post-EMV isn’t all bad news, though. EMV ushered in increased popularity of mobile proximity payments, thanks to NFC technology that comes in most EMV-ready terminals to which merchants upgraded. We’ll explore how mobile payments and loyalty programs require ease-of-use and convenience to convert shoppers. Finally, we’ll take a look at the top cyber security concerns of 2016 and how merchants can remain compliant without breaking the bank.
The millennial generation, which includes people born between 1981 and 2005, is bigger than the Baby Boomer generation. Additionally, it’s proving to have more financial influence. This generation is extraordinarily tech-savvy and live almost entirely through digital means. As such, they are helping to shape the world of payments, namely mobile payments – the preferred method of payment for this generation.
Millennials love instant gratification and have a natural inclination toward mobile payments thanks to the convenience it offers. Millennials prefer to ditch the cards and cash for payment via smartphones, which can be conducted anywhere quickly and negates the idea of carrying a physical wallet.  A JWT study showed that 44 percent of millennials surveyed preferred mobile over cash as the way to pay. [Tweet This] Almost 50% said they’d be willing to connect mobile wallets & payment info to a wearable device.
CNP fraud is slated to skyrocket to $7.2 billion by 2020, according to Aite Group. There is no coincidence that this is happening after the EMV implementation. Overseas, the U.K and France saw a 100% and 360% increase in CNP fraud respectively after migrating to EMV.
To combat this fraud, merchants will need to employ a multi-faceted approach to security and fraud prevention. This includes protecting transaction data, preventing avoidable chargebacks, mitigating online fraud and cyber security concerns and recovering revenue from chargebacks that can’t be avoided. Multi-layered authentication is critical; in a given year, 25% of companies are impacted by data breaches. [Tweet This] While increased fraud and reputational damage are a given result of data breaches, merchants should be aware of the increased chargeback risk as well. In 2014, someone became an identity fraud victim every two seconds. This increase in identity theft results in a rash of chargebacks further downstream after the identities are sold on the black market and used to make fraudulent purchases.
While this generation will continue to shape payments and forge new technologies to the forefront of the industry, it also comes with added security concerns for merchants. This generation – while tech savvy – is also security lazy and puts sensitive data at risk more often and more frequently than other generations.
Loyalty programs aren’t what they once were. In fact, Today, less than one third of consumers let loyalty programs drive their retailer preference – down 13% over the last 5 years.  Less than half say they even redeem loyalty rewards when they shop.  Fewer than half say that they even use their loyalty benefits when they shop.
As consumer behavior has transitioned from in-store to online to mobile, their loyalty habits have changed. Merchants who have loyalty programs should be adapting to updated consumer shopping habits and preferences.  Mobile means smaller screens and consumers on-the-go. Subsequently, merchants need to adapt the mobile checkout process to be efficient, convenient and void of unnecessary friction without sacrificing security.
Thanks to EMV, mobile proximity payments have gained traction as most of the EMV-capable terminals that merchants upgraded to are also NFC-capable. NFC is the technology behind mobile wallets. It’s predicted that loyalty will be a large driving force behind the continued adoption of mobile wallets – and vice versa. Businesses that integrate robust loyalty offerings into their mobile wallets will likely see an uptick in the number of consumers adopting mobile payments for in-store purchases.
Trustwave Holdings Inc. recently released its 2016 Security Pressures Report illustrating the results of a survey of in-house IS professionals and the pressures they face in mitigating cybersecurity threats both in the U.S. and abroad. Below is a snapshot of the top cyber security concerns:

  • 65% of professionals surveyed expect greater pressure to secure the organization in 2016 as compared to 2015 [Tweet This]
  • 58% of those surveyed believe external sources pose the greatest threat to security and 41% say internal sources pose the greatest threat to security [Tweet This]
  • Of the IS professionals surveyed, 44% said they face pressure to adopt cloud-based technology in 2016 [Tweet This]
  • The second-highest technology IS professionals feel pressured to deploy is Internet of Things, with 17% feeling pressure to adopt in 2016 [Tweet This]

Because any merchant storing card holder data must follow PCI DCC Compliance regulations, online merchants must take special precautions when handling sensitive cardholder data. Becoming and remaining PCI compliant is expensive – but failing to protect sensitive data and becoming the victim of a breach is even more expensive. Merchants must find the right balance of security, convenience and profitability to ensure they protect payments while turning a profit.

 Parting Words

Despite post-EMV hiccups and CNP fraud ripples, there are some positive things happening in the world of payments. Millennials will continue to drive new payments technology and increase adoption of both mobile and wearable payments, creating more opportunity on these channels. This increased activity may even spur new and improved loyalty programs for merchants inclined to get ahead of the game and adapt to changing shopper preferences. Finally, security remains a top priority for merchants. Striking a perfect balance between conveniences, security and profitability will be a key priority in 2016.
Ask us how our Cardholder Dispute Resolution Network (CDRN ™) can help prevent and STOP chargebacks before they happen as well as provide a feedback loop to inform your front-end fraud control tools. Since chargebacks cannot be completely avoided, our Chargeback Revenue Recovery service provides representment expertise so you don’t leave money on the table. We’ll help you decide when to fight and when to walk away, so you can focus on what’s most important – running your business successfully.
Don’t forget…you can now download our updated ebook: What Every Card Not Present Merchant Should Know: Navigating Today’s Challenging Payment Ecosystem? Get it now!
What are your thoughts? Ping us on Twitter (@verifi) with #paymentstips and let us know what you think.