Online transaction fraud is expected to reach $25.6 billion by 2020, up from $10.7 billion last year, according to Juniper Research. This means that by the end of the decade, $4 in every $1,000 of online payments will be fraudulent.
The implementation of CHIP and PIN services at POS (Point of Sale) locations in the US is likely to be a key factor driving activity in the online fraud space. The greater security afforded by CHIP and PIN would persuade fraudsters to switch their attention from the in-store environment to the CNP (Card Not Present) space.
The new study identified 3 hot areas for online fraud:
- eRetail (65% of fraud by value in 2020 – $16.6 billion)
- Banking (27% – $6.9 billion)
- Airline ticketing (6% – $1.5 billion).
The study also claimed that eRetail would be particularly susceptible to online fraud, with the value of fraud in this sector increasing at twice that of banking and seven times that of airline ticketing. The research highlighted two key areas for fraud within eRetail: ‘buy-online, pay in-store’ and electronic gift cards.
It argued that the continuing migration to online and mobile shopping, of both digital and physical goods (reaching over $1.7 trillion in 2015) will provide a further incentive for fraudsters to focus their attention on these channels.
Countermeasures provide only temporary respite
Meanwhile, the research claimed that although banks are able to counter online banking fraud by deploying new technologies such as 3D-Secure and device fingerprinting, these measures often only provide temporary respite as fraudsters quickly find new ways to defraud.
Similarly, while extensive efforts by the airline industry to deploy sophisticated Fraud Detection and Prevention (FDP) systems has reduced fraud significantly for some major airlines, this industry has also seen fraudsters shift their focus to other perceived weak spots in the system.
“A few larger airlines claim that they have reduced eTicket sales fraud to less than 0.1% or 10 basis points of revenues” said research author Gareth Owen. “When thwarted, however, fraudsters quickly move on to easier pickings such as frequent flyer fraud, for example.”
“Just like we are moving away from static passwords as the sole means of verification, so must credit cards and Card Verification Values (CVVs) when making online purchases. Fraud can be dramatically reduced if a dynamic verification value is used instead of the static CVV. This dynamic card verification technology is available today on credit cards and mobile. It will bring a high level of trust between the vendor and the consumer who is making the purchase. In order for banks to ensure consumers continue to spend using their credit card, they must show them protecting their data is their number one priority,” Hakan Nordfjell, SVP of eBanking and eCommerce at Gemalto told Help Net Security.