By Mick Oppy, VP Financial Institution Products at Vantiv
What we know to be true today is not going to change – and that is growth in fraud and attacks on the payments system are not going away. When attempting to combat fraud, think about layers – of people, technology, and processes that have to be in place to keep up the good fight.
Though there continues to be a forecast that card present (CP) fraud will decrease significantly through 2018, we anticipate that card not present (CNP) fraud will continue to grow, with some estimating as much as a 50% increase in incidents. Why? Well, fraudsters are getting more sophisticated, improving their technology and keeping in step with the security we’re all trying to put in place.
I get asked all the time, what about EMV? Wasn’t that supposed to stop CNP fraud? The short answer is yes. We have seen a significant slow-down in fraud with the continued adoption of EMV on both the issuer and merchant side. EMV definitely mitigates CNP fraud and we reap those benefits; the counter to that is that we continue to see more attacks on CNP payment scenarios.
But it can’t just be EMV. There is Tokenization, 3D Secure, and others. You need to think in terms of “and” instead of “or” when considering the players and layers needed to help combat fraud. Tokenization and 3D Secure are both needed in your fraud strategies.
Tokenization can be used to encrypt a card number so that it’s obscured in the payment stream. Cards at rest and cards swiped through POS systems at merchants are immediately tokenized through to that redemption on the issuing side. It’s the same with EMV – as long as both sides have a tokenized payment system, we can leverage that to hide primary account numbers (PANS) and magnetic stripes so they can’t be duplicated or stolen.
Some will agree, 3D Secure used to be tricky in terms of enrollment and how it worked. New mandates and technologies for 3D have really begun to allow for a more seamless cardholder experience. It will take about 18 months, but with use of 3D we will see upwards of 5-8% of transactions being triggered as a possible fraudulent event. That might feel like a low number, but again, fraud prevention is a layered process.
Cardholders want instant gratification and engagement and it’s difficult to limit them in the ways they want to use their cards. So when we look at fraud prevention, we need to look across all payment channels and say ‘okay, in this channel, here are the 4 to 5 ways we’re going to minimize that risk’ – but you have to understand that you’re also going to need to take some of that risk.
As many of these payment options are still in the adoption phase (and used at a relatively low percentage compared to the number of all consumers) now is the time to take risks in fraud prevention strategy. I don’t think any single channel will over-expose a financial institution – security remains at the forefront for both merchants and issuers. I’m excited about where the industry is going in terms of securing these new channels!
Hear more from Mick in our three-part podcast series, starting with “Close the Gap on Credit Card Fraud.” Listen as Mick sheds light on what’s being done to combat fraud currently and what’s on the boards for the future. It’s a topic you won’t want to miss!