The Green Sheet Online Edition
January 12, 2015 • Issue 15:01:01
The fight against online payment fraud moves up a level ahead of U.S. EMV rollout
Editor's Note: This article was first published by Retail Fraud on Nov. 17, 2014. Reprinted with permission. © Kount. All rights reserved.
History tells us the "liability deadline" for EMV (Europay, MasterCard and Visa) rollout in the United States will see a surge of fraud online.
Learning from others' misfortune
The rollout of EMV cards in the United States has a deadline of October 2015. This has logistical issues but perhaps more importantly it is likely to prompt a major shift in credit card fraud to card-not-present transactions. As the second largest market for online revenues, when the US moves to EMV technology at "brick and mortar" POSs, we can expect a transition from offline fraud to online channels such as the desktop and mobile, as fraudsters increase their fraudulent activities.
Figures from the UK Card Association show how this occurred in the UK after it adopted EMV technology – a trend that played out in other countries across the world. The difference between then and now though is that e-commerce is now a retail phenomenon. According to eMarketer, over $200 billion of additional spending could flow through CNP transactions globally by 2017, presenting a vast world of opportunity to online fraudsters looking for a piece of the pie.
Responsibility moving up the food chain
The burden of liability no longer rests solely with merchants. For years, they have been responsible for ensuring their customers' transactions are secure. Typically this involves aligning with either a trusted payment service provider (PSP), payment gateway, or hosted pay page (HPP) that works with a fraud prevention leader. The goal is to ensure transactions are secure as well as able to provide crucial information of fraudulent behavior the retailer is experiencing.
However, financial regulators are increasingly linking fraud mitigation and compliance with regulations, which pushes the liability moving up the food chain, extending from merchants to payment choke points.
As well as needing to offer an integrated fraud solution to their customers, online payment processors need greater access to sophisticated fraud tools to protect themselves from regulatory action that could destroy their reputation.
Payment processors are constantly looking for new ways to differentiate from their competitors. Adding services such as fraud mitigation allows them to offer value-added services to their online merchant base, add revenue and increase customer retention.
Value-adding above commoditization
Payment processing fees are becoming commoditized, and a "race to the bottom" on pricing is now the norm. Additional services like fraud can help offset the revenue lost in interchange fees.
As technology becomes more pervasive, accessible and affordable, more 'brick and mortar' businesses are using the Internet as an additional sales channel to increase revenue and customer satisfaction. This includes ambitious SMEs [small and midsize enterprises] who want to be able to grow their businesses and compete in an increasingly crowded space by offering great products at great prices, while providing a great overall customer experience.
Efficient fraud prevention options that suit the business are vital technological tools that can have a drastic effect on business success. The business impact of fraud prevention is often underestimated, but setting rules and thresholds that turn away the fraudsters while allowing legitimate transactions through makes a huge difference to any retailer's bottom line.
Providing fraud mitigation services at the payment processor level can give the end customer a friction-free buying experience.
The problem for merchants is that sophisticated fraud solutions are often expensive, complex and difficult to manage. This presents an opportunity for online payment processors to provide a trusted fraud solution to merchants that reduces fraudulent transactions – mitigating fines or penalties from regulators – while allowing and promoting business.
Integrating this into the payment processing system will help make the process simpler for merchants to configure in a way that suits their business and reduces exposure to payment fraud.
One problem often cited by both large and small online merchants is the IT constraints they face. Smaller merchants do not have access to IT resources, and larger merchants fight for resources with other departments within the business. Integrating a fraud mitigation platform at the payment processor level reduces or eliminates the need for additional IT resources, making fraud prevention available and attainable by all merchants.
Pure-play merchants may be the least prepared
Many "pure-play" e-commerce merchants that do not have an offline presence are unaware of the incoming tide of new fraud when EMV is implemented in the U.S. This new surge in fraud could catch them by surprise and cause havoc.
Forrester expects online retail sales in the U.S. to reach $294 billion by the end of 2014, or approximately 9 percent of all sales in the U.S., while forecasting a yield of approximately $414 billion in online sales (11 percent) by 2018. Fraud always follows opportunity, and with EMV providing an extra layer of security to card-present payments, fraudsters will go after whatever they perceive to be the easiest target. Unfortunately, this often means smaller online retailers who traditionally struggle to provide high-level fraud prevention.
Payments providers that take on the responsibility and liability of secure transactions will benefit from adding value to their offering and increasing their bottom line, ensuring that the EMV opportunists have nowhere left to turn.
Fraud is migrating now – as an industry, we must respond
As evidenced by the rash of recent, large-scale data breaches, fraudsters are faster, more sophisticated and better networked than ever before. Detailed data on financial credentials and personal identities is hitting the market, making fraud reduction more and more difficult. Asking online merchants alone to fight this battle is a weak strategy. Partnering with payment processors and card schemes gives merchants a better chance of mitigating their fraud risk.
At Kount we have seen fraud increase every year. The solution is not to tackle fraud in a draconian way – this will ultimately turn away legitimate customers. The key is to get the balance right. Online commerce is massive for our industry, and for the global economy it is imperative that we allow all legitimate trading to happen and stop fraud at the same time. This needs to be a collaborative effort from all parts of the payment chain and tackling fraud at the top of the chain (PSPs, banks and acquirers) will make the most difference.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.