December 9, 2015
Roberto Valerio, CEO of fraud prevention experts Risk Ident, shared with the LTP team his insights on the issues set to hit online businesses in 2016 and also explained how organizations can combat increasingly sophisticated fraudsters in the coming year.
The year 2015 signified major changes in financial services industry with high-profile breaches across a variety of industries and EMV requirement passed October. The LTP team has been covering EMV implementation through different lenses, including fraudsters shifting their attention to CNP transactions and, in particular, online.
As Risk Ident shared, online fraud was included in the UK Office for National Statistics (ONS) figures for the first time in 2015, revealing that an estimated 5.1 million online fraud incidents occurred in England and Wales over a one-year period. Roberto Valerio pointed out the threats online businesses can expect to encounter in 2016 and how best to prepare for another year of fighting fraudsters:
Online transactions will continue to rise along with fraudulent attempts
Online retail is estimated to be valued at £185.44 billion in the UK alone in 2016. With online shopping gaining momentum worldwide, the question of security is as serious as it has ever been. With more transactions made online due to simplicity and convenience, the Internet has become more attractive to fraudsters.
Increasing sophistication of fraudsters
Another prediction from Risk Ident is that fraudsters will become more sophisticated, mastering new methods of sourcing crucial information about an individual through a variety of channels. Once the criminals have harvested the data, they sell it on the black market online, enabling fraudsters to obtain information to trick or impersonate users for financial gain.
A new wave of post-EMV fraud online
As mentioned, the US liability shift deadline for adopting EMV was in October this year, but there are retailers that are yet to fully adopt the technology along with consumers who are yet to make a transition in their habits. The transition period represents the best opportunity for fraudsters to explore methods to get into bank accounts. The fraudsters will hit European merchants and customers hard as they chase the rewards of online payments.
The death of legacy support systems
Outdated software, whether on the front-end or back-end, makes merchants vulnerable to fraudsters who will have long since discovered the best ways to bypass security methods. Both threats and fraudsters will evolve, enriching and improving tools to break the systems. As fraudsters get smarter, technology has to correspond with the risks. In fact, over half of the merchants only adapt their fraud rules twice a year or less, as reported by Risk Ident, which makes them susceptible to the latest threats.
AI & Machine Learning will come to the fore
AI is a vital part of the fight against fraud to help handle the vast quantity of transactions going through online systems. Supported by data science, machine learning technology helps to intelligent link transactions for a transparent picture of an organization’s online fraud problem, which can then be interpreted and prevented by empowered fraud managers.
All anticipated threats can be addressed by businesses through human and technology intelligence combined. Risk Ident brought an example of device fingerprinting for identification as it helps to identify the source rather than the user, helping to root out the fraudster. The combined analysis of all the sources of customer data with each other also helps businesses to avoid rejecting or deterring genuine customers, while identifying and stopping fraudulent transactions.
Machine learning represents a great opportunity for businesses to help identify a combination of suspicious factors rather than depending on rules alone, as well as utilizing empowered, knowledgeable fraud managers to help flag suspicious activity provides the best defense against fraud.
There is no doubt that fraudsters are ready and waiting to take advantage of the weak online companies’ fraud prevention systems in 2016. As Risk Ident suggested, online merchants need to make sure they can cope with extra traffic and unusual behaviors or risk turning the biggest sales day of the year into the biggest fraud cost of the year.