hands-coffee-smartphone-technology.jpg

securedtouch blog

What EMV Migration Means for Mobile Fraud

What EMV Migration Means for Mobile Fraud

May 3, 2016

There seems to be a black cloud looming on the horizon. Its name? Europay, MasterCard and Visa, otherwise known as EMV.

If you don’t already know, credit card companies started rolling out EMV chip cards last year in the United States. Retailers were expected to switch over to EMV card terminals by October 1st 2015, or face possible fraud liabilities. This means retailers are now expected to pay for counterfeit card fraud, rather than card issuers.

This migration has been a highly contested issue in the commerce world. Some say it’s an important step to stopping fraud, while others argue it will merely shift the fraud landscape. While these cards have been used in Europe for a decade, card companies and retailers in the United States have lagged behind.

Not anymore. EMV chip cards are here and here to stay. With them comes a projected doubling in card not present (CNP) fraud losses by 2018, amounting to a whopping $6.4 billion. Fraudsters currently targeting credit card fraud are expected to move as opportunity does, meaning they’ll start targeting online and mobile channels. This increase mirrors what happened in Europe and Canada after EMV implementation.

 

U.S. expected CNP fraud losses U.S. expected CNP fraud losses

Whether or not CNP fraud actually reaches this number in the U.S., it’s still a possibility. Businesses that aren’t prepared could end up with enormous fraud losses. Before business owners and fraud advisors start shaking in their boots, here’s some good news.

There is hope for fighting fraud with new technology like behavioral biometrics. It’s scalable for small and large businesses, affordable, and effectively stops fraudsters, all without increasing customer checkout time. Secure, friction-less, and perfect for fighting post-EMV migration CNP fraud.

The Rise of Mobile Payments

The EMV migration in the U.S. hasn’t been a smooth nor complete transition. There have been several hold-ups in the process. First, not every customer has swapped their old swipe card for a new chip card.

What’s more apparent is the lag of retailers implementing chip-card technology. Nearly 6 months after the official migration, less than 40% of retailers are equipped with terminals to read chip cards.

account-1778_640

This is due to a number of things. First, upgrading payment terminals can be expensive, especially for small businesses. Other businesses don’t believe their fraud rates are large enough to warrant spending the money over paying for potential fraudulent charges. Even more, the transition time for retailers working with payment companies can be lengthy.

There is also the issue of popular mobile card readers like Square, which don’t yet incorporate EMV technology. This, and the cost issue, leaves about 40% of businesses unable to make the EMV shift at the moment.

EMV cards are also frustrating customers experiencing significantly longer checkout times. Swipe and sign is quick, but inserting a chip card into a terminal and waiting for it to validate is not always. Increasing checkout time increases user friction. This has the potential to drive more users to quicker, low-friction options like online and mobile one-click payments.

uber_app

It’s no debate that purchases using mobile devices like smartphones and tablets are surging. While mobile technology becomes increasingly more advanced, more users are finding it appealing to use their phones to shop or bank. Total mobile sales are expected to exceed $100 billion by 2017. This represents a huge opportunity for businesses that can leverage this platform.

Unfortunately, hopping onto the mobile train comes with a risk. Many existing controls for desktops lack the ability to successfully fight off fraudsters via mobile devices. In the race to provide a flawless user experience, many mobile apps and operating systems are sacrificing fraud prevention. This leaves customers unprotected and retailers footing the inevitable bill for fraudulent purchases.

Protecting Against Mobile CNP Fraud

As of September 2015, around 40% of large businesses were EMV compliant. By the end of 2015 70% of credit cards in the U.S. had EMV chip cards.

A recent report by PYMNTS and Forter shows total ecommerce fraud attacks more than doubled between the first and third quarters of 2015. In addition, attacks on digital goods businesses, which exist entirely in the online CNP world, increased 163% between the two quarters.

 

2016-03-25_15-15-07 From PYMNTS Global Fraud Index

 It’s hard to determine whether increases in mobile fraud are due to EMV migration or more mobile purchases, although it’s highly likely EMV played a role based on predictions.

This means retailers must keep up or face an uncertain future. For small online businesses, fraud losses can significantly affect their health, even causing some to close their (figurative) doors. This is even more significant given the fact that mobile fraud costs retailers significantly more than online fraud.

Instead of reducing mobile payment options and losing an important revenue stream in the process, businesses should invest in innovative solutions designed to protect consumers and retailers from CNP fraud. Behavioral biometrics is able to solve this issue. This method is based on unique identifiers of a fraudster related to behavior, something they can’t easily mask. This means it can successfully prevent mobile fraud while also decreasing user friction. When used as a fraud detection method, it decreases false positives.

EMV migration is a complex issue with people on both sides. Some consumers and retailers love the new chip cards, while others don’t. One thing is for sure: EMV is bound to stir up the payment landscape, potentially driving more fraudsters online. If customers increase mobile payment use in reaction to EMV migration, this could contribute to the mobile fraud increase.

When one type of fraud (i.e. credit card fraud) becomes more difficult, fraudsters move to the next opportunity. They won’t wait for businesses to catch up.

Recent Posts

Ask The Experts: The Future of Banking & FinTech in Light of PSD2, Part 1
The Digital Officer’s Guide to Mobile Fraud Detection
Fighting Mobile Banking Fraud with Continuous Authentication
The Digital Officer’s Guide to Multifactor Authentication
Best Practices to Identify Compromised User Credentials

Follow Us