As we discussed in a previous article, EMV is here whether or not retailers are prepared for the change. While EMV will reduce credit card present fraud, it’s expected to result in double the amount of card-not-present (CNP) losses by 2018. By making card-present fraud more difficult to get away with, fraudsters will move to online and mobile channels. We’re already seeing extreme increases in online fraud (163%) as early as quarter 3 of 2015.
The consequences of fraud aren’t just monetary. The changing fraud landscape in the wake of EMV migration has the potential to affect different aspects of e-commerce and m-commerce. There are several possible reactions to EMV and the possible increase in CNP fraud on both customer and retailer sides.
For retailers, a possible outcome is increased fear of CNP payment avenues. It can be tempting to look at the expected fraud losses and cower. Unfortunately, fear can drive businesses to increase user friction. This results in customers supplying more information and completing additional authentication steps like security questions or credit card CVV verification. It also might result in choosing fraud detection methods that are more rigid and allow less “good” customers through in order to keep more bad guys out.
On the customer end, a mixed response to EMV chip cards might drive customers to explore simple, innovative payment options like one-click payments through mobile devices like tablets or smartphones. This means customers will be looking for easy, frictionless mobile payments, while retailers are ramping up authentication methods in an effort to deter fraud.
Luckily, the two don’t have to be exclusive. While increased functionality with decreased user friction is traditionally achieved at the expense of fraud security, there is new technology like behavioral biometrics able to circumvent this problem.
Increased Use of Mobile Payments
EMV chip card implementation in the United States hasn’t exactly been a smooth transition. Many retailers (around 60%) are behind upgrading to chip card readers. The mix between chip card readers and magnetic stripe readers can leave customers confused as to which method to use when it’s time to check out.
Customers have to adapt to a new card checkout behavior involving inserting the chip card into a reader. This action is aptly called the “dip.” Some people are complaining of longer checkout times with the dip. The act of verifying a card with a chip reader can take up to 20 seconds. While this doesn’t sound like a lot of time, it is for the modern customer who wants a quick, seamless shopping experience. This has people missing the old, swipe and sign card method.
In response to increased checkout time and chip card woes, experts are predicting mobile payment like Apple Pay and Android Pay will surge. There are also different in-app options like with Amazon and Uber. These technologies represent the next generation of payments, where every customer holds a virtual wallet in his or her mobile device and has the ability to pay for anything with the touch of a screen.
An increase in mobile payments will definitely affect the fraud landscape. As more and more users switch to mobile, they will create a bigger target for fraudsters. The potential for increased mobile fraud will change how retailers approach fraud prevention.
Increased Friction & False Positives
With more mobile customers on the horizon and increased losses from mobile fraud, retailers face a tough situation. They need to satisfy mobile users while reducing fraud losses, but the two often feel exclusive.
In the face of increased fraud losses, companies may add additional authentication methods for mobile payments. These security checks could include typing a code emailed or texted to a customer, signature verification, or credit card CVV verification. The downside to more authentication measures is increased checkout time. This frustrates customers. For many users, more typing and checkout delays are enough to result in abandoned carts. This spells bad news for business profits.
The looming danger of CNP fraud could also mean more manual reviews for transactions or stricter transaction risk rating. More manual reviews means higher costs to train and maintain personnel, in addition to higher false positive rates. For example, where businesses might have approved transactions with a lower risk score in the past, they might switch to manual reviews and train employees to disapprove these transactions. This can deny shoppers who aren’t fraudsters and are just trying to make a purchase. After one denied transaction, many customers never return to a business.
A Better Response
In response to post-EMV migration woes, retailers can implement technology like mobile behavioral biometrics. This uses something inherent in a user (behavior) to tell a good user from a bad one. This results in little friction when used as an authentication method because shoppers aren’t hassled with typing in passwords or even verifying a static biometric such as a fingerprint.
Behavioral biometrics are perfect for strengthening fraud security in the inevitable world of mobile payments. Because behaviors like swipe pattern and finger pressure can’t be stolen like a fingerprint, this method is extremely secure. It’s also affordable and easy to implement for all types of businesses, even small ones. When used to detect fraud, behavioral biometrics results in a lower false positive rate. This equals more happy customers.
In conclusion, the response to increased CNP fraud doesn’t have to be increasing user friction and false positives. It can mean implementing innovative fraud prevention and detection methods like behavioral biometrics.