A study from Juniper Research found that eCommerce merchant losses to online payment fraud will exceed $25 billion in 2024. This is from just $17 billion in 2020, despite the ongoing implementation of SCA (Secure Customer Authentication) in Europe.
The new research, Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2020-2024, found that the popularity of eCommerce and increased card-present security with the introduction of EMV, have made eCommerce payments a compelling target for fraudsters.
EMV stands for Europay, MasterCard, Visa. It is the global standard for chip-based Debit and Credit Card transactions. It is a joint effort between Europay, MasterCard and Visa to ensure security and global acceptance so that MasterCard and Visa Cards can continue to be used everywhere.
The research highlighted that eCommerce merchants outside Europe must adopt similar measures to SCA, including two-factor authentication. Otherwise, non-European merchants will suffer from increasing levels of sophisticated fraud. Payment gateways will be vital to ensure that these security requirements are implemented at scale.
Juniper notes that fraudsters are getting more innovative. New methods of fraud are being developed to support new and emerging technologies. In doing so, the fraudsters’ toolkit becomes ever-more sophisticated. Attacks are often multi-part, drawing in the social as well as the technical to execute fraud.
Key trends in online payment fraud
The report notes that fraud focusing on the CEO or other company executives is blossoming, adding a new string to the fraudsters’ bow. So-called BEC (Business Email Compromise) is also flourishing. In addition to more sophisticated methods such as fraudulent calls impersonating important people at organisations. The types of frauds also thriving ranges from the traditional identity fraud, accounts takeover, phishing and the use of Botnets, to newer forms of fraud. For example, Pharming – where fraudsters re-directs website traffic to an illegal site where customers unknowingly enter their personal data.
The human factor
Juniper highlight the importance of human behaviour in facilitating online fraud. Juniper suggests a mix of fear, ambiguity and lack of security awareness creates a difficult user journey for merchants, banks and ecosystem players alike. A lack of awareness of the regulations and more stringent authentication during a transaction also supports the cybercriminal.
Several factors playing into the hands of cybercriminals. The success of social engineering in complex fraud. Along with more consumer-focused scams and phishing campaigns, has emboldened them. Efforts by the cybercriminal community to create ‘as-a-service’ cybercrime tools that begin with human intervention, has made the fraud industry highly accessible.
Research co-author Nick Maynard says, “The explosion of eCommerce means fraudsters have evolved their tactics so merchants must also evolve. eCommerce merchants must educate their users in anti-fraud best practice. The human element is consistently the most vulnerable to exploitation in the online payments ecosystem”.
Enterprise Times: What this means for business?
Juniper have suggested that additional security measures, including two-factor authentication have become more widespread. Merchants must be careful when implementing these changes. The research company suggests online merchants must take on a more educational role for their users. This include embracing cybersecurity practices, better understanding common fraud methods and changes to the checkout process to improve fraud mitigation. For instance, increased friction in the checkout experience must be minimised, or merchants will face increased cart abandonment rates. Juniper Research also recommends that security vendors work with merchants to build security measures into shopping apps. This should ensure a low-friction user journey, whilst encompassing increased authentication requirements.
There are several companies that specialise in fraud detection. One of these is Forter which Enterprise Times recently spoke with.