Technology, payments and consumer trends move ever faster in today’s dynamic online ecosystem—and fraudsters move even faster. Looking back over 2016 and towards 2017, we can see patterns that merchants would do well to note.
Some predictions we made last year have gone even further than we expected. For example, when we predicted increasing interest in automation for fraud prevention, we didn’t expect that fraudsters would match this development so enthusiastically. The striking rise of botnets and other kinds of automation in committing fraud show that fraudsters are well aware of the advantages of this technological leap, and merchants who don’t start leveraging it on their own account are likely to get left behind by agile online criminals.
The EMV Impact
Last year we predicted online fraud would increase following the October 2015 EMV adoption deadline. [EMV refers to chip cards whose improved security at physical stores may drive criminals to target online retailers.] Indeed, the Global Fraud Attack Index reported fraud attacks rose 26% in the U.S. in just the first two quarters following the October milestone.
As a matter of fact, fraudsters have moved ahead of the card networks. While the EMV adoption process has been plagued by delays and difficulties, online criminals showed themselves more on top of things and acted to protect their personal bottom lines.
Unfortunately, we doubt that we’ve seen the worst of this trend. One recent report found that only 29% of U.S. merchants can so far accept chip cards. That means, in all likelihood, that the move from offline to online fraud is just beginning, and more fraud will be moving online in the year to come. Retailers need to gear up and protect themselves without inconveniencing good customers.
We noted last year that attention in the e-commerce industry was beginning to center on the fulfillment challenge, and predicted that fast delivery would become a hot topic. The exploration of drone delivery, the growth of Amazon Prime Now and the fact that 80% of shoppers want retailers to offer a same-day shipping option all bear this out.
We think the coming year will see increased awareness of the delays in fulfillment that fraud prevention in particular contributes to, due to its key position at the point of checkout. As a result, greater attempts will be made to transform antifraud into a positive rather than a negative influence—making it faster and smoother, to enable orders to be fulfilled more quickly and more smoothly.
Last year we predicted that omnichannel would gain in importance over 2016, with benefits for fraudsters as well as for legitimate customers. And, while integrated in-store experiences are indeed increasingly important to consumers, according to an ACI Worldwide report attempts at fraudulent buy-online-pick-up-in-store transactions in the 2015 holiday shopping season rose 47% compared with a year earlier.
It’s essential that merchants get on top of the omnichannel challenge, both providing a seamless cross-channel experience for good customers and preventing fraud by criminals attempting to hijack this trend for their own ends. Just as inventory and fulfillment must be more joined up than ever before to work across channels successfully, so fraud-prevention systems must start sharing cross-channel information and connecting the dots in important ways.
For example, can you tell that the customer currently on your mobile app while in your store is the same customer who checked into their account on their computer yesterday, and was browsing online via their tablet last week? Many merchants can’t, yet being able to work with this kind of continuity of identity is essential to providing the full omnichannel experience. Technological advances have made it possible the substantial majority of the time, so make that leap if you haven’t already.
The Move to Mobile
The growth of the mobile channel in particular is the source of both exciting potential for expansion and worrying risk of exploitation. As Forrester Research analysts have cautioned, “Mobile offers fraudsters more options than any other channel.”
This is, essentially, because the devices have become so integral a part of our daily lives and connected to so much of our personal and financial information. As Forrester says, “They can register stolen cards to mobile wallets, take over victims’ accounts via mobile banking apps, use retailers’ mobile apps to make fraudulent payments, disable SIM cards in the victim’s phone, and divert one-time passwords in text messages to their own phones.”
Moving to Mobile-First Fraud Prevention
It’s time that merchants approach mobile fraud prevention as a serious topic in its own right, and start building mobile-first fraud prevention for mobile commerce. Relying on known e-commerce trends, rules and knowledge isn’t enough, and will lead to less effective, less accurate fraud prevention. Patterns of both good and bad customers must be analyzed anew and systems must be taught not to look for information irrelevant to m-commerce, such as browser information and static IP addresses.
Moreover, data available uniquely from mobile devices should be found, explored and employed as appropriate. For example, phones provide GPS, accelerometer and moving cell phone tower information, which can be enlightening. Additionally, you can tell whether a phone has been jailbroken or rooted—which can be very relevant to a discussion of “fraud or not fraud.”
Beyond that, some techniques which are great for both e-commerce and mobile still need to be recalibrated for mobile. Behavioral analytics is enormously helpful, for instance, but of course customers behave differently on mobile versus computer. Your system has to accommodate that, or you’ll be rejecting good mobile customers who behave in ways that are normal on mobile but dubious on a computer.
As with e-commerce, it is important that the move to defend the mobile channel not come at the cost of customer experience. Mobile antifraud must be friction-free and automated to avoid delays.
Customer Experience is King
2016 has been an eventful year in the payments and fraud world, and it looks like 2017 will be just as important, as changing consumer patterns and expectations drive commerce in directions powered by technology and defined by consumer needs.
To stay ahead of the curve, merchants need to bring every aspect of their business in line with a customer-first approach—including those that have traditionally hindered rather than helped customer experience. It’s time that fraud prevention innovate to keep up with the Age of the Consumer, and become customer-centric, just like the rest of online retail.
Forter provides fraud-prevention technology to online retailers.