Fraudulent chargeback rates from large corporations slightly decreased in the U.S. from 2015 to 2016, according to a recently released study, “Future Fraud: 3 Key Battlegrounds in 2018,” by digital marketing firm Juniper Research.

Juniper looked at fraudulent chargeback rates to show which geographic regions are more susceptible to online payment fraud. The U.S. ranked among the lowest of countries that Juniper tracked, with a chargeback rate of 0.47% in 2016 down from 0.50% in 2015, according to the study, released in June. Mexico and Brazil, however, were the highest on the index, with Mexico’s 2016 fraud chargeback rate at more than 2.5% and Brazil’s around 3.5% in 2016.

“Meanwhile, China continues to experience high e-commerce growth, which will make this market more attractive to fraudsters,” according to the report. In China, online physical goods sales accounted for 12.4% of retail sales in the first quarter of 2017. Online retail sales there grew 32.1% in Q1 to 1404.5 billion yuan ($204.1 billion) from 1063.2 billion yuan ($154.5 billion) a year ago.

Chargebacks occur when a retailer refunds fraudulent transactions charged to credit cards. Chargebacks not only involve the merchant’s direct loss, they also come with interchange fees that merchants pay to credit card issuers. Those costs rise as retailers experience more chargebacks.

Globally, Juniper estimates that retailers will lose $71 billion from fraudulent card not present transactions over the next five years, with more than 75% of these transactions for the online purchase of physical goods. The remaining percentage of transactions is for online purchases of airline tickets and digital goods.

One factor fueling card-not-present losses is the shift to chip cards that follow EMV standards in the United States, Juniper says. Chip cards and the EMV (short for EuroPay, MasterCard, Visa) standard make it more difficult for criminals to commit fraud in stores, and are therefore more likely to drive fraud online where computers cannot read the cards.

“Unfortunately, fraudsters do not give up when presented with new barriers against their activities,” says Steffen Sorrell, principal analyst at Juniper. “As has been observed in both Europe and South America, when the card-present space is better protected using EMV cards, online channels often represent a path of least resistance.”

Buy online, pickup in store services (also known as click and collect) also are “particularly vulnerable [to fraud] given the lack of a residential delivery address” because criminals can fraudulently pay for an online order and then pick it up in person. “Retailers are reluctant to impose rigorous ID checks on pickup for fear of damaging the consumer experience and reducing conversion rates,” according to the report.

Another key component to the projected loss of $71 billion by 2022 is retailers’ delay in setting up the next wave of 3-D secure methods. 3-D secure is a fraud prevention method that has cardholders tie their credit cards to an online password they must enter at checkout from an online retailer. These methods are not popular with retailers because of the extra step they introduce to checkout and could increase cart abandonment rates, Sorrell says.

Moreover, fraud may increase with more internet-connected devices coming to market via the internet of things. Many of these IoT devices have few, if any, measures in place to prevent unauthorized device access, according to Juniper. “These devices will be ‘low hanging fruit’ for fraudsters and will require specific techniques to defend against,” Juniper writes.

Juniper Research recommends merchants use machine learning to assess the risk of a consumer’s behavior, which factors in many variables and updates over time the more consumers use it, and thus makes is harder for criminals to penetrate. Machine learning is a process by which computers can learn over time when they are exposed to new data, essentially modifying the computer’s initial programming and not requiring a human to update software.

Machine learning also can factor in a user’s behavior such as mouse movement and touch-screen behavior. “Machine learning enables fraud detection and prevention providers to identify subtle patterns and fraudulent indicators that might otherwise be missed through more rigid rules systems,” Juniper writes in the report.

Multi-factor authenticating that includes biometrics also will be key to flagging criminal activity, Juniper says. For example, nontraditional biometric factors that a retailer could use include the angle at which a consumer holds a smartphone or the pressure applied to a keyboard while typing.