The Transition To Card-Not-Present FraudMiCamp Solutions
E-commerce merchants may soon find themselves fighting an uphill battle. A new report released by Research and Markets shows that card-not-present (CNP) fraud is on the rise – and the Federal Reserve’s 2016 Payments Study confirmed that CNP fraud is becoming a much more common occurrence. Both studies state that the increase in CNP fraud can be at least partially attributed to the introduction of EMV technology into the U.S. payments space.
The microprocessor or smart chip that is embedded into an EMV card interacts with a merchant’s point-of-sale (POS) device to help ensure that the payment card is valid – mainly that the card hasn’t been cloned or counterfeited in some way. While counterfeit credit card fraud is still one of the most prevalent forms of fraud, experts predict that it will decline sharply this year, as more merchants become equipped to accept EMV payments. The EMV chip makes it more difficult and more expensive for criminals to replicate, or successfully clone, a consumer’s payment card – therefore making it more difficult to commit fraud at the POS.
EMV does not, however, protect against online or CNP fraud. EMV works in a very concrete way – the card is inserted into a payment terminal and, every time an EMV card is used for payment, a unique transaction code that cannot be used again is written to the chip. With magnetic stripe cards, the data contained on the stripe is unchanging. When criminals access that data, they have the card information necessary to clone the card and start making purchases.
Though EMV helps better protect consumers and merchants, its physicality limits its usefulness. As more consumers make purchases online and more merchants add shopping carts to their websites, CNP fraud is only poised to grow. And, criminals are able to use data gathered in previous breaches for online fraud. Research and Markets pointed out that “well-documented breaches of payment card data at major retailers such as Target and Home Depot in the past few years have provided a treasure trove of millions of cardholder records that are being used by criminals to commit CNP fraud.”
According to Julie Conroy of Aite Group, application fraud is also on the rise. Application fraud involves criminals using stolen credentials to open credit cards in another individual’s name. From new credit card accounts to opening a cell phone account with a major carrier, criminals are using these stolen credentials in inventive ways. “I’m hearing of huge application-fraud pain from issuers,” Conroy says. “Basically, we’re looking at all of those data breaches and data in the hands of criminals, and they’re using it.”
While it is important for merchants to implement EMV technology, it is also important for both merchants and consumers to be aware of the threat of CNP fraud. When sensitive payment data is compromised, both merchants and consumers feel the ill effects. CNP merchants can protect consumers’ sensitive data by layering the security of encryption and tokenization – protecting data in rest and in transit. With these payment security technologies properly implemented, merchants can rest assured that their brand and consumer information is protected. Contact us to learn how you can secure your CNP environment today.