Taking on Fraud: Part One
This is the first in a two-part series as we look more deeply at fraud concerns and best practices for managing this ever-changing threat.
Over the past couple of weeks we’ve been discussing fraud mitigation strategies on ZootBlog—everything from EMV chip cards to encryption, tokenization, and biometrics. This is an incredibly important topic in the financial industry right now as fraudsters continue to take advantage of any avenue they can to steal information, identities, and dollars.
In early February we saw the shocking $81 million heist from Bangladesh’s central bank. As tax season approached, data from the Federal Trade Commission declared that tax refund fraud was responsible for a nearly 50 percent increase in consumer identity theft complaints in 2015. In May, news of one of the largest breaches of credentials for emails and other websites made headlines. A young Russian hacker had amassed hundreds of millions of user names and passwords and was practically giving them away to gain status in hacker forums.
Call-center fraud is also on the rise. Pindrop Labs shows the problem is especially severe in the United States—their recent study notes 51% of all U.S. call-center contacts as being fraudulent, up from 36% in 2013. Research by Aite Group supports this conundrum. The financial services executives surveyed on the topic all agree that fraud attempts at call-centers are at an all-time high and anticipate losses in this channel to continue rising.
Additionally, card-not-present (CNP) fraud is of greater concern as EMV cards have made it more difficult to commit fraud at the point-of-sale and the growth in e-commerce makes CNP another attractive channel for fraudsters.
As EMV adoption shuts down one fraud channel, it opens others. A recent report by Javelin Strategy & Research shows that fraudsters are bypassing the register and going straight for merchant accounts. Instead of attacking consumer cards at the point-of-sale, they are hacking business emails and successfully committing ACH fraud and stealing merchant credit card data.
Fraud doesn’t discriminate; meaning banks aren’t the only target. A study by the Ponemon Institute recently revealed that nearly 90 percent of healthcare organizations were victims of a data breach in the past two years. Considering the amount of information housed in medical records, that’s a gold mine for identity thieves.
The statistics are staggering in this billion dollar industry.
Just last week the SWIFT platform was attacked in a similar fashion to the Bangladesh hack. The target was a commercial bank and no funds were stolen, but this is just another example of the veracity and variety of fraud that brings chaos to banks, merchants, consumers, and across industries.
In part two we’ll share some perspectives from fraud experts in the industry on where we go from here.