Fraud watchers are forecasting a stormy fall and winter for merchants who accept CNP transactions. By October, US retailers must convert from magnetic stripe card readers to more secure EMV (Europay, MasterCard, and Visa) terminals, to avoid fraud liability. EMV technology will reduce skimming and other POS-terminal fraud. But security industry experts say EMV migration in other regions has been followed by a flood of CNP and e-commerce scams. Is your business protected against the coming wave of CNP theft?
EMV is a step up in security but not a cure-all. Analysts warn that when thieves are stymied by POS safeguards, they move on to easier pickings such as card-not-present scams.
A look at the numbers bears this out:
- After EMV migration in the UK, POS bank card fraud dropped by 23% in the first half of 2009. But phishing jumped 26% and online fraud increased by 55%.
- Post-migration CNP fraud in SEPA (the Single Euro Payments Area) grew by 21% from 2011 to 2012, and experts expect the trend to continue.
- Canadian POS fraud dropped by 54% during the 2008-2013 EMV migration period, but CNP fraud exploded by 133% during that time.
There are several safeguards merchants can adopt now to prevent an uptick in fraud—and liability—later. 3D Secure programs and two-factor authentication can cut down on the incidence of fraud made with stolen card numbers. Behavioral analytics can identify users whose activity is suspicious, and real-time analysis of flagged transactions can cut prevent approval of fraudulent purchases. Merchants who don’t already have fraud protection and a fraud response plan in place should use this summer to prepare for this fall’s stormy weather.