We knew this was coming when the Federal Reserve issued guidance applying the Customer Identification Program (CIP) to prepaid cards in March of this year. Customers are able to reload prepaid cards, use direct deposit and in some cases, receive overdraft protection, which the federal agency determined enough for it to be considered an account relationship. And now that reloadable prepaid cards are considered an account relationship, it’s not surprising that the Consumer Financial Protection Bureau recently issued new rules requiring fraud protection support for those using them.
We know it’s hard to believe, but sometimes even your beloved customers have malicious intentions. According to a newly published whitepaper by Radial, the majority of eCommerce fraud originates from cyber criminals, who use compromised payment data to make unauthorized transactions, and make managing eCommerce fraud extremely challenging. Merchants are forced to constantly balance risk exposure with customer disturbances, heavily invest in fraud detection technologies, and dedicate resources to preventing fraud. However, what happens when the customer is the one committing fraud? Commonly known as “friendly fraud”, this type of first party fraud is when customers transact online, and then claim their purchase was unauthorized. Follow the Rippleshot Team as we quantify how much friendly fraud has been costing merchants (quick teaser- billions), and the steps merchants should take to avoid it.
During March, the Rippleshot Team covered the top locations and trends of e-commerce fraud in a previous blog post, outlining where both the fraudsters and victims of fraud were located. Much of our focus was on warning financial institutions that EMV implementation was not the cure-all to fraud, as fraud, and its impact of customers, was not going anywhere. Some listened, while some countered that their “fraud losses were lower than ever because of EMV”. So although we don’t like to say we told you so…we told you so. Experian’s latest report, published right around the 1-year anniversary of the EMV liability shift, projects 2016 e-commerce fraud attack rates to be at least 15% higher than last year’s total. Learn the Top 10 Riskiest Zip Codes for shipping and billing fraud in our latest blog- “The Where and What of E-Commerce Fraud”.
In early September, New York Governor Andrew Cuomo introduced new regulation that would make the state the first in the nation to enforce a cybersecurity program for financial institutions. While some have compared the regulation to the FFIEC (Federal Financial Institutions Examination Council)’s Cybersecurity Assessment Tool and guidelines, the proposed regulation would actually go much farther in its quest to ensure all financial institutions in NY are prepared for and are doing their best to prevent cyber attacks.
2 years ago, security professional and evangelist David Holmes dubbed 2014 as the “The Year of the Mega-Breach”, and reasonably so, as multiple headlines featured news of massive data breaches at Home Depot, J.P. Morgan Chase, and eBay. However, the following year had a roster of mega-breaches that made the previous year’s incidents pale in comparison, causing the term to quickly become obsolete. After a holistic review of the data breaches that have occurred throughout the current year, the Rippleshot Team has decided to resurrect the concept- with a little twist. Follow along as we discuss why 2016 is “The Year Of The SMB Breach”, how data breaches can be catastrophic to small to mid-size businesses (SMBs), and what implications SMB breaches have for the overall cybersecurity industry.
Bad news. Ransomware is back with a newfound vengeance. Many of us know ransomware to be a notorious form of malware that prevents users from accessing their own systems, either by locking a user from a system entirely (locker ransomware), or encrypting user files on an affected system (crypto-ransomware). In either case, users are forced to pay a ransom in order to restore functionality and access, many times to the tune of thousands of dollars. Although ransomware dates back to 1989, its practice has ebbed and flowed in its prevalence over the years. However, it is clear that 2016 has seen a marked increase in the frequency, cost, and effectiveness of ransomware incidents. Follow the Rippleshot Team as we document the return of ransomware and its impact on the cybersecurity landscape of 2016.
The CFPB’s wide-ranging jurisdiction over the consumer financial industry has had banks and credit unions worried about potential punishment and fines for years. Up until this point, the vast majority of their enforcements have focused around credit card policies, lending and debt collection. But this summer’s enforcement against payment processor Intercept Corp. is the agency’s second big lawsuit against an entity for ignoring “clear signs of brazen fraud,” sending a clear signal that turning a blind eye to these practices is unacceptable.
Quite a bit, it turns out. According to PYMNTS’ Global Fraud Index, from the first quarter of 2015 to the first quarter of 2016, the dollars at risk per every $100 in online sales rose from $1.89 to $7.30, an increase of nearly 400%. Countless publications predicted an increase in fraud in 2016 due to the impact of the messy and slow implementation of EMV, but few, if any, predicted a jump quite like this.
No surprise here. Pulse Network’s 2016 Debit Issuer Study cites an across the board increase in fraud losses for all types of financial institutions from 2014 to 2015. But where’s it all coming from? How will mobile payments impact the debit market? And what sort of growth is expected over the coming years? We cover it all ahead:
“Those who cannot remember the past are condemned to repeat it”.
This quote couldn’t hold more true when it comes to the EMV liability shift in America. Cybersecurity experts are perplexed regarding the future, scrambling to find clues in order to predict the who, what, when, and why of the EMV roll-out. What they don’t know is that the answers may actually lie within the past, or across the Atlantic Ocean. Most Americans are quick to forget that we were actually one of the latest to adopt the EMV standard, following suit after Africa, the Middle East, Asia, Latin America, and almost all of Europe. So when it comes to painting a picture of the aftermath that will result from widespread adoption of EMV protocols, why don’t we examine our international counterparts more closely? Join us as we discuss European history surrounding EMV adoption, fraud trends that will carry over to America, and the implications of widespread EMV implementation in our latest infographic: The Evolution of European Card Fraud.