Rippleshot Blog

Holiday Card Fraud Forecast: What More Online Spend Means for CNP Fraud

Posted by Anna Kragie on 1, Dec, 17

The early data on holiday spending — coupled with early holiday fraud projections — gives some insight into what issuers might expect as the year 2017 rounds down.

To start, we’ve learned what most already knew: Consumers love to shop online. This year’s Black Friday/Cyber Monday figures confirmed that fact as consumers shelled out $5.03 billion online on Black Friday and Thanksgiving Day (a 16.8% increase from the year prior). Cyber Monday took that figure to the next level, and consumers set another record-high with $6.6 billion in sales. Overall, Cyber Monday processed 17% more purchases than Black Friday.

More online shopping inevitably means more money is being spent on credit cards, but it also means there’s a greater chance of CNP fraud as fraudsters shift their tactics toward targeting online purchases. This is in line with what industry projections show this holiday season.

What the Early Data on Holiday Fraud Says

Fraud attempt rates are projected to hit 30% this holiday season, according to data from ACI Worldwide. This is in line with 2016's figures when merchants saw a 31% increase in card fraud. Despite the rise of EMV adoption, card fraud (due to an increase in CNP fraud from more online spend) continues to rise around the holidays.

Fraudsters are also getting greedier each year — targeting higher ticket items. The attempted fraud average ticket value (ATV), or a merchant’s average size of individual sales by credit card, is expected to increase from $210 to $215.

[Check out more in our infographic: 2017 Holiday Season Card Fraud Snapshot.]

What’s Contributing to a Rise in Card Fraud

For issuers, tackling card fraud stems from similar problems each year. Identity theft from data breaches, account takeover and friendly fraud continue to be the biggest challenges when combating fraud. With an increase in CNP fraud, higher re-issuance costs, an increase in ATM skimmers, and an increase in other types of card fraud including friendly fraud and synthetic fraud, there’s no shortage of challenges for issuers.

What we also know about CNP fraud, is that between 50-75% it is directly related to data breaches and compromised cards. The problem for most issuers is that they’re relying on a CAMS alert, which doesn’t alert them fast enough about when fraud occurs. By the times a CAMS alert is issued 70% of the fraud has already occurred. Issuers need to be alerted about fraud in a matter of hours, not days. CAMS alerts also  only address the biggest breaches (national chains) and do not detect smaller local breaches like restaurants, gas stations, and ATMs. Issuers should ask their processors for better compromised point of purchase (CPP) information than CAMS alerts. You can improve odds fraud attempts by finding more sources for alerts.

The problem each year, of course, is that the rate at which fraudsters are able to pull off these types of schemes grows faster and are harder for issuers to play catch up with. With CNP fraud expected to grow to $6.4 billion in 2018, issuers must get a grip on this problem before it gets worse.

What Issuers Can Do about The Rise in Fraud

Because we anticipate a surge in fraud, issuers should plan for updated decision rules, be more strategic in reissuing cards, and learn to tweak KYC and ID fraud algorithms faster. By investing in machine learning technology to proactively detect compromised cards, issuers can stop fraud faster, save money and lessen customer impact.

Issuers can also continue to educate consumers about making safer online purchases, encourage them to regularly check statements  set up alert sign-ups and educate them about scams and fraud schemes. Of course, issuers should also care about faster alerts. Better data analytics can help you reissue faster and fewer cards stop fraud earlier, reduce reissuance costs, and minimize cardholder disturbance.

[Check out more in our infographic: Fighting Holiday Card Fraud: 10 Tips for Issuers.]

Issuers should also be regularly monitoring card performance. Conduct daily and weekly monitoring and reporting of fraud to detect compromised cards. Strive to get more information more frequently. Whether it's a data breach or a skimmed ATM, compromised cards must be ID'd within 24-48 hours to stop the spread of fraud. Source more alert resources.

Finally, issuers should invest in automation tools and rely on data analytics-based technologies to strengthen front-end review and fraud prevention. By infusing machine learning technology into the fraud detection process, bank and credit union fraud teams can be better equipped to get ahead of the problem before it spreads.

Eliminating costly, manual processes that are also far less accurate (not to mention far slower) presents endless benefits for financial organizations. Having the ability to sift through organized data that’s collected using powerful software, instead of relying on a team of data scientists to interpret what accounts have been breached (and which will actually go fraudulent), is the only way to devise sustainable business practices and be fully prepared to fight fraud.