Rippleshot Blog

The Identity Theft Resource Center (ITRC) and CyberScout issued a new report stating that the number of U.S. data breaches reached an all-time high last year, totaling 1,093. This is a 40% increase from 2015 – quite a substantial increase indicating that rising concerns around cybercrime isn’t just hype, it’s a growing epidemic across not only the U.S but also across the globe.

Cybersecurity is clearly a hot topic of discussion as cyberattacks grow in scale and continue to impact all industries. While it is safe to say that most individuals, financial institutions, business organizations, etc., are all hyperaware of the growing online security threats, a new report from Gemalto indicates that consumers hold organizations - not themselves - chiefly accountable for protecting their personal data, and thus are primarily at fault when it comes to data breaches.

Just a few short months ago, NACHA put in motion a multi-year multi-phase plan to make ACH payments settle in the same day they’re originated. This past September, ACH credits were first made available for same day settlement, with the receiving depository financial institution (RDFI) making the funds available by the end of their processing day. In phases two and three of this rollout, debits will also be settled same day, and funds made available at 5:00pm local time for the RDFI. It goes without saying that as the time available to settle payments decreases, the opportunity for fraud increases, but it’s also important to understand what exactly “same day” means, what opportunities for fraud detection are available, and what the landscape for ACH fraud looks like moving forward.

The continued rise in e-commerce fraud as an expected result of the EMV implementation has put a laser focus on existing fraud solutions in the industry - and their shortcomings. 3D Secure was created over fifteen years ago as a way to increase security for online payments, but has seen its fair share of criticism from all parts of the payment spectrum. In October, EMVCo released the long awaited updated specifications for 3D Secure 2.0. Follow along as we highlight what’s new, important and noteworthy in this much anticipated release.

We knew this was coming when the Federal Reserve issued guidance applying the Customer Identification Program (CIP) to prepaid cards in March of this year. Customers are able to reload prepaid cards, use direct deposit and in some cases, receive overdraft protection, which the federal agency determined enough for it to be considered an account relationship. And now that reloadable prepaid cards are considered an account relationship, it’s not surprising that the Consumer Financial Protection Bureau recently issued new rules requiring fraud protection support for those using them.

In early September, New York Governor Andrew Cuomo introduced new regulation that would make the state the first in the nation to enforce a cybersecurity program for financial institutions. While some have compared the regulation to the FFIEC (Federal Financial Institutions Examination Council)’s Cybersecurity Assessment Tool and guidelines, the proposed regulation would actually go much farther in its quest to ensure all financial institutions in NY are prepared for and are doing their best to prevent cyber attacks.

The CFPB’s wide-ranging jurisdiction over the consumer financial industry has had banks and credit unions worried about potential punishment and fines for years. Up until this point, the vast majority of their enforcements have focused around credit card policies, lending and debt collection. But this summer’s enforcement against payment processor Intercept Corp. is the agency’s second big lawsuit against an entity for ignoring “clear signs of brazen fraud,” sending a clear signal that turning a blind eye to these practices is unacceptable.

Quite a bit, it turns out. According to PYMNTS’ Global Fraud Index, from the first quarter of 2015 to the first quarter of 2016, the dollars at risk per every $100 in online sales rose from $1.89 to $7.30, an increase of nearly 400%. Countless publications predicted an increase in fraud in 2016 due to the impact of the messy and slow implementation of EMV, but few, if any, predicted a jump quite like this.

No surprise here. Pulse Network’s 2016 Debit Issuer Study cites an across the board increase in fraud losses for all types of financial institutions from 2014 to 2015. But where’s it all coming from? How will mobile payments impact the debit market? And what sort of growth is expected over the coming years? We cover it all ahead:

The United States is often the target of most studies on widespread card fraud, due to its slow crawl to implement EMV technology. And because of this, it would be fair to assume that the United States is the only country uniquely experiencing significant levels of fraud and the ripple effects of skeptical customers and loss of revenue. But, that’s actually not the case. ACI Worldwide and Aite Group’s Global Consumer Card Fraud report sheds light on the issue across twenty nations, and provides a look into what even long-EMV compliant countries like Canada and Mexico are experiencing, decades after the implementation, and how consumers are reacting to it.

Yesterday, news broke that supermarket chain Kroger had filed a lawsuit against Visa due to disagreements over chip and PIN transactions. If this is starting to feel like an echo chamber, it’s because Kroger is far from being the first merchant to sue a card network over the EMV conversion. In March, a small grocery chain and liquor store in Florida filed an antitrust lawsuit against all four card networks and a dozen banks. This was followed by Wal-Mart filing a lawsuit against Visa in May, and Home Depot filing one of their own against Visa and MasterCard in mid-June. What’s the issue behind all of this litigation? Follow along as we break each one down.

ABA Endorses Rippleshot’s Automated Card Compromise Detection Platform

Leading banking organization recommends Rippleshot technology for U.S. banks

A study recently released by LexisNexis and Javelin found that card issuers are directly losing $10.9 Billion to card fraud annually. This survey of 100 card fraud and risk decision makers at U.S. card issuing financial institutions found that while the losses come from a mix of different areas - from counterfeit card and application fraud to account takeover, nearly all issuers anticipate fraud growth across the board, regardless of the implementation of EMV.

It’s easy to get caught up in the headlines, particularly when stories of large-scale breaches of cardholder information seem to graze the front of newspapers on a weekly basis. But the truth is, even though the Targets, Home Depots, Michaels and Wendy’s are all-encompassing as far as the media goes, they’re actually not the majority of the card compromises that take place - not by a long shot.

Criminals now have access to a wealth of personal information that is being exposed through data breaches - including, but not limited to names, dates of birth, email addresses, social security numbers, card numbers and home addresses. This information, paired with the implementation of EMV and the inevitable increased difficulty in committing card present fraud has led criminals to a new target - call centers. Armed with seemingly everything they need to know about a person, it often only takes one or two calls and a couple of good, educated guesses to get access to someone’s account.