Rippleshot Blog

Only two months into 2016, and the Identity Theft Resource Center is reporting nearly 1.7 million records have been exposed in data breaches thus far. And as we noted in last week’s newsletter, an increasing concern in the security space is the inevitable increase in card-not-present fraud, as e-commerce numbers continue to skyrocket and EMV adoption pushes fraudsters online. With e-commerce fraud at the top of everyone’s minds, Experian released a new report outlining the riskiest locations in the United States - both where the fraudsters are located, and where their victims are.

In this week's recap, Gemalto releases 2015 Breach Level Index findings, the Atlanta FRB makes 2016 payments predictions, Merchant Link lets us in on EMV's "dirty little secret," U.S. e-commerce sales continue to skyrocket, and Rippleshot VP of Operations Marci McCalmon hits the blog to explains what you need to know about encryption vs tokenization.

In this week's recap, a viral Facebook post reveals a clever fraudster's new way of defrauding contactless cardholders on public transit, FIS & Paydiant launch cardless ATMs, a survey reveals interesting statistics around IT professionals and security, Obama names the chairs of his new cybersecurity commission, and Rippleshot CEO Canh Tran hits the blog to talk about the recent hospitality data breach trend.

In this week's recap, a recently discovered hacking group is rolling back ATM transactions to dupe banks, the White House seeks its first CISO, additional details are revealed in the DHS & FBI hack, a new survey reveals the dark future many businesses have resigned themselves to regarding breaches, and the Rippleshot team covers the increase in gas pump skimming.

We’ve long covered the issues with gas pump skimmers, and have consistently seen automated fuel dispensers (MCC 5542) show up in the most compromised merchant categories. But this history, combined with the extended deadline for gas stations to become EMV compliant, has led to them being an even bigger and easier target for hackers.

In this week's recap, Neiman Marcus suffers another data breach, a new report shows the scale of breaches due to human error, another study shows the lasting repercussions organziations face after a data incident, a closer inspection is done on consumer behavior after data breaches, and team Rippleshot covers the economic of breaches - from the hackers' point of view.

According to IT Governance, over 57 million records were exposed worldwide in data breaches in January of this year alone. The attacks are far from slowing down, but with the help of Palo Alto Networks and Ponemon’s most recent report, we are learning more about how hackers work, who they target and why.

Everyone knows the holiday season is ripe for card fraud. A survey of Certified Fraud Examiners found that fraud increases 20% during the holidays, accounting for 2.5% of all sales. We talked a few weeks ago about how issuers and merchants are attempting to tackle online fraud, but we’re seeing even more aggressive tactics this holiday season - and the impact on consumer spend is severe.

CHICAGO, December 7, 2015 - Rippleshot, a Chicago-based fraud analytics firm, today announced that it has raised $1.2 million in a bridge round of funding, led by KGC Capital. Other investors include leading financial institutions UMB Bank and Wintrust and FinTech accelerator, SixThirty.

With digital gift cards rising to 67% of total gift card sales in December of 2014 (compared to 57% the previous year), it doesn’t come as a surprise to anyone that this channel is quickly becoming a highly desired target for hackers.

Online fraud is expected to skyrocket in the coming years, but it’s not only because of the EMV conversion. While the new chip cards are forcing hackers to employ different methods of using stolen cardholder information, there’s a separate but perhaps equally as influential statistic at play - the exponential increase in online spending in the United States.

This month, the House Small Business Committee held two hearings to learn more about the implications of the EMV transition on small businesses, along with the efforts being made to ensure they are in compliance with financial service providers and are in a position to succeed. Witness testimony was heard from a number of parties - from Visa and the NAFCU, to small business owners and the National Retail Federation.

We have yet to talk to a bank or credit union that isn’t employing real-time decline rules based around FICO Falcon or Visa VAA score bands - and with good reason. This solution has been around for an incredibly long time and is baked right into many existing risk management solutions. But payment card fraud is higher than it’s ever been - so what’s the problem?

There is just over one week left before the EMV liability shift takes place, and it’s looking like neither consumers nor merchants will be as prepared as expected. Though many experts have been claiming for months that the U.S. will be unlikely to hit the self-imposed October 1st deadline, recent surveys have shown a much more grim outlook.