A new industry study about consumer perception around fault over card compromises is a good reminder for financial institution leaders about what their cardholders are concerned about most this holiday shopping season.
A November 2019 study from Terbium Labs titled "How Fraud Stole Christmas" details that a majority of consumers, or 68%, responded in a survey that they would hold their financial institution "at least partly responsible for fraudulent activity, regardless of how the compromise occurred." Even if the merchant was the source of the breach, consumer perception over how their bank or credit union is protecting them appears to play a role in who a cardholder is most likely to point the finger at after an incident occurs.
Consumers are Worried About Increased Fraud this Holiday Season
The study also revealed how concerned consumers are about becoming victims of card fraud — with 66% saying they feel is possible. Roughly the same amount of respondents said they believe they are at higher risk during the holiday season to have their financial information compromised. These fears have led to consumers having the expectation that it is up to their financial institution to protect them from data breaches.
While 51 percent of respondents said they would blame the source of the data breach (such as the retailer), those consumers also indicated they'd hold the financial institution who issued the card also responsible. Another 17% of consumers said they'd hold the financial institution at fault, regardless of how the incident originated.
Consumers are Quick to Blame — But Not Change Their Shopping Habits
The research also indicated that financial institutions have a lot to lose if a data breach impacts their cardholders this holiday season. Around every two out of 10 consumers, or 19%, reported they'd leave their current financial institution and close their account if they were impacted by a data breach; 26% responded they would keep their account if the FI took a specific action to enhance card security.
While consumers are quick to blame their card issuing companies or merchants for card compromises, they aren't as quick to change their own spending habits to protect themselves, the study indicated. To start, consumers said they plan to use a mix of credit and debit cards, as well as use multiple cards during the holiday shopping season. This spending pattern creates more options for fraudsters to monetize since spend will be across multiple accounts.
Moreover, consumers also said they will monitor their transaction history, but won't take proactive measures like using two-factor authentication. Just 7% indicated that was a priority to them, while 38% said they'll rely on monitoring their transaction history. Interestingly enough, 14% of respondents said they are frustrated when suspicious activity doesn't get flagged quickly enough.
E-Commerce Fraud Remains Top Concern
When asked where they were most concerned their data could be compromised, 35% responded with online retailers being the top concern. Physical retail stores fell as the second greatest concern, followed by 18% at what was defined as unsecured point-of-sale system such as an ATM or gas station. Skimming devices remained a top concern (42% of respondents) for compromise methods this holiday season. CNP fraud fell to third place with 20% of respondents, while lost of stolen cards got responses from 26% of respondents. Phishing scams, account takeover and application fraud were the other three concerns on consumer's mind this holiday season.
Even though just 9% of respondents were worried about their data being compromised by the financial institutions that issue their payment cards, a majority said they'll hold them accountable if an incident does occur.
"Financial institutions are under heavy scrutiny by consumers during the holiday season, and should be taking customer trust and loyalty very seriously," said Emily Wilson, VP of Research at Terbium Labs said in a press release. "Cyber criminals thrive during peak holiday shopping – the hustle and bustle of transactions and unusual shopping patterns create countless opportunities to capture payment data and attempt fraudulent transactions. Consumers are distracted, and prefer reactive measures to account for fraud, all while holding financial institutions to a high standard in keeping their data safe and their accounts secure. If financial institutions don't take proactive measures to monitor customer data and detect the first sign of exposure, they could face significant consequences in the new year."
What Financial Institutions Can Do to To Serve Their Cardholders Better
Issuers must educate cardholders on making safe purchases and monitoring their cards frequently. For FIs, it’s important to implement real-time monitoring for fraudulent or unusual patterns, increase customer interactions, and minimize re-issuance disturbance.
Bank and credit union leaders must educate cardholders on making safe purchases and monitoring their cards frequently. For financial institutions, it’s important to implement real-time monitoring for fraudulent or unusual patterns, increase customer interactions, and minimize re-issuance disturbance. After the holiday season, issuers should follow-up with fraud transactions and compromised card analysis in order to perform a more targeted, efficient re-issuance process. Following the holiday season, FIs should determine where gaps exist by investing in better and faster technology tools.
The holidays present a key challenge for FIs: How to balance keeping your customer’s protected with a desire to keeping a card at top of wallet. Here are a few recommendations from our team:
- Educate Cardholders about making safer online purchases, encourage them to regularly check statements, setup alert sign-ups and educate customers about common fraud schemes.
- Monitor Fraud in Real-Time on a daily and weekly to receive timeline alerts of compromises cards, This helps your team stop the spread for card fraud faster — while managing customer impact.
- Don’t rely on Visa CAMS and MasterCard ADC Alerts. By the time these alerts have been issued, 70% of fraud has already occurred. Rely in tools that can target smaller local breaches to get comprehensive protection.
- Re-Issue Smarter with Alerts or After a Clear Pattern is Identified so your organization does not decline legitimate transactions. FIs should focus on their customers first and analyze data after the holidays with better, faster tools.