Online fraud is expected to skyrocket in the coming years, but it’s not only because of the EMV conversion. While the new chip cards are forcing hackers to employ different methods of using stolen cardholder information, there’s a separate but perhaps equally as influential statistic at play - the exponential increase in online spending in the United States.According to a 2014 Forrester Research report, U.S. e-retail sales are expected to rise to $414 Billion by 2018, with a compound annual growth rate of 9.5%. By that time, e-commerce is expected to grow to 11% of total retail sales, up from 8% in 2013.
This fast growth, coupled with a desire to make the checkout process as quick and seamless as possible is often in conflict with making online purchases more secure, and will make e-commerce sites an increasingly desirable target for fraud.
The new EMV chips will make it much more difficult for hackers to counterfeit physical cards, helping to thwart some card present fraud, but do nothing to prevent a hacker from taking that same stolen information and using it to make an online purchase.
We’ve covered the anticipated fraud landscape post-EMV by looking at the adoption process in other countries. In the UK specifically, card not present (CNP) losses increased 79% in the three years following their 2005 EMV implementation.
In Canada, card present fraud losses fell 54% in the five years following their EMV implementation, while card not present fraud more than doubled to nearly $300 Million in 2013.
The United States is expected to see similar increases, with projections in fraudulent e-commerce purchases to rise to $18.6 Billion by 2018.
But unfortunately for retailers, the rules are different for fraud losses online. In traditional brick and mortar fraud cases pre-EMV, the issuing bank typically took the loss on refunding their cardholders. But, with card not present fraud, the online retailer is responsible for all losses from fraudulent purchases.
Unsurprisingly, the approaches to dealing with online fraud are wildly different. Most online merchants believe that financial security of transactions lies with them, and according to Kaspersky Lab’s Global IT Security Risks Survey, 90% of medium-sized businesses would pay for greater security if it meant more secure financial transactions.
Liron Damri on PaymentsSource wrote that “E-commerce merchants who are afraid of fraud often react by instituting stringent anti-fraud policies. They are so focused on avoiding theft that they don’t think about the losses that can result from rejected customers, lost sales and poor customer experience.”
On the other hand, financial institutions are more focused on a reactive approach. According to the aforementioned Kaspersky survey, 48% of financial institutions state that “any measures they take are designed to mitigate rather than solve the problem.” Twenty-nine percent said that it was cheaper and more effective to deal with issues from online fraud as it happened, rather than trying to prevent it from happening at all.
But as Kaspersky mentioned, perhaps this view is short-sighted. A new survey from Computer Services Inc. found that 80% of adults cited security of their financial information as their greatest concern regarding their bank.
To learn more about e-commerce fraud projections post-EMV, download our whitepaper below: