Not too long ago there was a great quote on LinkedIn. Or maybe it was Reddit or Twitter, but it read, ‘We can put a man on the moon, but we can’t stop CNP fraud.’ It made me chuckle out loud.
Card-not-present fraud has already escalated and is projected to worsen each year for the forseeable future. There is no silver bullet deterrent. Frankly, the hackers and fraudsters are winning.
It’s not all doom and gloom, however. 3D secure technology, once scorned by merchants as a sale disruptor, has made progress and is gaining more and more adoption. There are several other safeguards that are emerging as well.
‘It’ll get worse before it gets better’
In the webinar, 3D Secure: The Force for Card Not Present Fraud Awakens, Julie Conroy, Research Director at Aite Group, talked about the one advantage the U.S. has as the last country to migrate to EMV credit cards.
“One of the benefits of being the last of the G20 nations to go to EMV is that we have models to look to,” she quipped. Indeed, those in U.S. payments security are closely looking at Canada and the UK, both of which have seen and continue to see escalating CNP fraud after migrating to EMV credit cards.
In both countries, the elimination of most of the counterfeiting of credit cards has resulted in a spike in online fraud. It is universally accepted that CNP fraud in the U.S. will get worse before it gets better.
5 Reasons for Optimism
Most of the webinar, however, focused on the progress to fight against CNP fraud and the safeguards that are making headway.
- Selfie and Fingerprint Scans: We already use biometrics, yet many consumers may not know it. iPhone users hold their thumbs over a button to log into their devices. The same concept is being applied to mobile payments. Other biometric options include selfie scans, better known as facial recognition; and even retina scans to validate the identity of the consumer.
- Location Data: Another exciting development in the fight against fraud is location data and the use of IP addresses to certify the location and identity of the consumer making the transaction.
- One-time Passwords: During the checkout process, there will be a window to enter a one-time password which the consumer receives as a text message on his/her mobile phone. The consumer enters the password within a short time frame to authenticate the transaction. This solution is especially effective against cyber criminals who steal credentials.
- Challenge Questions: Challenge questions – such as listing your father’s middle name or a fact known only to the consumer – is an effective added layer of security.
- Outscource Your Payment Platform: In a recent article we wrote for The Green Sheet, Benj Hosack, co-founder of the information security firm Foregenix, suggested e-commerce merchants outsource their payment platforms. Payments pages hosted by a reputable payment service provider are much more secure.
Online Security Solutions with Instabill
Instabill can match your business with a 3D secure solution – Verified by Visa, MasterCard SecureCode, American Express SafeKey or JCB J-Secure – and connect your website with a secure PCI compliant payment gateway. Speak directly with a merchant account manager today at 1-800-318-2713 or click the live chat option below.