We’ve offered online credit card processing for the better part of 20 years, but we never dreamed we’d see this kind of volume of cyber attacks.
The ThreatMetrix Q1 2018 Cybercrime Report contains the most disturbing set of figures we’ve ever seen regarding attacks on small e-commerce businesses. E-commerce attacks were twice as high in the first quarter of 2018 than 2017. ThreatMetrix compiled its report based on the 201 million attacks it successfully thwarted – an astounding figure in and of itself.
It makes us wonder whether a business’s risk level can get even higher due to the constantly escalating threats of e-commerce attacks, thus scaring more and more high risk acquiring banks away. Many high risk businesses have enough difficulty finding payment processing as it is, and hardly need escalating risk levels.
A major concern we have about online credit card processing
As high risk online credit card processing has been our forte over two decades, we’re gradually seeing certain high risk industries running out of options in accepting payments online. We’ve seen acquiring banks cease payment processing for several industries – nutraceutical and tech support businesses come to mind – and we’re fearful that the volume of fraud to which merchants are subject will make acquiring banks even more tentative.
What are the criminals targeting?
Free, easy money, of course. Getting it is the challenge. Says the ThreatMetrix report, online criminals go about it two ways:
- Stealing account logins and creating accounts for fraudulent purposes, which made up 71 percent of the attacks ThreatMetrix stopped.
- Theft of payment data, which made up 29 percent of the attacks, likely to perpetrate account takeover (ATO), a tactic which has grown exponentially over the last year.
Why criminals have migrated to online businesses
The wave of online crime is hardly a surprise. What small online businesses in the U.S. are currently mitigating occurred in Canada not long after it migrated to EMV credit cards in 2008; and the United Kingdom and Europe at the turn of the century. Here are other reasons for the increase in cyber attacks:
- The rash and rise of criminal activity against businesses is a direct result of U.S. migration to EMV chip-enabled credit cards, which has rendered the counterfeiting of credit cards extremely difficult. Thus, criminals have turned to online businesses, some of which, in the first 18 months to two years of EMV, were somewhat easy to hack into for credit card details.
- The mammoth size and expanse of the U.S. retail industry is a huge draw — attracting criminals from all corners of the globe aiming to monetize on the theft of credentials, logins and payment information.
- The ThreatMetrix report found that the payment processors who provide the framework for online credit card processing are also at risk: Frequency of attacks grew 7.6 percent of all transactions by processors in Q1, nearly double that of the overall rate of 3.9 percent and up from 6.1 percent from Q1 of 2017.
- Disturbingly, U.S. consumers are storing more and more personal information online, also facilitating criminals’ persistence. It brings up an issue: Are merchants requesting too much information from consumers?
Safe, secure credit card processing with Instabill
With an initial conversation with our online credit card processing experts, we’ll match your business with a domestic or international acquiring bank which specializes in your industry. Have a conversation with us today at 1-800-530-2444.