For the third year in a row, Easy Solutions partnered with ISMG Media group to survey business executives from a range of industries to better understand the impact that fraud is having on their business.
This year’s Faces of Fraud report, was authored by Tom Field, Vice President, Editorial for Information Security Media Group. This year’s report is based on a survey of more than 200 industry executives who were polled on a range of questions to assess what forms of fraud have grown most prevalent over the course of the past year, which investments they’re making to protect themselves from new forms of fraud, and the types of fraud they feel best prepared to prevent and detect.
There are a few conclusions about the current and future state of the fraud landscape in light of the survey results and the 2016 fraud outlook:
- Be Wary of EMV Fallout: For years up until now, the payments security discussion has been dominated by preparing for the EMV rollout in the U.S. Would banks be ready to issue chip-enabled cards? Would merchants have new POS terminals in place? That conversation is over, the rollout has begun, and now institutions and merchants must track what happens to fraud when card-present security has been tightened.
- Time to Talk the Business Impact of Fraud: The historic business-side pushback against granting additional anti-fraud resources is that the level of fraud incidents doesn’t exceed parameters of what the institution deems “acceptable fraud losses.” However, there is a new point of discussion that fraud and security leaders must be prepared to dissect with business leaders: the critical balance between providing the right level of security and maintaining customer ease-of-use.
- Time to Get Serious about Detecting Account Takeovers: Eighty-eight percent of institutions say they see no change or an increase in account takeover incidents, despite anti-fraud investments they’ve made. It’s time for banking institutions to realize there is much more they can do to improve authentication and anomaly detection, so they can improve fraud detection before the money leaves the bank.
- Prepare for the New Faces of Fraud: Beyond EMV, there are other faces of fraud on the horizon in 2016, and institutions need to give those due attention, starting with the mobile channel. Mobile devices quickly are becoming the top channels of choice for banking customers – and consequently, the top target of choice for fraudsters and their newest exploits.
As we’ve seen over the past few years with this survey, the slow and steady adoption of EMV technologies designed to thwart incidences of card-present fraud, remained a prominent theme. However, during the webinar, it was suggested that we as an industry need to stop talking about the adoption of EMV and turn our collective attention to other technologies that will help them manage fraud at ‘acceptable rates’: “the big breaches pushed the issue (of EMV) but it’s time to stop talking about it and turn the screws elsewhere. Tokenization is a big one as is the ability to detect stolen cards given the significantly higher costs of re-issuing EMV enabled cards.”
Furthermore, while the broad adoption of EMV will no doubt go a long way towards fixing part of the problem, it will also create new opportunities for new and advanced attacks on EMV itself. But like the flow of water which will always find the path of least resistance, other varieties of fraud will undoubtedly rush up to fill any vacancies that EMV might temporarily fill. It’s the card not present piece which we as industry will need to focus on now.
Other key findings from the survey include:
- Only 13% of those surveyed said they weren’t impacted by the many high-profile retail breaches. Meanwhile, the consequences of the breaches at Home Depot and Target continue to have a ripple effect with 87% of respondents indicating that they continue to be impacted by the breach while 73% said that merchants and vendors must be held accountable.
- Although 55 percent of respondents reported that their financial losses linked to fraud increased, a surprising 39% of those surveyed stated that their management teams felt that their fraud losses fell within an “acceptable” level.
- As a result of these breaches, 82% of respondents reported that they had to re-issue payment cards while 62% said they lost time and resources due to having to respond to incidents.
- Of the 10 types of fraud presented, 82% said that payment card fraud represents the top form of fraud experienced. And yet, only 30% said they are best prepared to prevent and detect payment card fraud.
- The survey also revealed that account takeovers have remained steady or have grown (88%) while 56% reported that the number of targeted phishing attacks against employees has increased over the past year.
To download a free PDF of the 2016 Faces of Fraud report, click here.