What is fast fraud and why is your business at risk? Fast fraud occurs when criminals take advantage of weaknesses in online and mobile commerce fraud prevention systems.
Here’s why you need to read Vesta’s latest white paper today:
1) Fast fraud is retail’s next big threat. What does that mean to your business?
2) How fast fraud threatens you and your customers
Why traditional fraud solutions won’t work
3) Discover tips to help you get started on a fast fraud solution
Learn more at http://info.trustvesta.com/fastfraud
2. And many of those purchases
are strictly digital—products like
e-books, gift cards, and event
tickets—with instant delivery to the
consumer. For retailers, it’s becoming
increasingly necessary to offer digital
goods and online sales options in
order to compete.
This new retail landscape,
however, has also opened up new
opportunities for fraud. Online and
mobile purchases don’t require a
physical credit card, so card-not-
present (CNP) transactions are
often more vulnerable to scams.
Additionally, consumers expect
to receive their digital purchases
immediately, which leaves retailers
with less time for identity and
payment verification.
These factors and vulnerabilities
have led to the creation of an entirely
new category of fraud: Fast fraud.
Fast fraud occurs when perpetrators
take advantage of weaknesses in
online and mobile commerce fraud
prevention systems to steal digital
goods, which can then be re-sold
on the secondary market. Other
fraudsters hack into retailers’ systems
and swipe customer credit card
information for use or sale on the
secondary market.
As online and mobile commerce
continue to grow, fast fraud is
expected to become increasingly
prevalent. Fortunately, there are
steps retailers can take to better
protect their business, their data,
and their customers from fraudsters.
Americans are making more purchases online
and on their phones than ever before...
Page 2 >
3. The Rise of Fast Fraud
Fast fraud is the result of multiple converging trends. Today, more adults
are shopping online and via mobile device, especially as smartphones and
tablets become more prevalent. In 2013, 55 percent of U.S. adults owned a
smartphone; by 2014, 75 percent owned one.
Retailers have noticed this trend and are working to encourage more mobile
purchases. In 2014, 15 percent of all merchants offered mobile commerce
options—double the percentage that offered them in 2013.
At the same time, digital goods have taken off. Products like e-readers and
digital music services have made e-book and music downloads increasingly
common. In 2014, consumers spent $5.7 billion on e-books. That figure is
expected to grow to $8.7 billion by 2018 (PWC). Similarly, music downloads
and audio-streaming services now account for 64 percent of the total market,
with sales of digital music formats reaching $4.5 billion in 2014 (RIAA). Many
consumers have also begun purchasing items like gift cards and event tickets
online. In 2014, consumers spent $6 billion on digital gift cards alone, up from
$5 billion in 2013.
These trends have escalated so quickly that many retailers’ fraud prevention
systems have failed to keep up, and fraudsters have taken advantage of the
opportunity. According to the Identity Theft Research Center, there were at
least 783 tracked data breaches in the United States in 2014, a 27.5 percent
increase over 2013 and an all-time record. Javelin Research and Strategy
estimates CNP fraud was about $10 billion in 2014 and expects that number to
climb to $18.4 billion by 2018.
Page 3 >
4. Fast fraud will likely become more common in the coming months, as the
United States transitions to EMV credit card security standards. These cards
will make in-person credit card fraud more difficult, so it’s likely that fraudsters
will switch their focus to the more vulnerable CNP transactions. In the United
Kingdom, CNP fraud rose 79 percent in the first three years after EMV
adoption.
55%
adults
owned a
smartphone
75%
adults
owned a
smartphone
2013
eBooks music gift cards
2014
Popularity of Smartphones
(Sales) $4.5 Billon $6 Billon$5.7 Billon
Popularity of Digital Goods
Page 4 >
5. Page 5 >
The Consequences of Fast Fraud
Fraud has always had high financial costs for retailers and consumers, but fast
fraud’s costs are often higher and go beyond the monetary.
For example, fraud accounts for 15 to 20 cents of every $100 in revenue for in-
person transactions. For mobile transactions, however, fraud accounts for 68
cents of every $100 in revenue, a 350 percent increase. Additionally, research
has found that retailers pay $3.34 for every dollar lost to mobile fraud.
When fraud results in a full-blown data breach, the costs—both monetary and
reputational—are
even higher. In
2014, the average
organization spent
$1.6 million on post-
breach response
costs for legal,
consulting, and
victim identity
protection services,
according to
a study by the
Ponemon Institute. Making things worse, a highly publicized data breach often
leads to reputational damage and lost business for retailers. According to the
same study, the typical organization loses an additional $3.2 million worth of
business following a breach due to abnormal customer turnover, reputational
loss, diminished goodwill, and the increased customer acquisition activities
that are often required.
Legal expenses
Consulting fees
Victim protection services
fast fraud costs fast fraud costs
Monetary Reputational
$1.6M
Customer turnover
Reputational loss
Diminished goodwill
Increased acquisition
$3.2M
data breach
$4.8M
+
+
6. Fast fraud costs consumers, too. To
compensate for anticipated losses,
some retailers are passing the costs
of fraud onto their customers in the
form of higher prices. Merchants
have also begun adopting policies
and technologies that slow down
the transaction process, making
purchases less convenient for
shoppers.
Additionally, consumers run the risk
of being scammed by fast fraud
perpetrators on the secondary
market. Fraudsters often unload
stolen digital goods through
legitimate websites that allow consumers to exchange unwanted gift cards or
event tickets. If retailers are able to determine that the goods are stolen, the
customer is left to deal with the consequences. Many times, this leaves retailers
in a difficult position, as they must decide whether to honor a fraudulent gift
card or ticket that’s been sold to a well-intentioned customer.
Page 6 >
A highly publicized
data breach can mean:
• Reputational damage
• Lost business
• Abnormal customer turnover
• Reputational loss
• Diminished goodwill
• Increased customer acquisition
efforts
7. Why Traditional Fraud Solutions Won’t Work
Fast Fraud and The Need For Speed
The nature of digital product purchases with immediate delivery can make it
very difficult to identify fast fraud when it’s happening and to track down its
perpetrators after it has occurred. As a result, most traditional preventative
solutions, which are geared toward preventing fraud when products are
shipped to the customer, fall short.
Online and mobile shoppers expect instantaneous delivery of their digital
goods, yet many traditional solutions are not adapted for instantaneous
delivery. Existing systems often require time to accurately verify the
cardholder’s identity and payment, which works well when consumers must
wait a few days for their products to ship. When digital goods are involved,
however, and immediate delivery is expected, most existing systems are unable
to accurately verify payment details, due to the sheer speed of order fulfillment.
CNP Transaction attributes
Immediate fulfillment
Immediate monetization
Verify customer and address
Authenticate transaction
Hold goods pending authorization
Digital
delivery
Physical
deliveryvs.
Page 7
8. Additionally, digital delivery requires no physical address. Digital goods
are usually delivered via email or mobile device, so shoppers’ locations are
unknown. Systems that require consumers to enter a physical address when
one isn’t needed can slow down the transaction process, eliminating the fast,
frictionless checkout process that consumers prefer.
The secondary market further complicates matters. When fraudsters unload
their goods on legitimate online exchange sites, honest consumers can wind
up with the stolen products. This makes it extremely difficult to track down
and punish the actual perpetrator.
Most existing fraud prevention solutions work because they’re able to verify
the accuracy of payment information in the time span between purchase
and delivery of goods. Existing systems can flag addresses associated with
suspicious activity, and when possible, perpetrators can be tracked down at
those addresses and the stolen goods recovered.
With fast fraud, however, these elements are absent, and fraudsters’ easy
access to a legitimate secondary market means goods can be unloaded
almost instantaneously. The combination of all these factors makes it nearly
impossible for traditional fraud prevention measures to combat fast fraud.
Page 8
9. How to Successfully Prevent Fast Fraud
As online and mobile shopping and digital goods continue to grow in
popularity, fast fraud will become an even larger problem for retailers in the
years to come, especially as the United States transitions to EMV.
Unfortunately, many retailers are
learning about their fast fraud
prevention gaps the hard way.
Merchants who move into the
digital products space are often
overwhelmed with high loss rates
and are forced to stop selling the
products immediately. Retailers
often look to their existing
vendors for solutions, but these
traditional providers often can’t
provide the help required.
For retailers in need of a solution
that prevents fast fraud, the
following tips can help:
• Don’t go it alone. For many retailers, it’s tempting to build an in-house
fraud solution. Yet, most businesses, particularly small- to medium-sized
organizations, would require significant staff additions and technology
upgrades to establish a functional process. Additionally, outside vendors are
monitoring fraud patterns across numerous clients, which allows them to
learn about new theft techniques being employed and implement proactive
security measures to stop them before they happen.
When shopping for a fast
fraud solution:
• Don’t go it alone
• Look for guaranteed payments
• Watch for red flags
• Choose expertise over novelty
• Keep the customer experience
in mind
Page 9
10. • Look for guaranteed payments. Only a handful of vendors offer a
guaranteed payments solution, but it’s worth seeking out. This model
places all of the risk on the vendor, not the retailer. If the vendor wrongly
determines that a payment is safe and allows the purchase to proceed, the
vendor then picks up the cost of any associated losses for the retailer.
• Watch for red flags. Many vendors overpromise their capabilities, and
retailers are wise to be wary when choosing a partner. Common red flags
include the promise of “instantaneous integration,” which is highly dependent
on the size of the retailer and the type of payments system used. As such,
retailers should investigate vendors as much as possible. Merchants can look
at the vendor’s list of current clients to ensure the provider has experience
working in the merchant’s particular industry and understands its unique
needs and fraud profile. When possible, retailers should ask for referrals and
interview some of the vendor’s past and present clients to evaluate whether
needs are being met.
• Choose expertise over novelty. Fast fraud’s relative newness means many
startups have jumped into the fraud prevention and payments processing
field to try to solve the problem. However, the effectiveness of any fraud
solution increases over time. Vendors that have been in the industry for
a number of years have lengthy logs of experiential data, which can be
used to spot fraud more quickly and identify holes that could be exploited.
Experienced vendors are also able to harness the knowledge gained by
working in different industry verticals to adapt solutions that meet the
particular needs of each retailer. When searching for a provider, retailers
should, at minimum, make sure the vendor has experience working with
businesses of similar size and industry.
• Keep the customer experience in mind. Many solutions work simply by
slowing down the transaction process or requiring the customer to complete
additional and lengthy verification steps. For retailers, these systems often
result in dissatisfied customers and abandoned purchases. When choosing
a provider, retailers should ask questions about how the solution will impact
the customer. The best solution will offer the highest conversion rate for
approved sales and the lowest friction checkout process possible.
Page 10
11. Page 11
Summary
It’s important for retailers to find the right system for their unique needs and
then monitor the solution’s performance over time. The best fast fraud solution
will combine payment processing, fraud prevention and guaranteed payments,
allowing retailers to sell digital goods to their customers without assuming
unnecessary risk in the process.
12. View our series of fast fraud videos at info.trustvesta.com/fastfraud
4400 Alexander Drive
Alpharetta, GA 30022-3753 USA
Tel: +1 678.222.7200
Fax: +1 770.772.0600
info@trustvesta.com
11950 SW Garden Place
Portland, OR 97223-8248 USA
Tel: +1 503.790.2500
Fax: +1 503.790.2525
info@trustvesta.com
Av. Américas 1536 1A
Col. Country Club
C.P. 44637
Jalisco, México
info@trustvesta.com
Finnabair Business Park
Dundalk, County Louth
Republic of Ireland
Tel: +353 (0)42 939 4600
Fax: +353 (0)42 939 4601
info.ireland@trustvesta.com
No. 6 Ji Qing Li Road,
Unit B603
Chaoyang District, Beijing
100020 P.R. China
Tel: +86 10 65525508
info.china@trustvesta.com