2014 Card and Payments Fraud Forecast

1,792 views

Published on

View this webcast to learn the latest in EMV adoption and effects of card not present (CNP) fraud and how cybercriminals are reacting to emerging market trends.

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,792
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
73
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

2014 Card and Payments Fraud Forecast

  1. 1. 1© Copyright 2014 EMC Corporation. All rights reserved. Julie Conroy Research Director Aite Group Rueben Rodriguez Principal Product Marketing Manager RSA 2014 Card and Payments Fraud Forecast
  2. 2. 2© Copyright 2014 EMC Corporation. All rights reserved. Agenda • EMV: Coming soon to a card near you • E-commerce fraud trends • Best practices for securing payment cards • Case studies in financial and retail
  3. 3. 3© Copyright 2013 EMC Corporation. All rights reserved. EMV: Coming Soon to a Card Near You
  4. 4. ©2014 Aite Group LLC. Page 4 The last G-20 country to embrace the EMV standard
  5. 5. ©2014 Aite Group LLC. Page 5 EMV: Why now? • Interoperability • Mobile payments • Increasing fraud • Decreasing costs
  6. 6. ©2014 Aite Group LLC. Page 6 Important milestones PCI annual assessment forgivenessOctober 2012 Acquirer processing updates in placeApril 2013 Maestro liability shiftApril 2013 POS liability shiftOctober 2015 ATM liability shift (MC)October 2016 ATM liability shift (Visa)October 2017 Fuel dispenser liability shiftOctober 2017
  7. 7. ©2014 Aite Group LLC. Page 7 EMV: Coming Soon Source: Aite Group interviews with payment networks and 18 large U.S. issuers, April to May 2014 0.4% 4% 25% 70% 91% 98% 2012 2013 e2014 e2015 e2016 e2017 Percentage of U.S. Credit Cards with EMVCapability
  8. 8. ©2014 Aite Group LLC. Page 8 EMV’s impact in other countries $245.4 $199.6 $171.5 $152.6 $145.3 $111.5 $128.4 $140.4 $176.1 $259.5 $268.6 $299.4 2008 2009 2010 2011 2012 2013 Changes in Canadian Credit Card Fraud Losses, 2008 to 2013 (In millions of CAD) Source: Canadian Bankers Association
  9. 9. ©2014 Aite Group LLC. Page 9 The U.S. will not be an exception $2.1 $2.6 $2.8 $2.9 $3.1 $3.8 $5.2 $6.4 2011 2012 2013 e2014 e2015 e2016 e2017 e2018 U.S. CNP Credit Card Fraud Losses, 2011 to e2018 (In US$ Billions) Source: Aite Group interviews with payment networks and 18 large U.S. issuers, April to May 2014
  10. 10. 10© Copyright 2013 EMC Corporation. All rights reserved. E-Commerce Fraud Trends
  11. 11. 11© Copyright 2014 EMC Corporation. All rights reserved. Mobile Is The New “Web” • Sky rocketing usage of mobile devices creates a new opportunity for fraudsters • Mobile OS malware and phishing scams on the rise • Criminal underground is all pointing to mobile with web variants – CitMo, ZitMo, Perkele Banking App
  12. 12. 12© Copyright 2014 EMC Corporation. All rights reserved. Bank Mobile Traffic is on the Rise ~25% of confirmed fraud is from the mobile channel
  13. 13. 13© Copyright 2014 EMC Corporation. All rights reserved. Citadel – RSA Underground Analysis Mobile Malware & HTML Injection
  14. 14. 14© Copyright 2014 EMC Corporation. All rights reserved. Citadel
  15. 15. 15© Copyright 2014 EMC Corporation. All rights reserved. Citadel
  16. 16. 16© Copyright 2014 EMC Corporation. All rights reserved. Citadel
  17. 17. 17© Copyright 2014 EMC Corporation. All rights reserved. ZitMO
  18. 18. 18© Copyright 2014 EMC Corporation. All rights reserved. CNP Is Getting The “Squeeze” • Customers don’t just want but demand ability to shop on-line at anytime • Fraud liability and customer convenience are at odds • Fraud is being pushed to the path of least resistance • Ecommerce sites are being manipulated – Stolen card testing – validate card before selling – Buy physical/digital goods with stolen cards • EMV is now in full effect or at least underway
  19. 19. 19© Copyright 2014 EMC Corporation. All rights reserved. • Attacks on ecommerce sites is becoming the norm • Threats come in various forms – Botnet – DDOS – Business logic abuse – Competitive intel & scraping – eCoupons abuse • Very hard to detect or prevent • Impacts to sales and brand are significant Ecommerce Website Attacks On The Rise
  20. 20. 20© Copyright 2014 EMC Corporation. All rights reserved. RSA Survey: Financial & Brand Revenue Impact Average of 5% of total on-line revenues impacted by fraud
  21. 21. 21© Copyright 2014 EMC Corporation. All rights reserved. 3DS Is Evolving…. For both Issuers & Merchants • RSA 3DS card transaction volume has grown 19% YoY • Fraudsters targeting username/password deployments • RSA analysis shows top 3DS fraud focus: – Travel in Europe – “Mail Order” in US • Merchants have significant flexibility – Implications vary based upon which side of the coin you represent • Risk-based authentication is now preferred method • RSA risk-based issuers prevent fraud on average ~$3M+/month
  22. 22. 22© Copyright 2014 EMC Corporation. All rights reserved. Best Practices for Securing Payment Cards
  23. 23. ©2014 Aite Group LLC. Page 23 Technology to the rescue • Application layer • Behavioral analytics • 3-D Secure • Behind the scenes • Tokenization o Issuer o Merchant
  24. 24. ©2014 Aite Group LLC. Page 24 Merchants are embracing these solutions 3% 13% 6% 13% 13% 19% 13% 9% 31% 31% 19% 19% 31% 25% 9% 47% Tokenization Behavioral analytics 3-D Secure Q: Please indicate the effectiveness of each of these technologies at reducing card fraud and data security issues. (n=32) Very low impact Low impact Moderate impact High impact Very high impact No opinion/Don't know Source: Aite Group survey of fraud executives at 36 large merchants, March to May 2014
  25. 25. ©2014 Aite Group LLC. Page 25 Many merchants and FIs are actively deploying technology to mitigate CNP fraud 44% 22% 22% 16% 3% 3% 13% 22% Tokenization (n=26) 3-D Secure (n=20) Q: What is your plan to deploy the following technologies? Using today On the 1- to 2- year roadmap Plan to use, but not in the next 2 years No plansto use Source: Aite Group survey of fraud executives at 36 large merchants, March to May 2014
  26. 26. 26© Copyright 2014 EMC Corporation. All rights reserved. Case Studies
  27. 27. 27© Copyright 2014 EMC Corporation. All rights reserved. 3DS is REAL!! - Case Study For A Card Issuer Protecting Transactions Without The Cardholder Hassle
  28. 28. 28© Copyright 2013 EMC Corporation. All rights reserved.
  29. 29. 29© Copyright 2011 EMC Corporation. All rights reserved. ~400,000
  30. 30. 30© Copyright 2014 EMC Corporation. All rights reserved. Questions and Additional Resources  Join the fraud conversation in the RSA Fraud & Risk Intelligence Community! – https://community.emc.com/co mmunity/connect/rsaxchange/fr aud  Follow the RSA Fraud Research team on Twitter – @RSAFraudAction  Visit the RSA Online Fraud Resource Center – www.emc.com/onlinefraud

×