Our latest research reveals that merchants and card issuers should take a layered approach to mitigating risk, by working with consumers to improve fraud detection and prevention.
Kidnap and ransom insurance at an inflection pointCognizant
By gathering and distilling meaning from the metadata that exists in the digital world, insurance carriers can mitigate risk for companies that have globe-traveling executives.
Automobile insurance: Paradigm Shift and DisruptionArjun Bardhan
The auto insurance industry is going through a phase of disruption that could potentially revolutionize the traditional model of insurance operations. There are multiple factors of the changing society that contribute to this paradigm shift. This white paper elaborates four such changes.
1. Millennials & the changing market
2. Telematics and Usage Based Insurance
3. Autonomous Vehicles
4. Technology in automobile claims
Online Marketing Strategy for Travel Insurance case study of indian travel in...Foresight Opticals
Online Marketing Strategy for Travel Insurance case study of indian travel insurance market with statical figures on market size,competitor analysis,distribution Channel and how to go online Strategy and marketing plan the slide contains comprehensive study on Travel insurance Market in india includng overall market size Offline and online and online Marketing plan to tap Online Travel insurance Market indindia
Kidnap and ransom insurance at an inflection pointCognizant
By gathering and distilling meaning from the metadata that exists in the digital world, insurance carriers can mitigate risk for companies that have globe-traveling executives.
Automobile insurance: Paradigm Shift and DisruptionArjun Bardhan
The auto insurance industry is going through a phase of disruption that could potentially revolutionize the traditional model of insurance operations. There are multiple factors of the changing society that contribute to this paradigm shift. This white paper elaborates four such changes.
1. Millennials & the changing market
2. Telematics and Usage Based Insurance
3. Autonomous Vehicles
4. Technology in automobile claims
Online Marketing Strategy for Travel Insurance case study of indian travel in...Foresight Opticals
Online Marketing Strategy for Travel Insurance case study of indian travel insurance market with statical figures on market size,competitor analysis,distribution Channel and how to go online Strategy and marketing plan the slide contains comprehensive study on Travel insurance Market in india includng overall market size Offline and online and online Marketing plan to tap Online Travel insurance Market indindia
I nostri intervistati si aspettano addirittura un nuovo tipo di
entità assicurativa emergerà entro il prossimo decennio,
come l'Internet delle cose, l'intelligenza artificiale
e blockchain convergono per creare smart, in tempo reale
soluzioni assicurative. Quasi sette su dieci
(69 per cento) ritiene che l'assicurazione verrà nuovamente intermediata
algoritmicamente a intervalli frequenti con un nuovo stile
di aggregatore assicurativo e il 91% si aspetta
questo avverrà entro un periodo di 15 anni.
Mobile Payments: Balancing User Experience & Effective Risk ManagementGeo Coelho
IdentityMind's presentation on balancing User Experience and Effective Risk Management from our joint presentation with Mozido at ETA's TRANSACT15 Conference in San Francisco, April 1, 2015.
This presentation focuses on specific challenges in mobile commerce, and the importance of leveraging consumer data and behavior throughout the transaction to compensate for the shortcomings of traditional fraud analysis in these new environments.
Mobile commerce is growing rapidly worldwide, and growing fastest in unbanked and underbanked demographics. Merchants and Financial Institutions wanting to take advantage of this explosive growth will have to face the technical challenges of mobile- as well as the added risk of servicing these demographics, where a typical lack of industry-reference data is often compounded by a lack of reliable user information.
Together, Mozido and IdentityMind have partnered to create an end-to-end solution to mitigate risk while bringing mobile financial services to global audiences. This solution combines Mozido’s MoTEAF™ Mobile Ecosystem with IdentityMind’s eDNA™ identity-based risk management to leverage consumer data and behavior, and reduce risk at every step of the transaction lifecycle.
Building privacy into consensual tracking for insurance purposes via an in-ca...Browne Jacobson LLP
Why would you want to be spied on? At Privacy Laws & Business 28th Annual International Conference, 6 July 2015, Helena Wootton talks about the data protection aspects of tracking and monitoring driving habits using a ‘black box’.
Source: Privacy Laws & Business UK report, July 2015 - www.privacylaws.com
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...TransUnion
We believe Gartner’s report, “The Growing Problem of Synthetic Identity and First-Party Fraud Masquerades as Credit Losses,” discusses the rise of synthetic identity and first party fraud losses being concealed as credit losses. In Part 2 of this webinar series we will explore Gartner’s recommendations and provide some real-world advice on how you can prepare your business to fight this trend.
In Part 2 of this webinar series, we’ll conclude with:
- Exploring how to battle synthetic identities and first party fraud
- Reviewing Gartner’s recommendations for building a comprehensive fraud prevention strategy
- Looking at some specific capabilities for helping to stop this type of fraud
*Gartner: Take a New Approach to Establishing and Sustaining Trust in Digital Identities, Tricia Phillips, Danny Luong, 1 March 2018.
NEC Public Safety | Facing the Odds in Gaming IndustryNEC Public Safety
For casino gaming operators, facial recognition is a tool that can empower them to transform how they operate and find new answers in a complex environment. This paper aims to present how the technology can answer some the most pressing challenges facing a global casino gaming market. Brought to you by NEC. To find out more, do visit http://www.nec.com/safety
CGAP Brief: The Emerging Global Landscape of Mobile MicroinsurancePeter Zetterli
This CGAP Brief provides an early look at the rapidly evolving global landscape for mobile microinsurance, which has generated dramatic takeup in several countries and points to significant promise in new digital distribution models for insurance to poor and low-income populations in developing countries.
Product Brochure_Fraud in Global B2C E-Commerce and Online Payment 2014yStats.com
The report, “Fraud in Global B2C E-Commerce and Online Payment 2014” shows that as online retail revenue is increasing at double digit growth rates globally, and is expected to total nearly 2 trillion Euros in the next four years, fraud is also increasing. The potential for fraud causes many prospective shoppers to stay away from online sales, and is forcing merchants to establish fraud prevention measures.
DailySocial in cooperation with JakPat has conducted a survey on non-Credit Card Installment Programs for e-commerce transactions among Indonesian consumers. Our survey has found that although only a small percentage of Indonesian online consumers currently have a credit card, quite a number of consumers have taken advantage of non-Credit Card installment programs.
Traditionally, lotteries and betting products have been sold via stores and partners, such as bars or tobacco shops depending of the regulation. But the industry pace have radically changed with the IoT and the arrival of the Millennial Generation -or Gen. Z- requesting for a 24 hours, 7 days a week engagement with the brand. The idea of transversal digital channels it´s a trending topic discussion for the companies and stakeholders. In the current era of digital age and products, the threat of substitutes in this sector is very strong, as any leisure activity can act this way with minimal switching costs for the players.
Desde el año pasado, sentía que para nuestra comunidad GeneXus se estaban abriendo grandes oportunidades, que esa historia la habíamos vivido en los 90 con los Generadores RPG y Cobol y se estaba repitiendo. El mes pasado Marcos Abellón, que en los noventa era ingeniero de ventas en Brasil me comenta, luego de ver una Demo: "esta historia la viví"
I nostri intervistati si aspettano addirittura un nuovo tipo di
entità assicurativa emergerà entro il prossimo decennio,
come l'Internet delle cose, l'intelligenza artificiale
e blockchain convergono per creare smart, in tempo reale
soluzioni assicurative. Quasi sette su dieci
(69 per cento) ritiene che l'assicurazione verrà nuovamente intermediata
algoritmicamente a intervalli frequenti con un nuovo stile
di aggregatore assicurativo e il 91% si aspetta
questo avverrà entro un periodo di 15 anni.
Mobile Payments: Balancing User Experience & Effective Risk ManagementGeo Coelho
IdentityMind's presentation on balancing User Experience and Effective Risk Management from our joint presentation with Mozido at ETA's TRANSACT15 Conference in San Francisco, April 1, 2015.
This presentation focuses on specific challenges in mobile commerce, and the importance of leveraging consumer data and behavior throughout the transaction to compensate for the shortcomings of traditional fraud analysis in these new environments.
Mobile commerce is growing rapidly worldwide, and growing fastest in unbanked and underbanked demographics. Merchants and Financial Institutions wanting to take advantage of this explosive growth will have to face the technical challenges of mobile- as well as the added risk of servicing these demographics, where a typical lack of industry-reference data is often compounded by a lack of reliable user information.
Together, Mozido and IdentityMind have partnered to create an end-to-end solution to mitigate risk while bringing mobile financial services to global audiences. This solution combines Mozido’s MoTEAF™ Mobile Ecosystem with IdentityMind’s eDNA™ identity-based risk management to leverage consumer data and behavior, and reduce risk at every step of the transaction lifecycle.
Building privacy into consensual tracking for insurance purposes via an in-ca...Browne Jacobson LLP
Why would you want to be spied on? At Privacy Laws & Business 28th Annual International Conference, 6 July 2015, Helena Wootton talks about the data protection aspects of tracking and monitoring driving habits using a ‘black box’.
Source: Privacy Laws & Business UK report, July 2015 - www.privacylaws.com
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...TransUnion
We believe Gartner’s report, “The Growing Problem of Synthetic Identity and First-Party Fraud Masquerades as Credit Losses,” discusses the rise of synthetic identity and first party fraud losses being concealed as credit losses. In Part 2 of this webinar series we will explore Gartner’s recommendations and provide some real-world advice on how you can prepare your business to fight this trend.
In Part 2 of this webinar series, we’ll conclude with:
- Exploring how to battle synthetic identities and first party fraud
- Reviewing Gartner’s recommendations for building a comprehensive fraud prevention strategy
- Looking at some specific capabilities for helping to stop this type of fraud
*Gartner: Take a New Approach to Establishing and Sustaining Trust in Digital Identities, Tricia Phillips, Danny Luong, 1 March 2018.
NEC Public Safety | Facing the Odds in Gaming IndustryNEC Public Safety
For casino gaming operators, facial recognition is a tool that can empower them to transform how they operate and find new answers in a complex environment. This paper aims to present how the technology can answer some the most pressing challenges facing a global casino gaming market. Brought to you by NEC. To find out more, do visit http://www.nec.com/safety
CGAP Brief: The Emerging Global Landscape of Mobile MicroinsurancePeter Zetterli
This CGAP Brief provides an early look at the rapidly evolving global landscape for mobile microinsurance, which has generated dramatic takeup in several countries and points to significant promise in new digital distribution models for insurance to poor and low-income populations in developing countries.
Product Brochure_Fraud in Global B2C E-Commerce and Online Payment 2014yStats.com
The report, “Fraud in Global B2C E-Commerce and Online Payment 2014” shows that as online retail revenue is increasing at double digit growth rates globally, and is expected to total nearly 2 trillion Euros in the next four years, fraud is also increasing. The potential for fraud causes many prospective shoppers to stay away from online sales, and is forcing merchants to establish fraud prevention measures.
DailySocial in cooperation with JakPat has conducted a survey on non-Credit Card Installment Programs for e-commerce transactions among Indonesian consumers. Our survey has found that although only a small percentage of Indonesian online consumers currently have a credit card, quite a number of consumers have taken advantage of non-Credit Card installment programs.
Traditionally, lotteries and betting products have been sold via stores and partners, such as bars or tobacco shops depending of the regulation. But the industry pace have radically changed with the IoT and the arrival of the Millennial Generation -or Gen. Z- requesting for a 24 hours, 7 days a week engagement with the brand. The idea of transversal digital channels it´s a trending topic discussion for the companies and stakeholders. In the current era of digital age and products, the threat of substitutes in this sector is very strong, as any leisure activity can act this way with minimal switching costs for the players.
Desde el año pasado, sentía que para nuestra comunidad GeneXus se estaban abriendo grandes oportunidades, que esa historia la habíamos vivido en los 90 con los Generadores RPG y Cobol y se estaba repitiendo. El mes pasado Marcos Abellón, que en los noventa era ingeniero de ventas en Brasil me comenta, luego de ver una Demo: "esta historia la viví"
This training module is part of the M-CARE Personal Care Giver training, as developed in the context of the M-CARE project (mcare-project.eu). You can access the learning platform and online toolbox via www.pcgcare.eu.
This project (M-Care - 539913-LLP-1-2013-1-TR-LEONARDO-LMP) has been funded with support from the European Commission. This communication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
OTC Derivatives: Evaluating the Impact of New Regulation in Europe, Thomas He...DerivSource
Thomas Heinatz, Senior Manager, PwC
Presentation at the DerivSource/Omgeo briefing 'OTC Derivatives: Evaluating the Impact of New Regulation in Europe' held in Frankfurt on November 13th 2013.
Primary focus of the conference is analysing the market of pharma industries, growth of the market in global and spending money by pharma industries in market, different kind of media are using to promote the products to reach customers directly. The conferences provide a platform to detail the research work of expertise and analysts from various scientific backgrounds and the same can be perceived by young researchers and students. The conference mainly aims to provide knowledge on pharma marketing In course of research work and therefore pharma market 2016 would be a perfect venue to share and develop knowledge and innovative thoughts on pharma marketing.
Military electro optical or infrared systems market 2020bertharrison
Military Electro-Optical / Infrared Systems Market (Industry) http://www.researchbeam.com/military-electro-optical-infrared-systems-mnm-market . This report offers Military Electro-Optical / Infrared Systems Market - Type (Image Intensification, Laser, Infrared) , by System (Imaging and Non-Imaging) , by Sensor Technology (Scanning, Starring, Multispectral, Hyper spectral) , by Platform (Airborne, Land-based, Naval) - Forecast to 2020.
This report provides a market analysis of the military electro-optic/infrared systems market over the next six years. It contains a detailed analysis of the drivers, challenges, and restraints that affect the industry, along with their impact from the short, medium, and long term perspectives landscapes.
It also discusses the industry, market, and technology trends that currently prevail in the market. The report provides vital information on key trends related to sensor and imaging technologies. It is expected that advancements in the sensor technologies would shape and influence the said market. The report also analyses the market with a special focus on the non-imaging and imaging systems, wherein the EO/IR systems are expected to be deployed.
Request For Sample Report @ http://www.researchbeam.com/military-electro-optical-infrared-systems-mnm-market/enquire-about-report
This report also highlights the industry value chain, supply chain, with a detailed PEST analysis and market life cycle analysis of the military electro-optical/infrared systems market. Another aspect which is elucidated is the illustrative segmentation, geographical analysis, and forecast of the major markets to provide an overall view of the global market.
Request For Discount @ http://www.researchbeam.com/military-electro-optical-infrared-systems-mnm-market/purchase-enquiry
Rahama Haruna es un ejemplo de perseverancia y optimismo a pesar de que la naturaleza no le haya dotado de todo lo que entendemos como imprescindible para desenvolvernos como personas en la vida.
The Internet of Things: A Prime Opportunity for Merchant AcquirersCognizant
For merchants, the Internet of Things’ vast connectivity makes it easy for consumers to purchase within an environment that is intuitive, familiar and comfortable. For acquirers, there is the opportunity to provide various interfaces for accepting payments from all connected touchpoints -- creating an omnichannel experience for customers.
Fast Fraud and Merchants: How to Stop Your Next Biggest Threat (White Paper)Vesta Corporation
What is fast fraud and why is your business at risk? Fast fraud occurs when criminals take advantage of weaknesses in online and mobile commerce fraud prevention systems.
Here’s why you need to read Vesta’s latest white paper today:
1) Fast fraud is retail’s next big threat. What does that mean to your business?
2) How fast fraud threatens you and your customers
Why traditional fraud solutions won’t work
3) Discover tips to help you get started on a fast fraud solution
Learn more at http://info.trustvesta.com/fastfraud
This is a presentation by Bizuneh Bekele, ePayment and FinTech Development Consultant, DigiFinance Africa, at the 3rd Annual East Africa Finance Summit
An in-depth discussion of the key trends driving card-not-present transactions and the subsequent increase in demand for smart transaction security solutions; includes a detailed review of the various transaction security technologies and solutions available for merchants and issuers
FraudDECK includes pre-packaged business workflows for transaction surveillance across ATM & POS channels. It can be extended to facilitate surveillance of fraudulent transactions on other channels like mobile banking or payment transactions like Wire fraud or AML. For more information please visit: http://www.esq.com/transaction-surveillance/
Digital Payment Market size is projected to reach US$ 24.31 Trillion by 2030, according to Renub Research. The digital payments industry has experienced speedy expansion due to Internet evolution and increased e-commerce. Digitalization has brought about diverse digital payment alternatives, including payment cards, virtual and mobile wallets, digital cash, and contactless methods.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
This presentation explores what future of commerce may look like given the current trends in mobile devices, digital payments, social commerce and security including tokenization and new forms of identity verification
Main Street vs. Wall Street: Who is to Blame for Data Breaches?Brunswick Group
Our analysis of major data breaches at US publicly traded companies offers rare insight into how consumers apportion responsibility for preventing data breaches. Key findings from the survey include:
• Ninety-four percent of consumers surveyed are concerned about retail data breaches.
• Consumers are nearly as likely to hold retailers responsible for data breaches (61 percent) as the criminals themselves (79 percent). Only 34 percent blame the banks that issue debit and credit cards.
• Seventy-five percent believe that retailers are not doing enough to prevent infiltrations into their customer data and payment systems.
• Seventy percent of respondents believe that retailers should be held financially responsible for consumer losses that result from a breach; not banks or card issuers.
• Finally – and most troubling – 34 percent of those surveyed report that they no longer shop at a specific retailer due to a past data breach issue.
Using Adaptive Scrum to Tame Process Reverse Engineering in Data Analytics Pr...Cognizant
Organizations rely on analytics to make intelligent decisions and improve business performance, which sometimes requires reproducing business processes from a legacy application to a digital-native state to reduce the functional, technical and operational debts. Adaptive Scrum can reduce the complexity of the reproduction process iteratively as well as provide transparency in data analytics porojects.
It Takes an Ecosystem: How Technology Companies Deliver Exceptional ExperiencesCognizant
Experience is evolving into a strategy that reaches across technology companies. We offer guidance on the rise of experience and its role in business modernization, with details on how orgnizations can build the ecosystem to support it.
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...Cognizant
The T&L industry appears poised to accelerate its long-overdue modernization drive, as the pandemic spurs an increased need for agility and resilience, according to our study.
Enhancing Desirability: Five Considerations for Winning Digital InitiativesCognizant
To be a modern digital business in the post-COVID era, organizations must be fanatical about the experiences they deliver to an increasingly savvy and expectant user community. Getting there requires a mastery of human-design thinking, compelling user interface and interaction design, and a focus on functional and nonfunctional capabilities that drive business differentiation and results.
The Work Ahead in Manufacturing: Fulfilling the Agility MandateCognizant
According to our research, manufacturers are well ahead of other industries in their IoT deployments but need to marshal the investment required to meet today’s intensified demands for business resilience.
The Work Ahead in Higher Education: Repaving the Road for the Employees of To...Cognizant
Higher-ed institutions expect pandemic-driven disruption to continue, especially as hyperconnectivity, analytics and AI drive personalized education models over the lifetime of the learner, according to our recent research.
Engineering the Next-Gen Digital Claims Organisation for Australian General I...Cognizant
In recent years, insurers have invested in technology platforms and process improvements to improve
claims outcomes. Leaders will build on this foundation across the claims landscape, spanning experience,
operations, customer service and the overall supply chain with market-differentiating capabilities to
achieve sustainable results.
Profitability in the Direct-to-Consumer Marketplace: A Playbook for Media and...Cognizant
Amid constant change, industry leaders need an upgraded IT infrastructure capable of adapting to audience expectations while proactively anticipating ever-evolving business requirements.
Green Rush: The Economic Imperative for SustainabilityCognizant
Green business is good business, according to our recent research, whether for companies monetizing tech tools used for sustainability or for those that see the impact of these initiatives on business goals.
Policy Administration Modernization: Four Paths for InsurersCognizant
The pivot to digital is fraught with numerous obstacles but with proper planning and execution, legacy carriers can update their core systems and keep pace with the competition, while proactively addressing customer needs.
The Work Ahead in Utilities: Powering a Sustainable Future with DigitalCognizant
Utilities are starting to adopt digital technologies to eliminate slow processes, elevate customer experience and boost sustainability, according to our recent study.
AI in Media & Entertainment: Starting the Journey to ValueCognizant
Up to now, the global media & entertainment industry (M&E) has been lagging most other sectors in its adoption of artificial intelligence (AI). But our research shows that M&E companies are set to close the gap over the coming three years, as they ramp up their investments in AI and reap rising returns. The first steps? Getting a firm grip on data – the foundation of any successful AI strategy – and balancing technology spend with investments in AI skills.
Operations Workforce Management: A Data-Informed, Digital-First ApproachCognizant
As #WorkFromAnywhere becomes the rule rather than the exception, organizations face an important question: How can they increase their digital quotient to engage and enable a remote operations workforce to work collaboratively to deliver onclient requirements and contractual commitments?
Five Priorities for Quality Engineering When Taking Banking to the CloudCognizant
As banks move to cloud-based banking platforms for lower costs and greater agility, they must seamlessly integrate technologies and workflows while ensuring security, performance and an enhanced user experience. Here are five ways cloud-focused quality assurance helps banks maximize the benefits.
Getting Ahead With AI: How APAC Companies Replicate Success by Remaining FocusedCognizant
Changing market dynamics are propelling Asia-Pacific businesses to take a highly disciplined and focused approach to ensuring that their AI initiatives rapidly scale and quickly generate heightened business impact.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...Cognizant
Intelligent automation continues to be a top driver of the future of work, according to our recent study. To reap the full advantages, businesses need to move from isolated to widespread deployment.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...
Secure Payments: How Card Issuers and Merchants Can Stay Ahead of Fraudsters
1. Secure Payments: How Card
Issuers and Merchants Can
Stay Ahead of Fraudsters
Against a backdrop of growing vulnerability to fraud and
breaches, merchants and card issuers must reinforce their
secure payments infrastructure and processes, or risk losing
customers to the competition. The best way forward is a
layered approach in which commercial enterprises work with
consumers to mitigate risk and improve fraud detection and
prevention, our latest research reveals.
2. 2 KEEP CHALLENGING January 2016
Executive Summary
Amid the continuing cat-and-mouse game of fraudsters probing
payment infrastructures for vulnerabilities, as well as the passage
of the EMV1
chip card migration deadline, the payments industry
continues its struggle to plug security gaps. Criminals have upped
their game and are attacking organizations on multiple fronts, and
finding new ways to exploit loopholes in new technologies, even
as organizations embrace them. This has increased organizations’
risk exposure, undermined consumer confidence in merchants and
issuers, and threatened the integrity of the global payments industry.
To better understand the current state of payment security, we
recently surveyed 509 U.S. consumers, 50 issuers and 52 merchants
and acquirers. The survey findings were quite revealing:
• Merchants have been slow to adopt technologies such as
EMV, encryption and tokenization, even though these tools
and techniques can enhance data security at various stages
of the payment lifecycle. On the issuer side, the EMV shift is
taking longer than expected due to large installed bases and the
associated card replacement costs. Fewer than 50% of issuers
said they would replace magnetic-stripe cards completely by the
end of 2015.
• Merchants (66%) and issuers (78%) believe that as online
shopping increases, fraud will shift to card-not-present (CNP)
transactions such as online and mobile commerce —
regardless of EMV adoption — because criminals
typically exploit new payments areas that offer the
lowest resistance to fraud.
• Card issuers and merchants admit to a lack of an
in-depth understanding not only of the emerging
vulnerabilities but also the solutions required to
prevent new forms of fraud. They also expressed
low confidence in existing processes and solutions
that can prevent fraud and data breaches. As a result,
they plan to employ technologies such as artificial
intelligence and advanced analytics, in addition to
empowering consumers with tools to monitor and
control their cards/accounts effectively.
• On the flip side, consumers exhibit less confidence in the
payment security provided by merchants than that of issuers.
They claim to be interested in taking charge of their card/account
security and want to be better armed with tools to defend
themselves against fraud.
• Consumers also reaffirmed the conventional wisdom that
they are reluctant to shop at stores affected by fraud or data
breaches. On the card issuer side, more than 80% of consumers
are likely to shift to a competitor if their account security is
compromised.
While merchants and
issuers have put several
security measures in place,
a rapidly evolving payments
landscape, combined with
fraudsters’ increasing
sophistication, warrants
additional measures.
3. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 3
Overall, the survey clarifies the key concerns of merchants, issuers
and customers and paints a composite picture of the array of initia-
tives underway to overcome security concerns (see Figure 1).
While merchants and issuers have put several security measures in
place, a rapidly evolving payments landscape, combined with fraud-
sters’ increasing sophistication, warrants additional measures. We
believe merchants and issuers should adopt a holistic approach
that addresses all potential vulnerabilities and secures personal and
transactional data throughout the payments lifecycle.
For merchants, this involves adopting a layered security approach,
using a combination of EMV, tokenization and encryption to protect
“card-present” transactions, as well as applying multi-factor authen-
tication and internal fraud prevention tools to secure CNP transac-
tions. Issuers should continue to strengthen their fraud monitoring
and prevention systems and consider centralizing their anti-fraud
efforts, in addition to providing customers with mobile tools and
apps to control their account/card usage. Merchants and issuers
should take it upon themselves to increase fraud awareness by con-
tinuously educating and communicating with customers.
4. 4 KEEP CHALLENGING January 2016
Digital Invades the Payments Landscape
A slew of technological innovations is sweeping the U.S. payments space, originat-
ing from financial technology (fintech) companies, established technology giants
and mobile phone carriers, as well as merchants, social media businesses and non-
banking players. All are seeking a share of the $354 billion North American retail
payments market.2
Players such as Apple, Google, PayPal and Venmo are pushing
the envelope by introducing innovative solutions that offer quicker and less expen-
sive payments and money transfers (P2P payments). In fact, Wall Street banks
are investing heavily in upstart fintech companies, which are expected to gain
$4.7 trillion in annual revenues from traditional financial services companies,
according to Goldman Sachs estimates.3
Our study finds that merchants are beginning to support mobile payments (using
technologies such as NFC, QR codes and beacons) for in-store payments. Apple Pay
has established itself within a year of its launch (see Figure 2) as a go-to payments
option. Nearly 60% of merchants said support of mobile payments was important
or very important to their overall growth strategy. Currently, 44% of merchants
support mobile payments, and 85% expect to do so by the end of 2016.
Moreover, more merchants are planning to add mobile point-of-sale (PoS) capabili-
ties in their stores. M-commerce and e-commerce merchants are also beginning to
support mobile payments.
Big banks, which had sat on the sidelines, are now gearing up to launch their own
payment solutions (mobile wallets), in addition to supporting partners’ mobile wal-
lets to provide customers with more choices. Our study reveals that about 54% of
banks plan to offer mobile payment solutions (see Figure 3).
5. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 5
Digital currencies and cryptocurrencies are gaining acceptance as demand
increases for faster and lower cost global money transfers. Despite their question-
able origins, inherent flaws and controversies, digital currencies such as Bitcoin are
being positioned as solutions to some of the payments industry’s long-standing
problems, such as the extended processing times typically associated with checks
and credit cards. Digital currencies allow users to transfer money, as little as a
penny at a time, anywhere in the world within minutes. These transactions do not
involve banks, and users are typically charged a nominal fee.4
Digital currencies
can offer merchants a range of benefits over credit and debit cards. These include:
Lower transaction fees. As there is no dependency on a trusted third-party,
fees can be less than a dollar, compared with credit card fees of 2% to 5% and
other charges.
Better transaction security. The use of cryptographic algorithms makes digital
currencies more secure. Further, users do not need to disclose any personally
identifiable information.
Faster transaction settlement and relief from costly chargebacks and
purchase returns. This is possible because payments do not include credit card
numbers or bank transactions.
Another looming threat – and opportunity – is the emergence of the Internet of
Things (IoT), which will lead to many connected devices and even wearables being
equipped with payment capabilities. (For more on this topic, read our white paper
“Gearing up for the Internet of Payments.”) For instance, MasterCard has launched
a program to turn a vast array of consumer products, such as wristbands, key fobs
and jewelry, into payment devices.5
Visa is working on a connected car solution that
allows consumers to pay for fuel, food, parking, etc. from their vehicles.6
Microchip
implantation in humans is already a reality, with individuals and employees (e.g.,
Sweden-based Epicenter) using them to operate equipment such as phones, com-
puters and photocopiers, as well as unlock doors and pay for food. The IoT’s endless
possibilities are set to radically change the way payments are made in the future.
Rising Threat of Fraud and Data Breaches
As merchants and issuers try to take advantage of the opportunities presented
by the shifting payments landscape, they should be mindful of the lurking risks.
Fraudsters are becoming increasingly sophisticated and are attacking merchants
and issuers on many fronts.
Cost of Fraud and Data Breaches
The U.S. accounts for about 48% ($7.9 billion) of the global gross card fraud loss,
although it represents only 21% ($6.2 trillion) of total card purchases.7
This is
primarily due to the card industry’s continued dependence on older magnetic-stripe
technology. This makes extracting sensitive card data easier for thieves who can use
it to make CNP purchases and create counterfeit cards for card-present transactions.
The average cost of fraud for merchants increased by 94% during 2014 through
2015, undercutting 1.32% of revenues.8
Criminals are also using malware to break into merchants’ networks and steal card
and customer details stored in back-end databases. Recent high-profile data breaches
involved the installation of malware at PoS terminals — most of which still run out-
dated operating systems such as Windows XP — or database systems to copy large
volumes of card data and customer records.9
The average data breach cost to U.S.
businesses increased by about 10% from $5.85 million in 2014 to $6.53 million in
2015.10
Data breaches often lead to fraud, as criminals use stolen card data for pur-
chases, as is reported to be the case at Home Depot.11
6. 6 KEEP CHALLENGING January 2016
Chances of Switching Banks if Online Account Is Compromised
Figure 5
Source: Cognizant Research Center
Response Base: 509
Highly likely Likely No Do not know
30% 58% 6% 6%
The impact of fraud and data breaches goes beyond hefty chargebacks, penal-
ties, stolen customer data and goods, and other financial and operational costs.
It causes irreparable damage to an organization’s reputation. Our study puts this
in sharp relief.
Merchants affected by fraud or a data breach often struggle to regain customer
trust. Consumers are particularly reluctant to return to merchants when their
own data has been stolen (see Figure 4). In the case of banks, most customers
are likely to switch to the competition if their online account is compromised
(see Figure 5).
CNP Fraud: Poised to Explode
As the U.S. slowly adopts EMV to block card-present fraud, history reveals that
fraud will shift to other payment channels with weaker defenses. CNP transactions
are the obvious target because they only require a card number and CVV (card
verification value) to make payments. While counterfeit card fraud declined by
more than half in the UK from 2005 to 2008 after transitioning to EMV, the region
also witnessed a 79% spike in CNP fraud in that timeframe. Canada, France and
Australia witnessed similar spikes.12
7. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 7
Thieves have increased cross-border fraud in the U.S., which involves using stolen
card data to conduct fraudulent transactions in another country, either through
counterfeit cards or online purchases. As more U.S. merchants embrace EMV tech-
nology, which offers protection against counterfeit cards, CNP transactions are
expected to become a bigger target for fraud.
Moreover, as merchants support new payment approaches across physical and digi-
tal channels, they are exposed to greater fraud risk. For instance, mobile payments
accounted for just 14% of overall m-commerce transactions in 2014, but contrib-
uted to 21% of total fraudulent transactions.13
Further, chargeback rates for CNP
transactions are higher than card-present transactions, which increases fraud costs
for e-commerce and m-commerce players.
Our study reveals that about 78% of issuers and 66% of merchants believe CNP
fraud will grow regardless of EMV adoption as virtual transactions increase and
criminals hunt for new opportunities. Further, the growth in cross-border e-com-
merce and new forms of payments are likely to increase CNP fraud.
Fighting Fraud: Security Improvement Measures
Recent instances of fraud and high-profile data breaches have served as a wakeup
call for the payments industry, which has started taking serious measures to
improve security. Along with accelerating the mandatory shift to EMV, the indus-
try is focusing on encryption, tokenization and multi-factor authentication, along
with a host of internal tools and controls to limit fraud and improve transactional
security.
Our research found that merchants and issuers are taking varying approaches to
securing payments and shoring up their infrastructure and process vulnerabilities.
Merchants
Many merchants are implementing technologies such as EMV, tokenization and
encryption to combat card-present fraud but are unprepared to deal with rapidly
evolving CNP fraud.
EMV: The U.S. is the last major country to adopt EMV chip technology in its
payment cards. EMV cards contain embedded chips that generate a one-time
code required to approve a transaction when used at an EMV-enabled PoS
terminal. This validates the integrity of the card and prevents fraud through
counterfeit cards. Also, as of Oct. 1, 2015, merchants and issuers that have
migrated to EMV are exempted from financial liability for any card-present fraud.
» Adoption: Nearly 80% of acquirers are working with their merchants on EMV
migration and are focused on high-risk segments, such as retail, gambling
and hospitality. Educating merchants about the ramifications of liability shift
and changes to chargeback processing is still a work in progress for many
acquirers.
Encryption: Point-to-point encryption involves scrambling payment data as
soon as it enters the PoS terminal to minimize exposure to sensitive data. The
data is then sent via a secured network for processing, where it is decrypted by
the payment processor securely without intermediaries. This protects data from
hackers or other outsiders as it moves between various entities in the payments
network.
» Adoption: Nearly half of the merchants we surveyed have fully implemented
encryption (see Figure 6, next page).
8. 8 KEEP CHALLENGING January 2016
Merchants' Adoption of Tokenization
Figure 7
Source: Cognizant Research Center
Note: Percentages do not add up to 100 due to rounding.
Response Base: 52
Don’t know
17%
27%
In progress
19%
Planning to implement
19%
No plans
17%
Fully implemented
Tokenization: Merchants store large amounts of card data in their back-end
systems for reconciliation, chargebacks, customer service, loyalty schemes, etc.,
making these systems an attractive target for criminals. Even if merchants encrypt
payment data, the key must be stored with the data, which exposes it to theft.
Tokenization – which involves replacing sensitive cardholder data, such as
permanent account numbers (PAN), with randomly generated alphanumeric
characters (tokens) – greatly reduces the burden of storing sensitive data
in-house. The merchant sends PAN data to a token service provider (TSP), which
returns a non-sensitive token and stores the PAN in a highly secured database
called a token vault. Merchants can use this token in place of the actual card
numbers, so that even if thieves managed to steal the tokens, they would only
find random numbers that are worthless outside the payments environment.
» Adoption: About 46% of merchants surveyed have either fully implemented
or are in the process of implementing tokenization (see Figure 7).
On-premise solutions are the preferred deployment model for about half
of merchants that have already implemented or are planning to implement
tokenization (see Figure 8, next page). Terminal vendor solutions (36%) and
product solutions implemented in-house (36%) are the preferred tokeniza-
tion standards vs. acquirer or in-house developed solutions.
9. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 9
Securing E-commerce and M-commerce Transactions
The merchants we surveyed use various tools to prevent e-commerce and m-com-
merce fraud (see Figure 9, next page). Address verification services (AVS) and card
verification are still the most widely used solutions even for m-commerce, despite
the fact that m-commerce and e-commerce pose very different fraud risks.
Since CNP fraud is expected to increase, merchants and financial institutions must
consider advanced and more reliable authentication solutions or multi-factor
authentication, using tools such as device authentication and biometrics. However,
these tools are not in wide use. For instance, biometrics has been adopted by only
5% of the e-commerce merchants we surveyed.
Issuers
Issuers are working to address card-present fraud by replacing magnetic-stripe
cards with new EMV chip cards. They are also providing customers with mobile
tools that enable better control over their card/account security.
EMV: The annual cost of counterfeit card fraud in 2015 was $3.6 billion.14
In the case of card-present fraud, issuers bear a larger share of fraud
losses than merchants, which reinforces the need to quickly replace
magnetic-stripe cards with EMV chip cards.
However, issuers are replacing magnetic-stripe cards at a glacial pace due
to high costs and a large customer base. Approximately 70% of issuers have
replaced less than 25% of magnetic-stripe credit and debit cards with EMV
cards, according to our research (see Figure 10, page 11). Only 42% of issuers
indicated they will replace magnetic-stripe cards completely by year-end-2015,
while another 38% said they plan to do so by year-end-2016.
Many issuers are using more than one criterion for replacing magnetic-stripe
cards with EMV chip cards. Only 42% said they are proactively replacing existing
cards before they expire (see Figure 11, page 11).
Tokenization: Issuers have historically been wary of tokenization, as they
believed the approach ceded too much control to card networks that also act
as TSPs. They were also concerned about strong consumer brands (e.g., Apple,
Google, etc.) coming between them and their customers in the emerging
m-wallet space. However, the benefits of tokenization in reducing issuer and
customer risk, as well as securing actual card data, appear to have mitigated
issuer concerns.
Our research finds that 64% of issuers are currently using tokenization. Visa/
MC/Amex tokenization approach is the preferred solution, followed by product
solutions implemented in-house (see Figure 12, page 12).
10. 10 KEEP CHALLENGING January 2016
Securing E-Commerce and M-Commerce Transactions
While EMV will reduce card-present fraud, issuers must brace themselves for an
onslaught of CNP fraud. Our research reveals that issuers plan to implement the
latest fraud prevention solutions (i.e., artificial intelligence to improve fraud detec-
tion) in the near future, along with traditional tools such as rules-based alerts and
analytics to combat CNP fraud (see Figure 13, page 12).
11. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 11
Issuers are already using various customer authentication methods to prevent CNP
fraud, with device authentication being the most used (see Figure 14, next page).
Adoption of solutions that offer better protection of CNP fraud, such as 3-D Secure
and biometrics, is still very low.
Empowering Customers
In addition to investing in security improvements, 46% of the issuers we surveyed
are trying to empower customers with more control over their cards/accounts.
Techniques include mobile tools and apps that allow customers to switch cards
on and off remotely, and providing mobile alerts to customers when they detect
suspicious activity (see Figure 15, page 13).
Among issuers offering such controls, 43% said a majority of their customers
use them, and 48% report only partial adoption. Such tools can lead to improved
loyalty, as noted by 75% of customer respondents, in addition to reducing the
financial and security burden on banks.
13. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 13
When asked who should be
accountable for fraud, 54% of
consumers indicated that banks
and merchants are equally
responsible. However, 30% of
customer believe merchants
alone are responsible.
Confidence in Current Security Measures:
A Reason to Worry
Merchants and issuers believe they are inadequately prepared to deal with growing
security threats. Only 37% of merchants are very confident of their current fraud
and data breach solutions (see Figure 16, next page). Issuers are more confident
in card fraud prevention solutions than in CNP fraud solutions (see Figure 17, next
page), but overall confidence is still low. Further, 60% of issuers do
not know whether their organization takes an integrated or siloed
approach to fraud prevention that incorporates different fraud
prevention solutions for different payment channels.
When customers were asked how confident they were in the ability
of issuers and merchants to protect sensitive data, 60% expressed
high to very high confidence in issuers. When asked who should
be accountable for fraud protection, about half (54%) of consum-
ers placed equal responsibility on banks and merchants, while a
third believe merchants alone are responsible (see Figure 18, next
page). Interestingly, more customers are concerned about security
when shopping on their mobile device than online and in physical
stores (see Figure 19, page 15).
Consumers affected by fraud indicated that issuers were more quick to respond
than merchants (see Figure 20, page 15); in fact, nearly one-third said merchants
did not respond at all. In addition to communicating with customers, issuers are also
taking swift remedial measures, our survey finds. Following the recent Apple Pay
fraud, 34% of issuers developed more stringent Apple Pay sign-up processes for
customers adding cards; 46% said they are now working with mobile payment
companies to improve security.
Key Areas of Vulnerability
Despite the adoption of EMV, tokenization and encryption to secure data across
the transaction lifecycle (see Figure 21, page 15), data vulnerability still requires
organizational attention (see Figure 22, page 16), whether because of technology
limitations or improper implementation. For example, in 2011, criminals in Belgium
rigged EMV chip cards to accept any PIN input, as well as talk to the card issuer
to gain transaction authorization.15
Card data can still be stolen from non-EMV
merchants, while lost or stolen EMV cards can be used to make purchases in
physical stores, as many card issuers support customer signatures instead of a PIN.
14. 14 KEEP CHALLENGING January 2016
Merchant Confidence in Processes and Solutions Used to Prevent Fraud and
Data Breach Solutions
Figure 16
Note: Percentages do not add to 100 due to rounding.
Source: Cognizant Research Center
Response Base: 52
Very confident Somewhat confident
37% 58%
Not very confident
6%
Customer Opinion on Who is More Accountable for Fraud
Figure 18
Source: Cognizant Research Center
Response Base: 509
Both equally Retailers/merchants Do not know
54% 30% 10%
Banks
6%
However, merchants that have not yet implemented any of the above technologies
must review all the channels and links that carry card data and secure them using
a holistic approach.
16. 16 KEEP CHALLENGING January 2016
A Holistic Approach to Addressing Payment
Security Challenges
Because the types of vulnerability in the payments ecosystem are both complex and
evolving, it is imperative that merchants and issuers consider a holistic approach to
address the risks. We suggest the following:
Merchants should adopt a layered security approach to prevent fraud and ensure
secure payment data.
Issuers should continue to improve their fraud monitoring and detection
measures by centralizing fraud prevention efforts, and deploying real-time and
behavioral analytics.
Merchants and issuers should increase fraud awareness among cardholders by
educating, empowering and engaging with them continuously.
Merchant Strategy: A Layered Security Approach
Because no single solution exists that offers complete protection, we believe mer-
chants should fortify payment security with multiple lines of defense, culminating
in a layered approach.
Securing card-present transactions. A layered approach to securing card-pres-
ent transactions involves using EMV, tokenization and encryption. Organizations
Assessing Vulnerabilities
Transaction Phase Key Points of Vulnerability
Pre-Authorization: Request initiated for
transaction authorization.
PoS device: The physical device that captures payment card credentials
in a physical store.
CNP channels: Virtual PoS, such as e-commerce websites, m-commerce
apps, etc., that capture card credentials.
Mobile devices: Smartphones, tablets and other smart devices used to
execute transactions and run apps that store and manage token creden-
tials.
Authorization Processing: Captured
payment credentials transmitted from
the PoS terminal to the issuer host for
authorization.
Transmission of data that is encrypted using symmetric encryption (which
uses the same key to encrypt and decrypt data), as intruders who steal
encryption keys can crack the encrypted data.
Transmission of card data sent by merchants in clear form to a TSP for
tokenization, as hackers can attempt to steal the clearly readable data.
De-tokenization of payment tokens while they are sent to the issuer host for
authorization, as it reveals a clear PAN, making it susceptible to theft.
Post-Authorization and Back-Office
Processing: Cardholder data stored in
merchant systems.
Card data held by merchants for batch settlement at the end of the day and
stored in back-end databases for purposes such as chargebacks, marketing,
customer loyalty programs, etc. Such systems are often targeted by thieves
to gain access to large amounts of aggregated cardholder data.
Source: Cognizant Research Center
Figure 22
17. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 17
Encrypting data at the
PoS using point-to-point
encryption can secure
data against hackers while
it travels between the
merchant and processor.
should take the plunge by complying with the technical and operational require-
ments of PCI DSS.16
Although it does not guarantee complete protection – as
seen in recent data breaches at merchants that adhered to PCI DSS guidelines –
PCI DSS ensures a basic level of security and can form the foundation of a
layered approach.
The next level of defense — and the core component of this approach — is EMV
adoption. When combined with PCI DSS, EMV can enhance the security of
payments data that reaches merchants’ systems. However, data
is exposed once it enters the merchant’s network. Encrypting
data at the PoS using point-to-point encryption can secure
data against hackers while it travels between the merchant and
processor (data in transit). Topping these layers with a tokeni-
zation solution – with token vault management provided by a
sourcing partner rather than handled in-house – reduces the
burden of managing sensitive data, vastly mitigating the fallout
from data breaches (data at rest).
Securing CNP transactions. Because CNP fraud is more
complex, criminals committing such fraud are considered to
be more sophisticated. Using multi-factor authentication – a
process of verifying the authenticity of customers using at least two inputs, such
as card number, PIN and biometric factors – can mitigate CNP fraud to a large
extent. Merchants should also consider device authentication to identify devices
that customers normally use for shopping before sending the transaction for
authorization.
A case in point is Amazon’s multi-factor authentication, which requires customers
to enter a code sent to their mobile device or generated by a smartphone authen-
ticator app once they sign in with their existing username and password. This
means thieves stealing a customer username and password would still require
access to the mobile phone to log in. Enabling multi-factor authentication is a
simple, one-time process. Customers can ask Amazon to remember each device,
which will stop prompts for the code when that device is used. For PCs, the
device refers to a specific browser (Chrome, Firefox, etc.).
3-D Secure adds a strong protective layer, as it requires cardholders to enter a
static password (stored with the issuer) or a one-time password (generated by
the issuer) sent to their mobile phones before paying for purchases. This can
reduce chargebacks for merchants and shifts the liability to the issuer when a
transaction is disputed.
Merchants should note that adding multiple authentications can negatively
impact customers’ ease of purchase, and force them to abandon the transaction
or the merchant. Behavioral and real-time fraud analytics can help merchants
better understand customer purchasing trends and patterns, and preempt fraud
attempts effectively.
Key Considerations
Merchants should consider the cost and complexity of implementing the aforemen-
tioned technologies. For instance:
A small merchant that is compliant with PCI DSS and that processes low-value
purchases may face fewer chargebacks and counterfeit card issues and,
therefore, should focus on encrypting data both in transit and at rest.
A large e-tailer may invest primarily in tokenization and strong customer authen-
tication for safer online transactions.
Similarly, a large merchant facing counterfeit card threat should consider EMV
and data encryption, as well as tokenization, if data is stored in-house.
18. 18 KEEP CHALLENGING January 2016
Merchants should implement
network segmentation
to prevent hackers from
moving horizontally
within the network.
When issuers integrate their
risk management efforts in
a centralized unit, they can
better apply the intelligence
gained from one channel or
product to other risk areas,
enabling them to more
effectively quell threats and
realize efficiencies.
Merchants should focus on securing PoS terminals by using strong passwords
rather than default ones, as well as restricting general Internet activity on PoS com-
puter systems. They should also implement anti-virus software
and update it regularly, as well as firewalls to isolate PoS systems
from other networks. Another line of defense is to implement net-
work segmentation to prevent hackers from moving horizontally
within the merchant’s network.
Merchants with an in-house token vault should use strong authen-
tication to limit physical and virtual access to the vault. To mitigate
the threat of data theft after de-tokenization, merchants should
configure firewalls to restrict IP traffic and limit the number of
applications that make de-tokenization requests to the token vault.
Issuer Strategy: Centralize Fraud Risk Efforts
Issuers responding to our survey indicated the prevalence of siloed approaches to
fraud risk management, which can lead to redundant efforts, difficulty sharing risk
information across departments, and the inability to gain a complete picture of
the risks they face.
When organizations integrate their disparate risk management efforts in a cen-
tralized unit, they can better apply the intelligence gained from one channel or
product to other risk areas, enabling them to more effectively quell threats and
realize operational and cost efficiencies. Doing so requires organizations to consoli-
date the large amounts of customer and transactional data residing within silos and
identify customers uniquely across channels and interactions to provide a unified
view. By combining organizational data with data from external sources such as
social media, and leveraging advanced analytics, organizations can produce deep
insights into customer behavior that can help them detect anomalies early in pur-
chasing behavior. These insights can also be used to provide alerts to customers,
such as location-based fraud warnings, and reduce false positives.
Involve Customers
In addition to bolstering security, training employees and build-
ing an incident response team, merchants and issuers should also
incorporate customers into their overall risk management efforts.
We recommend that customers’ risky behaviors be continually
studied and dealt with by employing a combination of the three Es:
Educate: Customers must be continuously educated on various
forms of fraud, precautions that can protect mobile devices
from rogue apps, malware, etc., and steps to take if they
suspect fraud.
Empower: Empowering customers with tools that give them
greater control over their accounts and improve security can
go a long way toward improving confidence and driving traffic
across channels. Issuers can provide mobile apps that allow
customers to limit card spending in certain geographies, cap
transaction limits, abort transactions, block and unblock cards,
etc., which can mitigate fraud significantly.
Engage: Engaging customers through regular communication using relevant
channels in post-incident management is critical to increasing customer
confidence and ensuring customer loyalty.
19. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 19
Research Methodology
The survey was conducted online in the U.S. in July 2015, and included 509
customers, 50 issuers and 52 merchants and acquirers.
22. 22 KEEP CHALLENGING January 2016
References
“Beyond the Point of Sale: Six Steps to Stronger Retail Security,” SANS Institute,
Nov. 5, 2015,
https://www.sans.org/reading-room/whitepapers/analyst/point-sale-steps-
stronger-retail-security-36102.
“Tokenization in Financial Services,” Financial Services Roundtable, Mar. 2015,
http://fsroundtable.org/cto-corner-tokenization-financial-services/.
“Multi-Layered Security Strengthens Payment Structures: How to Prepare a
Comprehensive Strategy,” Verifone, 2014,
http://www.verifone.com/media/4041137/verifone-comprehensive-multilayered-
security-white-paper.pdf.
“Tokenization Is the Way to Prevent E-commerce Security Breaches,” Network-
World, Aug. 25, 2014,
http://www.networkworld.com/article/2597398/tech-primers/tokenization-is-
the-way-to-prevent-e-commerce-security-breaches.html.
“What Data Thieves Don’t Want You to Know: The Facts about Encryption and
Tokenization,” First Data, 2012, https://www.firstdata.com/downloads/thought-
leadership/TokenizationEncryptionWP.pdf.
“How to Enable Multifactor Security on Amazon,” Krebsonsecurity.com,
Nov. 15, 2015,
http://krebsonsecurity.com/2015/11/how-to-enable-multifactor-security-on-
amazon/#more-33033.
“The Double-Edged Sword of Tokenization Helps Issuers But Also Poses a Subtle
Threat,” Digital Transactions, Oct. 12, 2015,
http://digitaltransactions.net/news/story/The-Double-Edged-Sword-of-Tokeniza-
tion-Helps-Issuers-But-Also-Poses-a-Subtle-Threat.
“Tokenization: Benefits and Challenges for Securing Transaction Data,” Security
Week, Nov. 4, 2014,
http://www.securityweek.com/tokenization-benefits-and-challenges-securing-
transaction-data.
Note: All company names, trade names, copyrights and products referenced in this white paper are the property of their
respective owners. No company referenced in this white paper sponsored this white paper or the contents thereof.
23. SECURE PAYMENTS: HOW CARD ISSUERS AND MERCHANTS CAN STAY AHEAD OF FRAUDSTERS 23
Footnotes
1
EMV stands for the first initials of Europay, MasterCard and Visa, the three
companies that created the standard.
2
“Global Payments 2015: Listening to the Customer’s Voice,” The Boston
Consulting Group, Oct. 9, 2015,
https://www.bcgperspectives.com/content/articles/financial-institutions-digital-
economy-global-payments-2015-listening-customer-voice/.
3
“Why Wall Street Is Pouring Money into Companies that Want to Eat its Lunch,”
Business Insider, Mar. 21, 2015,
http://www.businessinsider.in/Why-Wall-Street-is-pouring-money-into-compa-
nies-that-want-to-eat-its-lunch/articleshow/46640241.cms.
4
“Bitcoin and the Digital-Currency Revolution,” The Wall Street Journal,
Jan. 23, 2015,
http://www.wsj.com/articles/the-revolutionary-power-of-digital-cur-
rency-1422035061.
5
“MasterCard Launches New Program that Can Turn any Consumer Gadget,
Accessory or Wearable into a Payment Device,” MasterCard, Oct. 26, 2015,
http://newsroom.mastercard.com/press-releases/mastercard-launches-new-pro-
gram-that-can-turn-any-consumer-gadget-accessory-or-wearable-into-a-pay-
ment-device/.
6
“The Connected Car: Visa Looks Ahead,” Visa, 2015,
https://usa.visa.com/visa-everywhere/innovation/visa-connected-car.html.
7
“Global Card Fraud Losses Reach $16.31 Billion — Will Exceed $35 Billion in 2020,
according to The Nilson Report,” BusinessWire.com, Aug. 4, 2015,
http://www.businesswire.com/news/home/20150804007054/en/Global-Card-
Fraud-Losses-Reach-16.31-Billion.
8
“2014 LexisNexis® True Cost of Fraud mCommerce: Merchants Struggle To
Contain Rising Mobile Fraud Costs,” LexisNexis, Jan. 2015,
http://lexisnexis.com/risk/downloads/whitepaper/true-cost-fraud-mobile-2014.pdf.
9
“The True Cost of Data Breaches in the Payments Industry,” Smart Card Alliance,
Mar. 2015,
http://www.emv-connection.com/downloads/2015/03/The-Cost-of-Data-
Breaches.pdf.
10
“Average U.S. Organization Data Breach Cost 2006-2015,” Statista, 2015,
http://www.statista.com/statistics/273575/average-organizational-cost-
incurred-by-a-data-breach/.
11
“Data Breach at Home Depot Leads to Fraud,” Fortune, Sept. 23, 2014,
http://fortune.com/2014/09/23/data-breach-at-home-depot-leads-to-fraud/.
12
“Card-Not-Present Fraud in a Post-EMV Environment: Combating the Fraud
Spike,” Aite Group, 2014,
http://www.emc.com/collateral/white-papers/card-not-present-fraud-post-emv-
env-wp.pdf.
“Biohackers: Meet London's Living Synths Who Are Implanting Microchips into
Their Own Bodies,” Evening Standard, Oct. 29, 2015,
http://www.standard.co.uk/lifestyle/esmagazine/biohackers-meet-londons-living-
synths-who-are-implanting-microchips-into-their-own-bodies-a3101646.html.
24. 24 KEEP CHALLENGING January 2016
About the Authors
Vaibhav Shirke is a chief architect with the cards and payments business within
Cognizant’s Banking and Financial Services business unit. With over 20 years of
experience and acting as a solution architect, he leverages strong domain knowl-
edge to map industry standard solutions to changing market demands. Vaibhav
leads the secure payments initiative within Cognizant and works very closely with
leading financial institutions and merchants in helping them define a secure pay-
ments roadmap. He can be reached at Vaibhav.Shirke@cognizant.com.
Rajeshwer Chigullapalli is the General Manager of Cognizant Research Center and
leads the unit’s fact-based thought leadership program. He has more than 20 years
of experience in research and publishing and has published numerous whitepapers
on topics across the banking and financial services industry and in other industry
sectors. He can be reached at Rajeshwer.Chigullapalli@cognizant.com | linkedin.
com/in/rajeshwer-chigullapalli-508a01a.
Vinaya Kumar Mylavarapu is a Senior Research Associate with Cognizant Research
Center, where he produces fact-based thought leadership across industries and
sectors. He has more than 10 years of experience in business and industry research.
Vinaya can be reached at Vinayakumar.Mylavarapu@cognizant.com | linkedin.com/
in/vinayakumarmylavarapu.
Kamini Rajendran is Manager of Strategic Growth Opportunities within
Cognizant’s Banking and Financial Services’ Payments Practice, a division focused
on emerging trends in payments and establishing capabilities/ecosystems to sup-
port partners. She has over 13 years of payments domain experience and leads
the secure payments focus area across industry verticals. She can be reached at
Kamini.Rajendran@cognizant.com.
13
“2014 LexisNexis® True Cost of Fraud mCommerce: Merchants Struggle to
Contain Rising Mobile Fraud Costs,” LexisNexis, Jan. 2015,
http://lexisnexis.com/risk/downloads/whitepaper/true-cost-fraud-mobile-2014.pdf.
14
“EMV Transition Will Still Leave Security Gaps,” Dell, Sept. 2015,
https://powermore.dell.com/technology/emv-transition-will-still-leave-security-
gaps/.
15
“How a Criminal Ring Defeated the Secure Chip-and-PIN Credit Cards,”
Arstechnica.com, Oct. 20, 2015,
http://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-
secure-chip-and-pin-credit-cards/.
16
The Payment Card Industry Data Security Standard (PCI DSS) is a global
standard for organizations accepting cards to protect customers’ payment card
data throughout the transaction.