A recent white paper by IDology finds that in the wake of EMV, fraudsters are looking for new avenues to exploit – particularly over mobile devices.
Payments fraud is apparently borrowing a page from the playbook used by real estate professionals: It’s all about “location, location, location” — especially as mobile becomes an ever vital part of the way companies do business.
In IDology’s “2015 Fraud Report,” its third annual survey, the identity verification and fraud prevention company, said that fraud attempts in general are on the rise, and that relatively newer avenues of activity – and conduits of that attempted fraud growth – are on the rise.
For the third year in a row, according to a survey of senior executives across a variety of industries, from health care to utilities to telecom, there was an increase in expected fraud attempts, rising from 36 percent in 2013 to 40 percent last year to 46 percent in 2015 – and at the same time, those reporting that attempts simply staying the same actually declined.
This trend presents a conundrum for business leaders, stated IDology. Even while executives must guard against fraud and remain ever vigilant, the executive and the organization must also be ever mindful of improving the customer experience. The two missions may be mutually exclusive, as added layers of security efforts may indeed wind up creating points of friction in the consumer experience.
Drilling down a bit into the data, as had been seen last year, website applications “continue to bear the brunt” of attempted fraud activity, with 71 percent of respondents citing this as the most significant avenue of attacks, though, notably, down from 86 percent last year.
That’s a telling figure, as EMV is now in place in the United States, with fraud likely to shift to Web apps, as chip and PIN technology has, and will, make card fraud a bit more difficult. One avenue of attempted fraud that is gaining traction, according to the survey, comes along with call center fraud attempts, which, at only a mere 2 percent of organizations reporting such activity, now has most recently spiked to 13 percent. In its simplified form, call center fraud comes when someone, well, calls the center, and pretends to be someone they aren’t. Such identity falsification comes when information about an actual accountholder is co-opted.
Mobile fraud is also on the rise, said IDology, cited by 3 percent of respondents last year and 8 percent this year. That figure is likely to increase alongside the growth in the use of mobile devices themselves. And companies themselves are conducting more business through mobile activity, as 59 percent of those surveyed said they have been seeing an increase in business conducted through this channel. The importance of mobile is underscored by the fact that only 6 percent of respondents said they do not in fact transact business across mobile. And in terms of total business done across mobile, 29 percent said that 1 to 10 percent of business is done through devices, with another 17 percent at the higher end stating that as much as 26 percent to 50 percent of volume is done this way.
With mobile becoming top of mind, and relatively important as a conduit of business itself, said IDology, identity verification and security solutions become must-haves and need to be reviewed to ensure anti-fraud efforts are operating with strength and efficiency.
Turning to other types of fraud attempts, the use of mobile leads to other avenues of fraud, among them ANI Spoofing (call center fraud), at 23 percent, account takeover via porting, cited by 20 percent of those surveyed, and device cloning in a close third at 19 percent.
No surprise then that 58 percent of those polled plan to boost their investments in mobile technology, with investments spanning time, money and staffing resources.
Of particular interest to the study, fraud continues to demonstrate pockets of geographic concentration in the United States, with New York, New Jersey and Florida continuing from last year as hotbeds of fraud, with new areas emerging via Detroit, Chicago and Texas.
Data breaches themselves have been instrumental in bringing consumer information onto the black markets through credit, debt and prepaid fraud. IDology noted that card fraud remains the most prevalent way hackers get info, for the third year in a row, and that trend is likely to continue.
In terms of preparedness, it seems that many organizations feel relatively unprepared to meet the demands of certain types of fraud, including only 12 percent who said they feel ready to meet the challenges of mobile fraud.
To view the full white paper, click here.