Online Payment Security
The world has embraced the digital era, persuaded by the many perks of advanced technology and the one advantage that was guaranteed to entice every generation: speed. With any transaction or operation being easily completed online with the push of a few buttons, the virtual space has become the common room of the globe where any person and service can be easily reached within moments. It’s almost instant, easy to use, and accessible around the world.
This significant step forward into the future has solidified the ever-increasing reliance on the Internet and technology as a whole. However, with the increased convenience comes significant risk.
Crime was swift to follow and adapt.
You are now twenty times more likely to fall victim to a cyber-criminal who lives thousands of miles away than being mugged on the street. In fact, 1 in 10 adults around the world has fallen victim to cyber-crime or online fraud. And, unlike the standard crime that happens on the streets, there is no discrimination on who can become the offended and who can be the offender. No matter the sex, age, gender, or ethnicity, anyone and everyone can be part of either category. All they need is regular access to a computer.
These cyber-crimes commonly present themselves as financial fraud, using the online dimension to illegally withdraw or steal funds, and then disappearing without a trace. It has become an art form that black-hat hackers have perfected, and businesses, as well as people, have had a difficult time outracing. For each step forward cyber-security and online protection services make, cyber-crime leaps two. It has cost companies billions of dollars, snatching around $3.10 for each $1 of fraud losses, on top of the major investments in detection and prevention techniques.
Online e-commerce has now become more exposed than any type of traditional commerce. Its vulnerability is costly both to merchants and customers, who are often easy prey when conducting online transactions in the lack of secure third-party platforms or gateways. Businesses and their clients are more vulnerable than ever to credit and debit card fraud, data breaches, and identity theft through the online medium.
Credit Card Fraud Statistics
Credit card fraud has become an increasingly severe problem in the online world. Technology, such as EMV (Europay, MasterCard, and Visa) promises to fix most of the security concerns related to fraud that could potentially appear. The implication is that using smart cards with chip-and-PIN will improve the security of existing cards that have magnetic strips. Every time an EMV card will be used, the payment will automatically have a unique code generated during the payment process that can never be reused. Thus, it prevents counterfeit fraud.
However, the implementation process has been slow in some countries, so experts still expect credit card breaches to grow 34% by 2018. The U.S. continues to be both the most common victim and the apparent location of fraudsters, as it was responsible for 47% of card frauds in 2014 in spite of the fact that it holds only 24% of the worldwide card volume. The problems have been on the rise at a constant, as around 31.8 million U.S. citizens faced credit card breaches in 2014. That was three times more than the previous year.
The continuous growing severity of the issues has stretched worldwide. The U.K. reported that a majority of fraud-related losses their citizens have encountered had occurred in the U.S. in 2015:
- 35% in the U.S.;
- 10% in France;
- 10% in Australia;
- 9% in Canada;
- 6% in Germany;
- The remaining 30% occurred within their own borders or spread across other countries.
The U.S., in particular, seems to have suffered the most from credit card fraud, and many experts attribute the unfortunate situation to the inability to adapt to secure prevention methods. The implementation of the EMV, for one, has been painstakingly slow even though it resulted in a 70% drop in counterfeit fraud in the U.K. and other nations. And yet, that remains the second most popular card-related fraud in the United States.
- 45% online card fraud (card-not-present);
- 37% counterfeit card fraud;
- 14% lost/stolen card fraud;
- 4% other.
The issues with credit card security have had devastating effects on the American population, with a whopping 28% of women and 21% of men reporting their credit card information stolen in 2015. Among them, 90% were one-time or twice-occurring victims, 8% three to four times, while 1% had fallen prey to the problem over five or more times. Consequently, credit card companies and card issuers are not faring any better with 90% of cardholders affected having to have replacement cards issued, at a cost of $12.75 per card.
Unfortunately, measures taken to protect customers from security breaches and scams, such as chargebacks, have been turned against them. Chargebacks were created with the client in mind, to ensure a refund after a complaint is filed for a wrongful transaction. It has been a true nightmare for e-commerce merchants, but banks have implemented the practice for the sake of their customers. However, fraudsters and even the average consumers have twisted the process into their own favour, taking full advantage of the “customer is always right” tradition.
Around 86% of all chargebacks are fraudulent, and it has become so frequent that it’s commonly known as “friendly fraud”. In essence, a customer receives an item, disputes it, demands a full refund, and yet they are able to keep the item. The retailer, in turn, is charged a fee, lost the item, and remains without a payment processing provider. The practice of “friendly fraud” has been recognized as one of the top threats of e-commerce, as the losses are estimated to round up at $11.8 billion per year, and is especially damaging to small businesses. Unfortunately, problems with credit card fraud are not expected to diminish and it is projected that another 14 million people will have their credit card details stolen by 2018.
Identity Theft Statistics
Hundreds of millions of people around the world have an online identity that has personal and potentially sensitive information that serves as a well of opportunities for cyber-criminals and hackers, who may take advantage of shared data for their activities. This may range from issues such as reporting false names and information to authorities, to impersonating and invading bank accounts. Around 15 million people in the U.S. alone have their identity stolen and wrongfully used each year. This accounts for around 50 billion dollars in financial losses.
In addition to the victims, an estimated number of 100 million more Americans risk identity theft due to government or corporate database leaks. A majority of them go unreported because they have been successfully avoided. However, the problem remains, and companies are constantly faced with issues surrounding identity theft.
In 2013, identity theft was the most common consumer complaint reported to the U.S. Federal Trade Commission’s (FTC) Consumer Sentinel Network (CSN), amounting to 14% of the total and rounding up to 2 million complaints. In 2014, fewer issues were reported, but it remained in the number one spot, with 13% of the total.
Identity theft, especially in the digital age, can strike anyone. Due to the ease of access to the internet and other sources that can be manipulated or corrupted by cyber-criminals, it has become one of the biggest vulnerabilities of the average consumer. And it may hit people of all ages, especially young children as they don’t apply for credit cards and aren’t old enough to monitor their own information.
People of 19 years old and under account for 6% of victims;
20-29 account for 18%;
30-39 account for 18%;
40-49 account for 19%;
50-59 account for 19%;
60-69 account for 13%;
70 and over account for 7%;
Around 86% of the victims in 2014 experienced a fraudulent use of their account information through identity theft. This includes credit card fraud and bank account information that the perpetrators used to gain access to their financial resources. Millions of people are yearly affected by the issue, and an average of 19 people per minute become victims of identity theft. It frequently happens without them knowing until it may be too late.
An average of 22% of students realized that their identity had been stolen only after they are refused service by their bank. That’s three times more than any other age group who is affected by the problem. Due to student loans and other financial matters that they frequently attend to during their college years, it has placed them at high risk of sudden theft. On average, it requires around $500 and 30 hours to resolve these problems, so the solution is not instant.
An excellent payment gateway or security measures have become paramount to avoid identity theft.
Especially since 32% of all victims have had their identity stolen by a family member, while 18% by an in-home employee, neighbour, or friend. Making use of professional software or services remains the safest prevention method.
Stopping identity theft before it happens is key. Most financial institutions, including banks, hold the victim accountable for the breach, at least for the first $50 of fraudulent charges. Thus, preventing the problem before it even begins is the best course of action.
Data Breaches & Cyber Crime
Worldwide, data breaches have remained a growing problem, with a 46% increase in 2014, which totals to 1 billion data records compromised. Personal and identifiable information of consumers was compromised and leaked into the hands of potential cyber-criminals after using the services of several companies. Security measures have been overrun, and it has resulted in significant losses. Among them, a whopping 72% were in the U.S., 8% in the U.K., 4% in Canada, 2% in Australia, 1% in Israel, and 1% in China.
Of the total, 12% were in the financial sector which means that it has resulted in vast amounts of losses in consumers’ accounts.
Attempts at stealing intellectual property or classified information is an issue that every single company in the world faces, and not even major brands have a full grasp on their security. In recent years, some of the bigger names in the industry have seen shattering numbers of data breaches in their system and millions of records accessed.
Recommended Visual Resource: World’s Biggest Data Breaches
E-Bay: 145 million; Home Depot: 109 million; JP Morgan Chase: 83 million; Target: 40 million credit card numbers (and an additional 70 million addresses accessed); Michael’s Stores: 3 million; Staples: 16 million; Domino’s Pizza: 650,000; Neiman Marcus: 350,000; Sony Pictures Entertainment: 47,000.
Continuous problems have underlined the importance of relying on third-party software or services for secure online payments and transactions. Several gateways and payment processors exist to offer consumers an additional safety net when conducting their business and payments online.
Understanding How Fraudsters Attack
Cyber-criminals, otherwise known as fraudsters or black-hat hackers, have invaded the virtual domain since the moment of its inception. The online world is highly accessible and rich in opportunities, but it’s also equally filled with risks. More and more people are now opting for the quicker options of paying their bills, online shopping, making reservations that require their credit card or personal information.
It has opened the door for numerous breaches with the malicious intent of acquiring and abusing sensitive information or bank accounts. In 2014, 54% of scam attempts were made by phone, 23% by email, and only 4% by regular mail. Fraudsters have adapted to new technologies and have already taken the step forward by invading the virtual space.
In fact, the newest payment option, mobile transactions, accounted for 12% of the total online payments made in 2017. Out of those, a worrying 21% were fraudulent, and 53% were related to e-commerce. Due to the lack of maturity of the process, mobile payments lack proper security measures making them an easy target.
Fraudsters offer no discrimination to the type of transaction or process they corrupt. Their likeliest hours of activity are between 2 A.M. and 6 A.M. while potential victims are sleeping. The holidays, in particular, are a dangerous time of the year. Fraud rates spike 200% during Christmas and Christmas Eve, so it’s a particularly dangerous period for online shoppers.
There are numerous types of frauds and scams that cyber-criminals actively pursue, even though their attack tools and methods may vary.
Phishing scams are one of the most popular scams on the internet, despite being easily defeated by awareness and attention. Phishing scams are based on social networks or emails, where cybercriminals commonly send a message pretending to be an authority, such as a representative of your bank, workplace, or a service you might be using. They then request personal information or credentials that they can then use to compromise the security of your account.
2. Bank Loan
These scams revolve around scenarios that are easily deemed “too good to be true”. A bank or a representative of a financial authority assures the consumer that they have been pre-approved for a major loan. It may seem an easy problem to avoid by understanding that no bank can guarantee such a loan without a request or even knowing your needs or financial situation. However, tremendous amounts of people have lost money by offering their credentials and paying the “mandatory processing fees” requested.
3. Money Laundering/The Nigerian Scam
One of the most notorious scams around, the Nigerian scam is also one of the oldest and has seen numerous variations. It involves receiving a message from someone claiming to be a businessman, government authority, or even a relative requesting aid in retrieving a large sum of money from the bank. It’s accompanied by small fees the victim is required to pay for the transaction and transfer, but they are promised a greater sum of money in return. Eventually, one fee turns into another and another, all unknowingly delivered to the fraudsters. In the end, the victim is left with a strained budget and no return of the promised sum.
Lottery scams are also among the more dated scams that are fortunately becoming less frequent. Targets receive an email that is supposedly sent by a company or lottery that requires the victim to pay some fees in order to gain access to their big prize win. Unfortunately, they would be left only with payments, and no actual benefit of the false jackpot.
5. Greeting Card
The greeting card scam involves receiving such a card through email from a friend. However, once the victim opens the message and clicks on the picture, their computer will start downloading malicious software and installing it in their operating system. In the best-case scenario, the software will arrive with numerous pop-up ads in your browser. In the worst case, your system will become infected and forward personal data and financial information to the fraudster, which they may use for gain or sell.
The hitman scam may, unfortunately, be on the rise due to the ever-increasing popularity of social media. The victim receives an email or message from the fraudster who makes threats in order to obtain money.
This may be under the pretence that they have been paid to murder or kidnap them or a member of their family. The message will include details of the victim’s life that have been gathered from their social media accounts in an attempt to make it seem real.
Cybercriminals have corrupted dating sites as well as social media networks. The romance scam is a long-term scheme that involves speaking with the victim for several months and establishing a romantic connection online. Usually, this person will be from a different country. They gain the trust of the victim until the point where a meeting is proposed.
From that moment on, the fraudster might fake a sudden incident that has prevented their presence and claim that they require large amounts of money to deal with passport issues. Or, in certain circumstances and if the victim belongs to a wealthy family, it resorts to kidnapping and requesting ransoms.
Cyber Crime Detection and Prevention
With the functionality of the online world continually expanding with people being able to do more and more online, it has become vital to find secure services and payment methods to successfully protect consumers.
The EMV has been deemed as one of the most promising solutions and has featured excellent success in certain parts of the world. In other countries, such as the U.S., its implementation has been slow, and millions remain at risk.
Other regulations have been introduced to ensure online payment security. The PCI DSS (Payment Card Industry Data Security Standards) is one such regulation, enforced by credit card networks like Visa or Mastercard. PCI compliance is required by credit card companies to make online transactions secure and protect consumer’s payment information.
Many online banking and payment services now have added security requirements in the form of verification systems, such as two-factor authentication, which means you will have to provide information from at least two of the three categories below.
In 2015, nearly 65% of Americans believed that using biometrics facial, voice, or fingerprint recognition) would prevent fraud such as stolen credit card information or identity theft. One in four people declared that they were even willing to share DNA information with their bank in order to stop such problems. However, the issue could be fixed by using a secure gateway that prevents customers from stepping into the pitfalls of online transactions.
Security measures are of the utmost importance when navigating through virtual space and dealing with digital bank accounts that could be easily compromised. This includes using secure payment methods during checkout when online shopping, staying up to date on the latest technology that ensures safe transactions, updated antivirus and antimalware software installed on devices and using secure payment services to oversee financial transfers.
Cyber-criminals and fraudsters alike will continue developing and improving their practices, and it may be too fast for the average consumer. However, by either employing a professional payment system to take care of their online transactions or making sure they take all the necessary precautions themselves, problems can be avoided.
It only needs to be stressed that fraud has remained prevalent in every sector that implies any sort of fee or financial implication. In fact, it has stretched into the digital world full force, and cyber-criminals have gained access as well to the virtual space that connects the entire world.
It's particularly important to protect yourself from fraudulent transactions if you're a high risk merchant.
Only with scrutinizing attention, care, and trust in proper services, consumers can avoid becoming one of the millions of victims that have fallen prey to scams, frauds, or theft.
– http ://smallbusiness.chron.com/types-internet-fraud-work-61078.html
– http://www.safesmartliving.com/identity-theft-statistics/ – stats
– https://www.ncjrs.gov/spotlight/identity_theft/facts.html – more stats
– http://www.identitytheft.info/victims.aspx – even more stats