Study: Online fraud continues to vex retailers

Retailers that have a digital presence continue to worry about how they will handle the increasing pace of e-commerce fraud.

Nearly half of all retailers (including two-thirds of the largest segment) worry about their systems’ abilities to handle increased e-commerce fraud as a result of data breaches, according to “Fighting Fraud in the E-Commerce Channel: A Merchant Study,” a report from the Federal Reserve Bank of Minneapolis.

According to data, e-commerce fraud is expected to increase over the next six to 12 months, and these incidents will largely stem from data breaches. More than three-quarters of retailers expect e-commerce fraud attacks to climb in next six to 12 months.

The top three drivers of e-commerce fraud attacks are data breaches; e-commerce growth, and targeted attacks. However, retailers of all sizes named card-not-present (CNP) as their most feared fraud threat. This was followed by in-person card fraud at the point-of-sale.

Currently, no single fraud tool was used by more than 76% of respondents, which suggests high fragmentation. A multi-layered approach is the norm among retailers’ fraud fighting arsenal, as nine out of 10 retailers employ two or more tools to fight fraud in the e-commerce channel. 

However, the most used fraud mitigation tools in the e-commerce channel are security codes and shipping address verification.

The top fraud mitigation tools that retailers plan to adopt in the next six to 12 months are encoding protocols designed to further secure online CNP transactions (including 3D Secure, Verified by Visa, and similar systems) (14%); purchase velocity checks (11%), and geolocation, a technique that identifies anomalous transactions (10%).

While usage of emerging fraud mitigation technologies is low, confidence is high among users of artificial intelligence systems, facial recognition and voice recognition. Further, large retailers (companies with sales exceeding $1.5 billion) who use behavioral biometrics rate it high in effectiveness.

Over half of retailers surveyed rely on processing systems from third parties to fight e-commerce fraud. Yet, only about one-third of retailers participate in an information sharing partnership to identify current fraud attacks and exchange threat information.

Overall, partnerships with payment card networks and third party processors have the greatest participation, and over half of the largest retailers participate in one or more information sharing partnerships. The Financial Services Information Sharing and Analysis Center (FS-ISAC) is top-rated in effectiveness, although several partnerships received high marks.