On Oct. 1, 2015, the payment card industry introduced new liability rules designed to make EMV (Europay, MasterCard and Visa) credit cards the preferred standard for in-store retail shopping. The reason behind this decision was simple: chip-enabled EMV cards are very difficult to clone, making them incredibly effective at preventing credit card fraud within brick-and-mortar stores.
In fact, they are so effective that the industry now penalizes those whose continued use of legacy cards and terminals results in in-store fraud.
However, these EMV security features become irrelevant when shopping online, by mail-order or by phone. Card-not-present (CNP) transactions rely on the same information that traditional credit cards use, including:
- Account holder names
- Billing addresses
- Credit card numbers
- Expiration dates
- Card verification values (CVVs)
As EMV credit cards become more widespread throughout the brick-and-mortar world, how has this affected CNP fraud?
Card-Not-Present Fraud in an EMV World
Because in-store retail fraud has become much more difficult, thieves continue to explore less secure ways of abusing sensitive financial data. Note that CNP fraud hasn't become intrinsically easier. However, purchases made via Internet, phone and mail represent lower-hanging fruit when compared to in-store transactions.
In other words, card-not-present fraud has become relatively easier.
Even before the EMV deadline went into effect, CNP fraud represented nearly 50 percent of total credit card fraud in the U.S. Though shortly after the deadline passed, online credit card fraud started to skyrocket, with experts predicting a 100 percent increase in CNP fraud through 2018.
Focusing just on e-commerce transactions, the $10.7 billion in fraudulent losses witnessed in 2015 is expected to reach $25.6 billion by 2020. When you factor in mail orders and phone-based transactions, the numbers are higher still.
And this phenomenon isn't limited to the U.S.:
- From 2008 to 2013, Canada saw a 54 percent decrease in in-store EMV fraud, accompanied by a 133 percent spike in card-not-present fraud.
- The EU saw a 300 percent rise in CNP-related fraudulent activity.
Not all of these increases can be directly attributed to EMV adoption, however. Online shopping continues to rise, with e-commerce sales expected to be $178 billion higher in 2017 than they were just four years prior.
More online sales will invariably lead to more online fraud. Yet with the right tools, it’s possible to dramatically reduce card abuse within your e-commerce store.
How BluePay Can Help Reduce CNP Fraud Within Your Business
Preventing card-not-present fraud completely may not ever be possible. Online shopping grants thieves unprecedented anonymity, speed and convenience.
However, there are commonsense steps you can take to dramatically reduce your exposure.
At BluePay, we offer a suite of fraud-prevention tools designed to make your payment environment as uninviting as possible to would-be thieves. Remember that criminals go after less secure channels. Thus, the more safeguards you have in place, the less attractive you become as a target.
Some of our most popular security solutions include:
- Credit card tokenization, which instantly substitutes your customers' financial data with one-time tokens that only the payment processor can decode.
- Point-to-point encryption (P2PE), which encrypts payment data the moment the card is swiped, while in transit over the network, all the way through to authorization.
- Fraud management filters — these controls allow you to automatically set parameters for the volume, frequency, transaction amount and location of all credit card payments made within your business.
To learn more about our advanced suite of CNP fraud solutions, contact BluePay's payment security team today for a free consultation.