Who Is Responsible for Credit Card Fraud Prevention? You Are.
For ecommerce merchants, payment service providers and card issuers who are serious about credit card fraud prevention, there is good news. GPayments has a 3D Secure 2 fraud prevention solution for all responsible parties and payment authentication domains.
Where credit card fraud occurs
You may be wondering what we mean by authentication “domain”? The 3Ds of 3D Secure refer to the issuer domain, the acquirer domain and the interoperability domain.
In a payment workflow, the acquiring bank or merchant payment gateway initiates a transaction that needs to be authenticated. Authentication is provided by the issuing domain or the card issuer or bank. This communication (request to verify, and verification response) between the merchant’s acquiring domain and the cardholder’s issuing domain, happens in the interoperability domain.
If a card is enrolled in 3D Secure, it will be verified in the interoperability domain. For example, Visa secure or American Express SafeKey are enrolled.
Online credit card fraud — particularly debit and credit card not present (CNP) fraud — undermines the authentication protocol with stolen credit card details.
So, should the burden not be on the debit or credit card holders’ shoulders? We know that customers need to be wary of credit card scams but they are not the only responsible party. All payment industry players should safeguard credit card information.
Credit card fraud prevention is in everyone’s interest
Preventing card fraud — including debit and credit — in the payment industry because it is a major cause of profit loss for ecommerce merchants and a source of frustration for consumers. The fear of identity theft — a major contributor to payment fraud — has increased considerably. A study from the Australian Bureau of Statistics found that 1 in 9 Australians experienced one or more types of fraud between 2020 and 2021.
While consumers are very cautious about protecting their credit card numbers and personal information from thieves who may wreak havoc on their credit score; nonetheless, the liability to rectify card fraud is up to card issuers and merchants, not online shoppers.
According to the 2021 Nilson Report, the financial loss from credit card and debit card fraud to merchants, acquiring banks and issuing banks amounted to $28.58 billion in 2020. Of all those impacted, card issuers absorbed 88% of the cost. Fraudsters can cost merchants lost products, higher transaction fees, and customers. Additionally, issuing banks lose time and money on handling chargebacks. Fraudsters that illegally use customer personal information violate a customer’s sense of safety and hit the bottom line of both the payment and financial services industries.
The use of debit cards and credit cards instead of cash for point of sale and online transactions is increasing. Europe’s top six credit and debit card issuers brought in over $1.2 trillion in purchase volume in 2020. The transaction rate is expected to increase 41.4% on cards such as Visa, Mastercard, American Express, Discover, UnionPay and JCB and number a further 642 billion by 2025. There is a great incentive to detect and prevent credit card fraud to protect customers, brand reputation and reduce the cost of debit and credit card fraud.
Card fraud is a growing problem
As ecommerce becomes the norm for procuring just about anything, ecommerce fraudsters find and exploit weaknesses anywhere such as sales channels and payment methods.
For example, thieves can skim card details like the card number, card verification value, expiration date and cardholder’s name off a magnetic stripe by tampering with a card reader. Card skimming is much harder to achieve because of smart chip or EMV chip technology. However, in-person credit card fraud prevention contributes to an increase in online credit card fraud because fraudsters are constantly changing sales channels.
Additionally, CNP fraud is difficult for merchant payment gateways and payment service providers to detect for two reasons. Firstly, there are a lot of different types of CNP fraud to keep up with, including friendly fraud (common) to synthetic identity fraud (uncommon and very sophisticated). Secondly, ecommerce CNP fraud does not rely on stolen credit card information. On the contrary, a cyber criminal can use your login and passcode or they could be related to the cardholder.
So, if a transaction appears to be fraudulent, what is a card issuer to do? They challenge the suspected fraud. If the issuing bank is wrong and a legitimate transaction is declined, what is a customer to do? They might use a different card or find another ecommerce site that delivers. Who loses? You could argue that all three are victims of credit card fraud. Who is the biggest loser? According to Visa, credit card fraud is expected to cost businesses USD $75 billion between 2019 and 2023 worldwide.
Thankfully, a 3D Secure 2 fraud prevention solution mitigates false declines, protects the customer, the issuing bank and the merchant from fraud.
What is ecommerce to do about credit card fraud?
Credit card fraud prevention is paramount to minimising credit and debit CNP fraud. Bank networks using the most accurate authentication solution, 3D Secure 2, have reduced fraud by 40%, cart abandonment by 66% and cut down payment processing time by 80%.
Since fraudsters have several ways to acquire credit card details — skimming, phishing and purchasing them on the dark web, 3D Secure 2 solutions use an enriched dataset to ensure strong customer authentication. Because 3D Secure 2 is mobile-enabled and not dependent on an internet browser, it has access to more conditional data that helps to identify and mitigate risky transaction activity like:
- Large purchases.
- Same-day shipping.
- Mismatched email, shipping and billing information.
- Card details that do not match those on file.
Also, 3D Secure 2 provides greater interoperability between online merchant and card issuer financial institutions. Challenges of suspected fraud to occur between card issuer and the cardholder. By removing the merchant in this step, if an unauthorised transaction is detected and a chargeback is in order, liability shifts from the merchant to the issuing bank. Best of all, enrollment in 3D Secure 2 for most global card schemes will be automatic by October 2022.
Big problems require bold solutions
Card issuers and online merchants are on the same side when it comes to credit card fraud prevention. As cyber criminals find new ways to steal credit card details, each party must use fraud prevention solutions and strategies to stop fraudsters in their tracks. GPayments 3D Secure 2 fraud prevention solutions for card issuers and merchants will give your customers peace of mind and reduce costly CNP fraud rates. Contact us to learn more about ActiveServer and ActiveAccess.