This is an exciting time to be in the payments industry. The U.S. deadline for the EMV chip-and-PIN migration is officially less than one year away1, and Apple Pay recently became available to iPhone 6 and iPhone 6 Plus users.
It’s widely believed that once implemented, the EMV standard should drastically reduce card present fraud in the U.S. as it has in other countries2. Add to that Apple Pay’s combination of biometrics and tokenization and it would seem that consumers and retailers have nothing to worry about: card present fraud will be history by this time next year. Not so fast…
While EMV and Apple Pay may well reduce card present fraud, fraudsters never rest. Although EMV will offer more security for point-of-sale transactions, we can expect a rise in other types of fraud including card-not-present (CNP), application and account takeover fraud, as fraudsters look for new ways to beat the system2.
Our data suggests that there is also a general rise in mobile fraud. For example, one of our customers is seeing about 50 percent higher fraud rates coming from the mobile channel over other channels. While identity solutions and device fingerprinting are effective ways to protect against mobile fraud, the trend is undeniable.
As for Apple Pay, sophisticated hackers3 already cracked the iPhone 5’s biometric scanner and it’s probably only a matter of time before they discover a way around tokenization.
And what about Android phones? According to an August 2014 comScore report4, Android is the #1 smartphone platform with 52 percent platform market share. Will fraudsters simply shift their focus to more aggressively target Android devices?
There’s no denying that these new technologies will help make payments safer, but those of us in the industry must continue to remain diligent in order to stay one step ahead of fraudsters. Payment technologies hasn’t changed in decades, and we now have a front row seat for two of the most significant industry innovations in the past decade. It’s an exciting time to be in the payments industry… just don’t take your eye off the ball. We know the fraudsters won’t.
Aaron Kline is the director of eCommerce at ID Analytics, a leader in consumer risk management with patented analytics, proven expertise and real-time insight into consumer behavior.
1 Gara (2014, February 6). October 2015: The End of the Swipe-and –Sign Credit Card. Retrieved October 30, 2014, from http://blogs.wsj.com/corporate-intelligence/2014/02/06/october-2015-the-end-of-the-swipe-and-sign-credit-card/
2 UK Payments Administration Ltd., with Financial Fraud Action UK (2014 May). Fraud the Facts 2014. Retrieved October 30, 2014 from http://www.financialfraudaction.org.uk/
3 Frank. (2013, September 9). Chaos Computer Club breaks Apple TouchID. Retrieved October 24, 2014, from http://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid
4 comScore (2014, October 7) comScore Reports August 2014 U.S. Smartphone Subscriber Market Share. Retrieved October 24, 2014 from http://www.comscore.com/Insights/Market-Rankings/comScore-Reports-August-2014-US-Smartphone-Subscriber-Market-Share