(New York, NY): On the eve of the EMV liability shift in October 2015, the US payments industry still had a long road ahead of it. Banks had hundreds of millions of cards left to reissue, merchants were undertaking a systems upgrade process fraught with technical issues, and less than 10% of real-world transactions took advantage of EMV’s enhanced protections.
Today, about 90% of credit cards are chip-enabled, most major retailers have updated their payment systems, and an increasing share of transactions – about half, according to Auriemma Roundtables data – benefit from chip card security features. Unfortunately, as EMV has become more widespread, it’s also given rise to new pitfalls and fraud types. In fact, total fraud claims have increased 23% among major issuers since early 2015, mostly due to growth in online transaction fraud.
Here are six key trends to watch in the post-EMV era:
EMV is doing its job. It’s clear that chip technology is having the desired effect: reducing fraud at the physical point of sale. Counterfeit fraud claims have declined for five consecutive quarters and are down 34% from their peak in early 2016. Counterfeit card use will only continue to decline as the EMV acceptance market grows.
Synthetic identity fraud and other forms of application fraud have emerged as leading risks. EMV adoption helped trigger a shift from fake plastic cards to fake identities, which fraudsters are using to open real accounts. Synthetic identity fraud was responsible for up to 20% of credit losses in 2016, according to Auriemma data, and shows no signs of slowing down. The proliferation of identity data available for purchase on the dark web – a problem made worse by the recent Equifax breach, which compromised the personal credit bureau data of 145.5 million Americans – will lead to an onslaught of application fraud in the years to come.
Fallbacks are making a comeback. A “fallback” occurs when a chip card or reader malfunctions and the transaction uses the card’s conventional magnetic stripe instead. Not surprisingly, fraudsters have devised ways to force fallback transactions and sidestep EMV’s protections. While chip fallback volume is low, accounting for less than 2% of transactions, fraud associated with fallback is on the rise. In fact, fallback fraud made up 24.4% of total counterfeit fraud and 43.3% of lost-and-stolen fraud in Q2.
Lost-and-stolen fraud represents a missed opportunity. The US market overwhelmingly declined to adopt chip-and-PIN verification, opting to stick with more familiar signature authentication (MasterCard recently announced that even that authentication method will soon be optional to merchants). This decision helped avoid customer confusion, but also left the door open to lost-and-stolen fraud – the third largest fraud type behind online and counterfeit. Lost-and-stolen claims have increased more than 25% since the liability shift, offsetting some of EMV’s fraud savings. On average, major card issuers receive more than $50 million in lost-and-stolen claims annually.
Chip cards become a trending topic – and not in a good way. The EMV user experience has been widely panned as slow and confusing. While the networks are rolling out upgrades to make transactions faster, EMV has triggered renewed calls for contactless technology and made mobile payments more appealing. In fact, more than half of cardholders believe mobile payments are faster than chip transactions, according to Auriemma’s consumer research. Card issuers are catching on: Capital One recently added contactless technology to some of its most popular cards.
One-time passcodes (OTP) and biometrics are the next frontier. With more secure physical transactions and continued growth in e- and m-commerce shopping, online and mobile transactions are now the largest source of fraud. Card issuers are enhancing security on these transactions using OTP, randomly-generated passwords sent to a registered mobile number or email address to validate transactions. In fact, more than two-thirds of card issuers have implemented OTP, and line and voice biometrics are widely viewed as the next frontier. Meanwhile, knowledge-based authentication is considered increasingly susceptible as personal information is readily available online.
About Auriemma Fraud Control Roundtables
Auriemma runs a series of information sharing and benchmarking groups for executives in fraud strategy and operations. Spanning credit card, debit card, and consumer banking, Auriemma’s fraud control roundtables combine executive meetings, industry-leading operational benchmarking, and peer group surveys to help participants identify vulnerabilities and optimize fraud management strategies.