Why card-not-present fraud is the most dangerous of card frauds

card not present fraud

In 2017, card-not-present fraud cost Australia’s retail industry almost half a billion dollars. Thanks to consumers’ overwhelming hunger for online shopping and next-day-delivery, incidences of stolen cards being used for fraudulent transactions has skyrocketed by 161 per cent since 2012. CNP now accounts for 88 per cent of all fraud on scheme cards. And, unfortunately, it is often the small businesses who are left to suffer the consequences.

So serious is the issue that the regulator Australian Payments Network (AusPayNet) is now conducting a consultation and plans to implement a new framework to protect customers. This framework may require merchants to adopt multi-factor authentication in online transactions, adding layers ranging from banking PINS, biometrics and location information.

But regulatory action should not be what forces retailers to act, given that they are the ones who bear the brunt of the costs. Especially when these costs are not necessarily just from the acts of fraud. In fact, the action of a card’s rejection – known as a false decline – is costing businesses more than 13 times as much as completed fraud: $118 billion per year versus $9 billion, according to Javelin Research. Some reports have suggested it can cost merchants as much as 5.5 per cent of their annual revenue. Merchants should not take these numbers lightly.

Reputation, reputation, reputation

Yet what organisations often forget is that the cost of CNP goes beyond just the initial losses. Given that trust is already at an all-time low, maintaining customer faith is critical.

In the age of social media, public knowledge of a cyber breach spreads like wildfire, causing significant harm to a brand’s reputation. Major brands like Toyota, Bunnings and Kathmandu have all been hit by breaches this year. When that happens, consumers’ assurance of their data’s security immediately diminishes, and if the brand does not act fast, they risk losing them for good.

There is also the added cost of incurring customer dismay when a transaction is declined. According to Javelin Research, a third of customers who are falsely declined do not return to that merchant. When it comes to online transactions, the very methods of preventing this kind of fraud has an impact. While multi-factor authentication is touted as the answer to merchants’ dilemmas, these often-manual efforts can be cumbersome and harmful to the user experience. When fraud screeners need to contact a customer for verification, every minute of that delay is more time for them to reconsider their purchase.

Building a better defence

Although it can seem like a damned if they do or don’t situation, there are remedies businesses can take without damaging their customer’s experience. Technology, of course, will play a major role in this. Advanced artificial intelligence and machine learning can help merchants screen every order and flag suspicious activity, and in doing so, prevent false declines. Investing in the right technology that can quickly and correctly approve transactions will give businesses a crucial advantage.

However, AI and machine learning are most effective when used alongside a team of well-trained staff who can manually review potential fraud. Armed with the right cybersecurity knowledge and expertise, these are the ones who can spot subtle fraud patterns as they develop. Reviewers who are equipped with a good AI fraud detection system are in the best position to identify merchants’ specific transaction trends and provide them with a personalised service and reassurance.

Ahead of AusPayNet’s impending framework, it is imperative that businesses stay up-to-date about emerging CNP threats while deploying and adapting technology to minimise potential risks. Because when the horse bolts, there is no stopping it.

Rafael Lourenco, Executive Vice President, ClearSale