New research reveals digital channels are opening up unanticipated points of weakness for banks. The EMV effect EMV, also known as the “chip card,” looks to prevent point-of-sale and physical card threats.
When the UK and European countries introduced EMV more than 10 years ago, there was a different digital landscape. Immediate access to credit. Mobile remote deposits. Rapidly clearing payments. So many added conveniences from banks and financial service providers make it easy for customers to access money quickly. Unfortunately, they do the same for fraudsters.
A report from analytics leader SAS and Javelin Strategy & Research, 2016 Digital Channel Threat Report: Derisking Convenience, reveals that digital channels are opening up unanticipated points of weakness for banks.
While EMV is still deterring criminals with its launch in the US from the standpoint of physical card fraud, the increase in digital channels is allowing other non-card schemes to arise. Now, seemingly endless digital options – wildly popular with consumers – open up alternate routes for fraudsters.
Look at the increased proportion of checking accounts opened digitally – up from 49 percent in 2014 to 70 percent in 2015. The simultaneous surge in new-account fraud – more than double the number of victims experienced new credit card account fraud in 2015 compared to 2014 – is no coincidence.
Mobile wallets will only continue to increase in popularity in the coming years. By 2019, mobile wallet users are projected to reach nearly 90 million. The trend creates attractive opportunities for banks to gain and retain customers by offering bank-branded mobile wallets and services. Those that fall behind risk losing customers to competitors perceived as more tech-savvy.
But the appeal is equally powerful for fraudsters. For example, the rapidly expanding capability to use a mobile device for transactions makes a stolen smartphone worth more on the black market. Then there’s “wallet takeover” or “device takeover” – when an unauthorized party logs into a financial account in a mobile wallet or installs an existing wallet on their own device.
Because the fraudster is now in control of communication channels for the account, regaining control of that account is particularly challenging.
The survey points to a heightened awareness among consumers of personal responsibility for the security of their banking data. About 46% say they personally bear the most responsibility for preventing fraud. Just 17% put the brunt of responsibility on financial institutions.
Yet despite owning responsibility, many customers fail to protect themselves in the simplest of ways. For example, less than a third of smartphone owners surveyed use mobile anti-virus or anti-malware software on their phones. Only a quarter change their mobile passwords periodically.
SAS identifies three proven ways financial institutions can balance customer desires against fraud protection:
Solutions – Focus on security investments that carry the most reward, like device recognition, geolocation and biometrics. These are substantially tougher for fraudsters to intercept or falsify than SMS one-time passwords.
Analytics – Insights into behaviors, transactions and customer interactions are central to curtailing digital fraud channels and decreasing false positives.
Personnel – No security system can excel without properly trained personnel to operate it. Security staff need to stay up-to-date on innovative technology, ahead of new fraud schemes and mindful of customer needs.
For a complete archive of more than 70,000 articles published since 1995 search the CardFlash.com library.