• by Jack Loechner , Staff Writer @mp_research, December 20, 2018

Retailers Learn to fight back against clever criminals taking aim at people and profits, reports TransUnion LLC.

The cat-and-mouse game between online merchants and fraudsters commenced the instant the first buy buttons appeared in 1994. Then, as now, clever criminals are always finding increasingly sophisticated ways around retailers' latest defenses. But it was the rollout of the EMV chip cards in 2015 that helped push online fraud to unprecedented levels. 

Chip cards make fraud more difficult at the point of sale, and strong indications say they’re working. Merchants who completed the change from magnetic stripe to chip card transactions already reported a 66% drop in counterfeit card purchases between June 2015 and June 2017, reports USA Today. 

But history proves fraudsters don’t give up, says the report. They simply develop a new plan of attack. Card-not-present fraud is now 81% more likely than illicit actions at brick-and-mortar stores, according to Javelin Strategy & Research’s 2018 Identity Fraud Study.

Today, hard-to-detect schemes are emerging as the biggest risks for e-commerce sites such as synthetic fraud and mobile commerce (m-commerce) fraud.

Synthetic Fraud: When customers aren’t real.

EMV adoption also spurred a swing from using counterfeit cards, to counterfeit identities, to commit fraud. Unlike account takeovers, which threaten real customers, synthetic fraudsters deceive online merchants by using fictional identities to open real accounts. 

And while the threat to actual consumers may be indirect, it can have costly results for e-commerce sites. These malicious activities can run unchecked because there are no consumer victims to catch suspicious statements, and alert credit card companies that fraud has occurred. In fact, many synthetic fraudsters mimic real customers so well that merchants view their delinquent accounts as nonpayment issues, believing they simply can’t find the person to follow up.

Even when synthetic fraudsters combine real elements like Social Security numbers with fake information to create a new identity, it often takes years for the victims to realize what happened. These clever criminals often target Social Security numbers from children or the elderly because they’re least likely to be actively used. TransUnion research estimates that synthetic fraud now comprises 85% of first-party fraud, and shows no sign of slowing down.

M-Commerce: New technology creates new opportunity for fraudsters 

As new payment options, like mobile wallets, gain traction, mobile commerce is expected to boom by nearly 260% to $284 billion in just two years.  But nothing invites fraud faster, says the report, than new technology and the security learning curve it presents. Unfortunately, fraudsters’ attacks are evolving more quickly than the controls put in place to protect mobile payment applications. The wide variety of mobile devices and operating systems can make mobile channels difficult to secure. Our screens are getting smaller and our mobile devices are getting smarter while the e-commerce industry is getting bigger, says the report. M-commerce companies reported an average of 880 fraud attempts each month in 2016, 66% of which were successful.