julio 12, 2016 5:42 am
The popularity of banking and m-commerce on smartphones, merchant adoption of mPOS devices, the growth of in-app payments, and the emergence of mobile wallets and NFC-based point-of- sale payment services such as Apple Pay mean ensuring the security of mobile transactions and the privacy of customers’ data is critical.
And while mobile channel offers great opportunities it also carries risks. Where there’s opportunity to grow sales in the mobile channel, fraudsters see opportunity, too. Mobile devices nowadays make up a disproportionate share of the $6 billion fraud that costs merchants and card issuers in the U.S. each year. Although mobile payments account for 14 percent of transactions among merchants who accept them, they make up 21 percent of fraud cases, according to a survey of about 1,100 companies published on Jan. 26 by LexisNexis Risk Solutions
With mobile wallets, thousands of dollars’ worth of merchandise could be stolen at the blink of an eye. A fraudster could steal a credit card, enter the card into a mobile wallet compatible device, then use the phone to purchase merchandise without the need for identification. As with all fraudulent transactions, the consumer has recourse should a fraudulent purchase be made through mobile wallets. The consumer is able to file a chargeback, however chargebacks are a double edged sword and have the potential to hurt the consumer in the long run despite the perception of being a quick and effective solution.
According to news reports, Apple Pay is also suffering the fraud of accounts using stolen card credentials, Experian Global Consulting, estimating Apple Pay’s fraud rate at 6 percent, compared with a traditional credit card fraud rate of 10 cents for every $100 spent. Bloomberg reported that some U.S. banks have begun to make changes in how they activate customers’ card accounts to use Apple Pay, as some banks require users to call them to activate Apple Pay, to ensure their identities haven’t been stolen.
Kount, an innovator and provider of solutions for fraud and risk management. recommends 10 ways for merchants:
Knowing if a mobile device is being used for transaction: Mobile app or mobile browser.
Identifying what type of mobile device is being used: Different mobile devices have different fraud and purchase profiles.
Pinpointing the “real” location of the mobile device
Determining if the device is a prepaid device: In general, prepaid devices are used by fraudsters at a higher rate than other mobile devices.
Knowing if the phone number being used is a forwarded number: In account takeover schemes, fraudsters will forward a customer’s phone calls to their (fraudster’s) phone.
Associating other transactions with the device, this is, if the mobile device involved in a transaction has been associated with prior fraudulent behavior.
Determining if it is a card-present or a card-not-present transaction: Mobile POS systems can give fraudsters opportunities to grab credit/debit card information.
Double checking if the financial information being used has been compromised:
Evaluating if your organization has expertise, resources, time, and money to develop its own fraud solution.
Conducting “fraud audits” that include evaluation of mobile fraud prevention every 12-18 months.