Payments innovators seem doomed to fight the same battle over and over. Even when they win the battle, they find themselves facing the same enemy, just in another place. Fraud is perhaps the most potent example today.
Take credit card fraud. It was common knowledge that Europay / Mastercard / Visa (EMV) would be a powerful weapon against fraud, but just one kind of fraud – cloned card fraud. And there was the history of what happened in other countries when EMV was implemented: other kinds of fraud spiked. Fraudsters didn’t decide to become respectable shopkeepers just because EMV closed off one of their favorite routes to ill-gotten gains.
And sure enough, today, in the wake of the U.S. fraud liability shift and widespread EMV implementation, cloned card fraud is down, but eCommerce fraud is higher than ever, according to Experian data, with a net increase in overall fraud. Pymnts.com reports, “According to the Federal Trade Commission, the percentage of consumers who reported that their stolen data was used for credit card fraud basically doubled year on year from 16 per cent in 2015 to more than 32 per cent in 2016.”
Worse, Experian expects eCommerce fraud to get worse before it gets better. Fraudsters are upping their game, consumers are still falling for scams to an astonishing degree, while companies trying to protect them face a dire shortage of good-guy cyber security experts.
TechRepublic reports, “The shortage of skilled cyber security professionals is only growing worse, with the projected talent gap reaching 1.8 million jobs by 2022.” Moreover, “A recent report from ISACA found 55% of organizations reported that open cyber positions take at least three months to fill, while 32% said they take six months or more. And, 27% of US companies said they are unable to fill cybersecurity positions at all.”
So once again, as payments innovators inspire fraud Whack-a-Mole, it’s a good time to ask, are you making security an integral part of any payment innovation? Does it always have to be an add-on, while fraudsters get rich by taking advantage of the lag time? eCommerce is an incredible success story – almost $100 billion a quarter and still growing steadily. But will fraudsters be the ones who profit most?
Not if organizations disavow piecemeal treatment of payments two imperatives: compliance and security. Brick-and-mortar operations may have been secured once your organization is EMV-compliant, but there’s the whole payment ecosystem of your business to consider. The security world is rife with vulnerabilities appearing in the gaps between otherwise faultless implementations. The solution: Treat compliance and security holistically – ensure that your trusted advisors create comprehensive solutions, even when the challenges appear to be one-off. The growing connectedness of all things payments-wise will only exacerbate today’s vulnerabilities.