Card-not-present (CNP) fraud is a large problem for businesses all around the world, happening when a payment is made without the physical card being presented to the merchant. Neither the cardboard nor the cardholder is in front of the vendor on the time of purchase making it a comparatively secure way for fraudsters to try their luck.
In many circumstances, it’s simply impossible for a retailer to shut the sale without using CNP mechanisms (particularly within the case of smaller businesses), and quite than potentially lose a sale, many retailers will proceed and simply take the danger.
Even if monies could be recouped, clawing back the funds from fraudulent transactions is time-consuming and costly. With a bare minimum of data, fraudsters can impersonate real buyers and use stolen or cloned cards to finish purchases. The real cardholder, the cardboard issuer, and the targeted business all develop into victims.
In the major, the liability (and subsequently the associated fee) for such fraud falls on merchants, who bear the associated fee of fraud-related chargebacks. Beyond the direct financial hit, fraud damages customer trust, puts pressure on fraud-prevention teams or business owners, and is a notable resource drain even before the associated fee of lost goods or services is factored in.
In the UK, total losses from card fraud [PDF] reached £556.3 million, with nearly all of that (81%) comprising of CNP fraud.
One company thinks it has the reply. Safecypher‘s Dynamic Security Code technology takes the static CVV three-digit security code on the back of all credit and debit cards, and replaces it with a dynamic code that’s visible just for a limited time in the shopper’s mobile banking app.
The platform effectively creates two-factor authentication at the purpose of payment for each transaction. Even if a card’s details are compromised (the cardboard stolen or cloned, for instance), a transaction can’t be accomplished without access to the cardholder’s device and their banking app.
The MFA uses the device’s and banking app’s security, which usually uses biometrics like facial recognition or fingerprint. Even for patrons with relatively unsophisticated cellphones – those protected only by PIN, for instance – it could possibly be enough to remove them from the list of fraudsters’ ‘easy targets.’
According to Safecypher, within the last 18 months, the Irish Post Office has not had a single CNP fraudulent transaction undergo since deploying the platform as a part of its banking app, An Post Money. Over 600,000 transactions have been covered by the cardboard+MFA solution in that point.
The organisation says it’s seen nearly a 3rd of its customers opt-in to make use of the technology, and customers are likely to use their cards more often, rising from twice to over thrice monthly, on average.
“Fraudsters don’t care whose lives they destroy, and they’re getting ever faster, smarter, and more automated. It is estimated that they have already got access to 80% of bank card details that are on the market on the Dark Web,” said Mark Phillips, CEO of Safecypher.
Deployment of the technology is operationally trivial for card issuers akin to banks and financial businesses, achieved via an API to Safecypher.
(Image source: “An online fraudster commits online fraud or identity theft wearing black gloves” by Patrick Cannon Tax Barrister is licensed under CC BY 2.0.)
Find out more in regards to the Digital Marketing World Forum series and register here.
Read the complete article here
