With card-not-present fraud a global concern, many countries have deployed various fraud prevention tools to help curb fraud in both online and mobile channels.
In this report, the U.S. Payments Forum has reviewed experiences from countries around the world to assist the US payments industry in mitigating card-not-present fraud.
Globally, card-not-present fraud includes telephone, Internet, and mail-order transactions where the cardholder does not physically present the card to the merchant. Most card-not-present fraud involves the use of card details that have been obtained through skimming, hacking, email phishing campaigns, telephone solicitations or other methods.
The card details are then used to facilitate fraudulent transactions. Although EMV deals effectively with counterfeit fraud, it does not address card-not-present fraud. With the migration to EMV for card-present transactions, fraudsters shift their focus to other channels, such as CNP transactions.
“While many attribute the rise in card-not-present fraud seen in other countries to the implementation of EMV chip technology, there are other factors, such as the rapid growth of online sales and the fact that fraud prevention tools have not been fully adopted and implemented by all stakeholders, that have contributed to the increase,” said Randy Vanderhoof, director of the U.S. Payments Forum.
“This white paper looks at the experiences and lessons learned from other countries that have a similar landscape to the US to provide a foundation for the US payments industry to build out layered, effective and systematic mitigation strategies to reduce card-not-present fraud.”
Publicly available information is scarce and data are reported differently in each country (depending on whether the focus is on issuers or merchants), so this paper is unable to cover all solutions to the problem of card-not-present fraud in all countries.
Rather, the paper offers insight into solutions implemented in those locations for which data are available. In addition, the paper presents an overview of fraud prevention tools and methods in each location along with relevant legislation and its impact.
The white paper suggests the following recommendations for payments stakeholders in their efforts to mitigate CNP fraud:
- Implement a systematic, layered approach to secure transaction data; no single security mechanism can protect against all possible fraud scenarios
- Address card-not-present fraud within an EMV migration strategy and consider phasing in these and other security practices as a high-priority business requirement
- Work together as an industry to secure sensitive data elements handled during transaction lifecycles
This white paper is specifically focused on card-not-present fraud in countries that have migrated or are in the process of migrating to EMV, including Europe/SEPA, the UK, France, Canada, Australia and the US, and discusses the following:
- Perspective on the current status of card-not-present fraud
- An overview of fraud prevention tools and authentication methods that have been implemented and are useful, such as 3D-Secure and device fingerprinting
- Relevant legislation and its impact on card-not-present fraud
The white paper, Card-Not-Present Fraud around the World can be downloaded HERE.
The post US Payments Forum provides guidance on card-not-present fraud appeared first on Payments Cards & Mobile.