• Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Special Offers
Business Intelligence Info
  • Business Intelligence
    • BI News and Info
    • Big Data
    • Mobile and Cloud
    • Self-Service BI
  • CRM
    • CRM News and Info
    • InfusionSoft
    • Microsoft Dynamics CRM
    • NetSuite
    • OnContact
    • Salesforce
    • Workbooks
  • Data Mining
    • Pentaho
    • Sisense
    • Tableau
    • TIBCO Spotfire
  • Data Warehousing
    • DWH News and Info
    • IBM DB2
    • Microsoft SQL Server
    • Oracle
    • Teradata
  • Predictive Analytics
    • FICO
    • KNIME
    • Mathematica
    • Matlab
    • Minitab
    • RapidMiner
    • Revolution
    • SAP
    • SAS/SPSS
  • Humor

Do Contactless Payments Pose a Greater Fraud Risk?

June 10, 2017   FICO
Contactless Fraud 1 Do Contactless Payments Pose a Greater Fraud Risk?

As new countries such as those in the Nordics embrace contactless payments, people are asking about the impact on fraud. We discussed this last month at the DT Fraud Conference 2017, where Peter Bayley from Visa and I debated some of the issues arising.

The good news is that contactless doesn’t appear to increase fraud. But it could.

The first thing to note here is that the type of fraud consumers worry about is hugely unlikely. This is “proximity intercept,” where a card’s signal is grabbed by a fraudster’s device. The fear of this is played on by the manufacturers of physical RFID wallets, and sometimes even by the media. It sounds plausible but has not proven to be a big problem.

The more likely potential threat of contactless is actually more complicated, and involves “disowned” transactions where the consumer fails to recall a transaction; in extreme circumstances this can lead to the kind of fraud most of us don’t want to think about – first-party fraud.

Where the Consumer is the Criminal

First-party fraud is one of the most prevalent, growing and insidious forms of fraud in a mature EMV (chip issuance) market. This is essentially where the individual who undertakes the fraud has either performed or facilitated the fraud in their own or a completely synthetic (fictitious) identity. In short, there is no consumer victim. Estimates suggest that first-party fraud — which is often hidden in a bank’s credit and collections losses because of the difficulty in identifying it — dwarfs third-party fraud, including CNP, lost and stolen and counterfeit put together.

Identity and payment security defences are usually vested in a multi-factor requirement – in a card context this would typically mean a card authentication method or CAM (something you have) such as a satisfactory chip read,  and a cardholder verification method or CVM (something you know) which would typically mean a PIN (unless you are from the US!). In a contactless payment context – which consists almost exclusively of low-value transactions – there is of course only a CAM not a CVM. So this has a lower level of security commensurate with the lower risk values.

Obviously there are good, convenience reasons for the prevalence of contactless, especially where speed of transaction is all important. Contactless payment is used at the ticket barriers on the London Underground, for example, where it would be impractical to require a CVM.

Add first-party fraud to contactless payments and you get some interesting market dynamics.

Challenging Contactless Transactions

Because contactless typically involves a customer not receiving a receipt, there is a higher chance of a consumer not recognising transactions. This is exacerbated by consumers believing that there are technology challenges with contactless; for example the problems with “card clash” or failed payment because two or more contactless cards are in close proximity, which is referenced every day in Underground announcements.

The combination of perceived risk of misallocated payment from contactless cards and the absence of receipt could give rise to genuine consumers querying transaction legitimacy. This could be preyed upon by first-party fraudsters who perceive a lower level of security as a means of facilitating a successful dispute.

Consider the person who has a few too many drinks at the local tavern and finds the next morning that they have a series of contactless transactions against their account. Without receipts and with a hazy recollection of events a customer may say “It wasn’t me.” If these kinds of challenges are successful, criminals could see a way of using that to their advantage.

Of course, there are other elements of the security landscape that help ensure contactless is not an open exposure. These include limits on the number of contactless transactions that can be fulfilled before a CVM is needed, plus a strong EMV chip audit trail which would mean that sequential transactions could only arise if a customer lost their card or had somehow facilitated the card being accessed and used.

Contactless may not be driving levels of chargeback, and reported fraud on contactless cards is extremely low even in maturing markets. But as the channel proliferates, it is an area that fraud management professionals should keep an eye on, especially if ill-informed first-party fraudsters see the chance to capitalise.

Let’s block ads! (Why?)

FICO

Contactless, fraud, Greater, payments, pose, Risk
  • Recent Posts

    • Database version control: Getting started with Flyway
    • Support CRM with New Dynamics 365 Field Service Mobile App
    • 6 Strategies for Achieving Your Business Goals in the New Year
    • Researchers propose using the game Overcooked to benchmark collaborative AI systems
    • Oracle Launches Version 21c
  • Categories

  • Archives

    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • November 2014
© 2021 Business Intelligence Info
Power BI Training | G Com Solutions Limited