Don’t Ignore Card-Not-Present Payment Fraud

In all the brouhaha about the Target and Neiman Marcus data breaches, the Card-Not-Present (CNP) part of the equation simply hasn’t been discussed at sufficient length. In general, this makes sense, considering the fact that apparently the card information targeted in the Target data breach (and perhaps the other retailers’ breaches) was that which was available on the physical POS terminals. Moreover, since the bulk of card use in the United States is physical POS-based (think physical shopping, gas stations, restaurants, etc.), this is not a surprise.

Yet, it is important not to entirely ignore the CNP fraud aspect of things, both because CNP is a fraud problem that continues to grow and because CNP fraud is spiking in other regions/countries that have already made the EMV shift. This is significant, as CNP represents the soft underbelly of card fraud in such environments and will likely serve as a precursor for what will occur in the US. According to a January 2013 report from the European Forum for the Security of Retail Payments, CNP fraud “has become the most prevalent type of payment fraud.” In comparing France and Australia as precedents (he also describes Canada and The Netherlands), Douglas King from the Federal Reserve Bank of Atlanta writes “CNP fraud has experienced a significant increase since the introduction of EMV chip-and-PIN” and “total fraud has increased significantly due to the significant increase in CNP fraud.”

Moving to an EMV system (be it Chip & PIN or Chip & Signature) in the US won’t happen overnight and won’t make card-based fraud entirely disappear. In fact, because CNP fraud has tended to grow faster than physical card fraud (especially as EMV migrations ramp up), CNP fraud as a total percentage of overall fraud losses will continue to grow, especially if Europe is a leading indicator. This possibility, coupled with the fact that the broad adoption of the 3D-Secure protocol in the US has been somewhat limited, leads one to believe that a small problem could become a broad problem relatively soon.

Share this:
Twitter LinkedIn Facebook Email