Harnessing technology to contain a wave of online fraud
The COVID-19 pandemic has reshaped the modern economy to a degree that few would have anticipated. Government-mandated shutdowns have required millions of people to stay home, accelerating the shift to online shopping, entertainment and news media.
In addition to legitimate online activities, fraudsters and other unscrupulous cybercriminals have also had an unprecedented opportunity to target unprepared businesses and individuals.
To protect sensitive payment data exchanged between businesses and consumers online, the now mandatory 3D Secure authentication protocol and Strong Customer Authentication (SCA) requirements have been implemented.
A strong case for digital commerce
Research of Arkose Laboratories reveals 85% increase in online fraud year over year. This figure comes from the 2022 State of Account Fraud and Security Report, which analyzed more than 150 billion transaction requests in more than 254 countries and territories.
The world is spending more time, money and energy on the Internet than ever before. Likewise, there is very little reason to assume that this new wave of cybercrime will go away either, unless measures are put in place to slow it down.
The public is reluctant to abandon its new practices of digital payments and online data exchange. Internet sales, as a proportion of total retail sales, were climbs fairly steadily since 2006. Bank branches around the world are closing, as customers shift to mobile banking. Major global companies like Microsoft are touting the benefits of “hybrid” working, which combines remote working with a traditional, centralized workplace.
Advantages and disadvantages of easy payments
The ubiquity of internet coverage has been instrumental in making online payments ingrained in every aspect of our daily lives and providing consumers with an easy way to spend their money. It is by design. When Amazon was granted a patent for its revolutionary one-click ordering system, the company removed a barrier to purchase and gave itself a huge competitive advantage. This is a trend that has continued to the present day; the fewer steps buyers have to take on the way to a purchase, the more likely they are to complete that purchase.
Older methods of fraud prevention, such as static passwords, have struggled to keep pace with rapid technological change. Closing deals as quickly as possible presents a bottleneck: Personally identifiable information often needs to be stored where it can be easily retrieved – not only by legitimate actors, but also by fraudsters. And consumers are not willing to give up this convenience for security reasons. Thus, banks and financial institutions have been forced to develop ever more sophisticated ways to deter fraudsters while providing frictionless commerce. Since online fraud is not only a problem for consumers, but also for retailers and financial institutions, the need for security innovation has never been greater.
The solution is multiple
The solutions to this problem are many and multifaceted. Of all the possible ways to approach the problem, the technological route proves its appeal by being more direct and direct. Two-factor authentication, for example, allows users to identify themselves quickly using something they know (eg a password) and something they own (eg a smartphone). Add fingerprint scanners and facial recognition software, and you have an impressive (but not insurmountable) technological barrier to malicious third parties.
The next line of defense concerns regulatory provisions. In 2015, the European Union ratified the second version of the Payment Services Directive – PSD2. Being a directive rather than a regulation, this set of measures had to be implemented by the Member States. Despite Brexit, it is also coming to the UK, after the Financial Conduct Authority (FCA) set a deadline for its implementation of March 14, 2022.
The directive is based on the mandatory use of strong customer authentication (SCA) measures in order to bring each online transaction into compliance with the most relevant version of the 3D Secure protocol. Fortunately, the stricter security requirements come with a more flexible approach to making payments online. Thus, the second iteration of the protocol (3DS V.2) introduces an exemption mechanism for low-risk transactions to improve customer experience and payment approval rates.
The intention of this new set of rules is to improve protection for cardholders while enhancing competition between issuing banks and non-bank financial institutions. The inducement will follow a blueprint set out by the General Data Protection Regulation (GDPR) and its effects could be just as far-reaching.
About Santa Kirsbauma
Santa Kirsbauma is a board member responsible for product development at DECTA. With a background in providing e-commerce solutions for the banking industry, she is currently active in card acquiring, fraud investigation, wallet management, cards and payment systems. Santa Claus is a determined business development professional with a keen interest in innovative entrepreneurship.
This side is a global online payment processing company. We are a principal member of the Visa and Mastercard networks with expertise in providing integrated services for third-party payment processing, online acquiring, payment card issuance and secure payment authorization. Our 2000+ customers include e-merchants, banks, PSPs and enterprise customers in 32 countries.