Widespread EMV chip card adoption is expected to drive down card-present fraud in the U.S. This was the experience in Canada and the UK, which have already noted dramatic reductions in counterfeit card fraud after implementing EMV on a large scale. The UK alone saw a 70 percent decrease in counterfeit fraud between 2005 and 2013. Although these results are promising for the U.S., fraudsters will continue to be active, albeit in a different forum.
According to recent research, card-not-present (CNP) fraud is expected to nearly double in the U.S. by 2018. The online and telephone channels constituting CNP transactions now serve as paths of least resistance for fraudsters.
As fraudsters shift their attention to e-commerce and telephone channels, it is important for credit unions to be proactive in strengthening their CNP channels. The following are five methods credit union card issuers can implement to help mitigate CNP fraud:
- 3D Secure: This online fraud prevention tool allows consumers to create and assign a password to their cards. Consumers then authenticate transactions with this password at the point of purchase on any websites supporting 3D Secure.
- Dynamic CVV2: Major brands such as Visa and MasterCard have built Dynamic CVV2 codes into their contactless cards. This security measure attaches a unique algorithm to consumers’ cards, which generates a new security code after each transaction. Stolen data from these cards is useless to fraudsters who will not be able to access the ever-shifting security codes.
- Behavioral Analytics: Utilizing predictive technology can help credit unions determine if a cardholder’s behavior is expected and legitimate or suspicious. It compares a cardholder’s online activities with patterns of legitimate user behavior and determines any anomalies that may indicate potential fraud.
- Cardholder Controls: By implementing these controls, credit unions give cardholders power and control over their transactions. Cardholders can set up parameters for transactions, such as spending limits and merchant locations. They will then receive real-time alerts via text or email allowing them to verify typical transactions.
- Tokenization: Apple Pay, Samsung Pay and Android Pay already use this technology to replace a card’s primary account number (PAN) with a unique digital account number, or token. The token is securely stored on the mobile devices or cloud and used to make purchases. A fraudster cannot use a token alone for transactions, making the token useless to them.
Although increased adoption of EMV chip cards in the U.S. has caused a dip in card-present-fraud, CNP fraud is on the rise. Credit unions can take proactive measures to mitigate this type of fraudulent activity. By implementing tactics such as 3D Secure, Dynamic CVV2, behavioral analytics, cardholder controls and tokenization, credit unions may be able to keep fraudsters at bay.