Tis the season for holiday shopping, and card-not-present fraud. For the 2020 holiday shopping season, many consumers pivoted to e-commerce to accommodate social distancing and stay-at-home orders from the COVID-19 pandemic. As online shopping increased, so did fraud. In the latter part of 2020 alone, the FBI received thousands of reports of fraud, totaling over $53 million in losses attributed to fraud. This year, many consumers are still deferring to online purchasing, with supply chain concerns and predicted shortages fueling the surge of e-commerce for holiday shopping. It is likely that card-not-present fraud will spike this holiday shopping season too.
Card-not-present fraud cannot always be prevented, but with strong internal best practices and continuous member education your credit union can reduce fraud’s reach and impact this holiday season.
3 Best Practices to Fight Card-Not-Present Fraud
- Ensure security and authentication
Verify that your credit union has multiple, comprehensive layers of security and authentication for online transactions. Most importantly, ensure that your credit union is operating on Version 2.0 of 3D Secure, a vital layer of security for digital transactions. Version 2.0 enables secure, real-time information sharing for merchants to validate the cardholder’s information and identity, without causing any disruption to the member’s shopping experience. For added security, review daily dollar limits for digital transactions and offer to lower members’ daily card limits over the holiday season.
- Enhance transaction monitoring
It is imperative to monitor all areas of the business for fraud, including ACH, wires, checks, new accounts, card-present transactions, and especially card-not-present transactions. Especially during an influx of digital transaction activity, increase the frequency and scrutiny of ACH items, outgoing wires, and online transaction activity. Suspicious online transactions should be closely monitored as they can be indicators of card-not-present fraud.
Suspicious digital transactions could include:
- Out-of-the-country transactions
- Multiple transactions with the same vendor in a 24-hour period
- PIN change activity
- Larger than usual dollar amounts
If suspicious activity is occurring on your members’ account, contact them immediately and consider proactively blocking and reissuing the card. Be on the lookout for common points of compromise and report all fraud immediately.
- Educate cardholders
Many scams pop up during the holidays that are targeted to steal your members’ information and money. In addition to best internal practices for your credit union, you can help protect unsuspecting members with ongoing fraud prevention education and practical tips. Members that are aware of fraud can better detect fraudulent attempts and avoid potential losses.
Encourage members to:
- Limit use of person-to-person payment apps like Zelle, Vemno, and PayPal to family and friends.
- Only shop from secure, encrypted websites that have the padlock icon and begin with https://.
- Create unique and secure passwords for all online accounts.
- Limit storing card information on websites.
- Verify the legitimacy of a charity before making an online donation.
- Always use your chip card when shopping in-store.
- Sign up for transaction alerts through your credit union.
- Purchase Visa or MasterCard gift cards directly through your credit union.
- Report online fraud, regardless of the dollar amount lost, to the FBI’s Internet Crime Complaint Center (IC3)
Strong authentication measures coupled with back-end monitoring and member education are first line defenses against fraud. Together we can maintain heightened fraud awareness and proactive measures for a safe holiday shopping season.
 Federal Bureau of Investigation. November 2021. https://www.ic3.gov/Media/Y2021/PSA211124
 VISA. https://usa.visa.com/visa-everywhere/security/future-of-digital-payment-security.html/