Card-not-present fraud leads other kinds of payment fraud in nations that have migrated into the EMV standard. That’s based on U.S. Payments Forum, a nonprofit organization that includes international payments networks, financial institutions, merchants, processors, and other industry participants.
There are two reasons for this. First is the growing popularity of ecommerce. Second is that firms — institutions, networks, merchants — can be slow to embrace the ideal combination of fraud programs to adequately protect all parties.
CNP fraud prevention demands a layered approach. Static verifications systems alone don’t pass muster, as poor actors are quick to seek out ways to steal, hack, or spoof. While conventional, static tools require the user to submit information — such as addresses and other unique data — they don’t prove that the user really has some association to it.
Static Verification Tools
Merchants have traditionally relied on verification tools which are fast and always being outsmarted by crooks. When used alone, these tools fail to adequately discourage fraud.
Address verification services. This instrument is used by most online retailers. It asks the client to offer the billing address associated with his credit card. The system then matches that address to the billing address on file with the issuing bank.
The Issue. Confirming a billing address doesn’t prove that the individual owns the card. Fraudsters can steal this information — data breaches frequently include billing addresses — and then use it for purchases. AVS alone doesn’t prevent them.
IP address geolocation. This avoidance method has the perfect idea, but the application is faulty. IP addresses allow merchants to confirm that the geolocation of individuals trying to make purchases fit their billing or shipping address. IP addresses may also automatically prohibit orders from high-risk locations and states.
The Issue. There are lots of. For starters, fraudsters now have tools that enable them to use any IP address. Some use malware on the cardholder’s computer to identify that address. Additionally, IP address verification can cause problems for legitimate cardholders that are traveling or who use virtual private networks for solitude.
3-D Secure. This protocol provides an extra verification way of online transactions. It takes three participants — the merchant, the cardholder’s bank, and the issuer (such as Visa or MasterCard) — to approve a purchase. Verified by Visa and MasterCard SecureCode utilize the 3-D Safe Procedure. Cardholders must create a password for each card, in addition to provide personal information, such as their social security number.
The Issue. It’s easy for crooks to steal private information that could then be used to register or complete purchases via the 3-D Safe system. Moreover, redirecting consumers to the issuer’s 3-D Secure system during the checkout process reduces conversions.
Dynamic authentication offers essential protection with no friction. It relies on artificial intelligence and real-time information analysis to decline fraudulent orders, and also to decrease the amount of false declines from legitimate ones. We addressed the topic a week, at”Intelligent Ways to Handle Fraud.”
Real-time transaction analysis enables card user authentication before purchase consent, providing another layer of protection to the purchase procedure. It can help to identify unauthorized transactions by validating the payment particulars against previous credit history, biometric and geolocation information about the payment device, malware attributes, and other information. It eliminates automatically redirecting users to a third party site for 3-D Safe — confirmation is only prompted when necessary.
Dynamic fraud prevention is the manner of the future and present for CNP merchants. When coupled with static tools and tokenization — substituting sensitive data with a non-sensitive equal (a token) — merchants can enhance data protection and increase consumer confidence.