EMV’s U.S. Anniversary – CNP Fraud on the Rise

Tim Critchley – Chief Executive Officer

This fall marks one year since the U.S. adopted the EMV (Europay, MasterCard, and Visa) standard. The roll out has been slow, as retailers and financial institutions must upgrade infrastructures, change processes, obtain accreditations, and educate consumers who are unsure whether to swipe or insert their card at the point of sale. To date, less than one-third of U.S. merchants have the ability to accept chip-based transactions. Those who are not “EMV ready” risk incurring chargeback costs, as the standard has shifted fraud liability to the party who has not adopted chip card technology.

However, a look at the U.K. decade-long usage of chip cards shows some promise for the U.S. From 2004 to 2012, the U.K. experienced a 75-percent decrease in credit card fraud at brick and mortar stores, demonstrating EMV’s positive impact on preventing fraud due to card duplication. But, this hasn’t resulted in fraud decreasing across the board. Fraud has simply shifted elsewhere, and fraudsters who once targeted card-present transactions have migrated to the card-not-present (CNP) channel, including online and mail order/telephone order (MOTO) transactions.

Statistics suggest that despite drops in card-present fraud, CNP fraud continues to rise. Recent data from the Financial Fraud Action UK (FFA UK) unveiled that CNP fraud in the U.K. “skyrocketed” in the first half of 2016. Of the £321.5 million ($392.1 million) consumers lost in that timeframe to payment card fraud, £224.1 million ($273.3 million) was due to CNP fraud.

Canada adopted EMV in 2008, and has had a similar experience to the U.K. From 2008 to 2013, Canada saw a 54 percent decrease in credit card fraud, but a 133 percent increase in CNP fraud. Now, the U.S. appears to be following the same trajectory. Since adopting EMV, the U.S. has experienced an 11 percent growth in CNP fraud. And, by 2020, CNP fraud is expected to reach $7.2 billion, according to a CNBC report. It is also likely that fraud, in general, will climb to $10 billion before EMV chip card migration is complete.

While these staggering numbers may be partially attributed to the inherent increase in CNP spending, they serve as a wake-up call for companies to strengthen their fraud prevention efforts. Fortunately, many chip cards are equipped with features that allow for multi-factor authentication. Online merchants can supplement their payment systems’ security with fraud detection software, 3D Secure or tokenization, which does not require the retailer to store sensitive data within its network. These tactics add extra layers of security to online transactions, beyond the traditional three-digit code on the back of card.

In addition to enhancing security for online transactions, Semafone believes merchants should hone in on their call centers – a vital player in CNP transactions, as well as a prime target for MOTO fraud. Retailers, banks and other organizations who take payment card information over the telephone should explore new technologies that can help reduce risks, thwart attacks, keep customer information safe and protect their brand. An EMV chip card alone will not prevent a call center agent or a nearby listener from taking down a customer’s card number for malicious use.

EMV is a viable solution for preventing fraud, but it is not the only answer to the global fraud pandemic. As the U.S. continues to implement the EMV standard, we will continue to monitor its effect on the CNP channel, while helping our customers reduce risk in their call centers.

EMV’s U.S. Anniversary – CNP Fraud on the Rise
Semafone