In digital transactions, we’ve seen a 42% year-over-year increase with 60% of these being handled on a mobile device. And, with a 48% year-over-year rise in fraud attacks involving mobile devices, it’s apparent that both consumers and the businesses that serve them will need to begin taking digital security measures much more seriously in the years to come.
The emergence of digital wallets adds even greater risk to the rise in mobile transactions. These wallets not only contain digitally accessible cash and credit details, but personal identity documents and unique can be leveraged for illicit use.
These threats seriously hinder e-commerce and other online exchanges, while reaching beyond boundaries to expose businesses to significant risk.
In this post, we discuss fraud trends to watch.
A 38% year-over-year increase in bot attacks has signaled a new wave of risks for financial institutions. A report released in 2020 by DataVisor showed that bots have grown significantly more sophisticated of late, with 2% of fake accounts having been created by bots capable of solving CAPTCHA requests.
Not too long ago, they simply were unable to do such things, sticking with basic data entry and repetitive clicking tasks instead. This rapid development makes attacks likely to improve in effectiveness each year, and companies of all kinds will need to find a suitable solution to the risks such attacks pose.
Financial services have received the most attention from fraudsters leveraging bots to do their bidding. In fact, only 37% of traffic to all financial sites has been found to be human.
Fraudsters are putting their botnets to use in a variety of ways, including:
The severity of this issue is clear enough, but the means of defending against rising bot risks remain unclear to many companies caught in criminals’ cross-hairs. With so many vulnerabilities open to them, fraudsters can make fending off attacks a frustrating experience for financial institutions. This leads to lower customer satisfaction if preventative measures chosen to defend sensitive information prove to be an impediment to otherwise legitimate customers.
Fraudsters have begun to organize their methods to such a degree that they are now capable of leveraging a veritable digital army to power bigger, network attacks. Full-blown fraud networks are now in operation and have already profited heavily from multiple online retailers. By using more than 130 thousand email addresses, and as many as 61 thousand telephone numbers, they’ve been able to pull $27.9 million USD from exposed businesses.
These tactics have progressed quite a bit since Target’s headlining data breach involving 40 million credit and debit cards. After a long, drawn-out investigation, it was found that attackers used stolen credentials to access Target’s customer service system. They installed malware and successfully captured much more than card data – full names, phone numbers, email addresses, and even card verification codes were pilfered alongside additional sensitive information. In the end, Target was held responsible for the breach and forced to pay a multistate settlement of over 18 million USD.
As was the case then, the exact methods being used are difficult to discern and the impact can be tremendous, with little hope of recovering stolen funds.
People are putting their information online more and more often, leading attackers to search harder for ways to gain access. Organizations being slow to implement effective security measures to protect their customers online has given fraudsters a chance to discover better ways to attack existing vulnerabilities.
It has been discovered that those who were targeted by stimulus-refund fraud and identity fraud recently were individuals in possession of digital wallets such as Apple Pay and other peer-to-peer products like PayPal. It would seem that somewhere in this emerging mix of services and apps, fraud risks are being incubated without organizations’ or consumers’ knowledge.
Companies cannot afford to sit still while their customers are put at risk, but the solutions they lean on to protect them can bring online transaction speeds to a halt. Onboarding new customers efficiently, while protecting their data is of the utmost importance to any business. A bad experience–even if it is secure–can cause customers to look elsewhere. Organizations must pick up the slack in providing a safe, yet efficient onboarding process that is seamless, simple, and accurate. And this is where Intellicheck steps in.
Unlike other ID validation options on the market, Intellicheck does not force a tradeoff between effectively identifying the customer and experience.
Intellicheck is easy to use and provides results in under a second. It also offers 99.9% so you can be certain if the ID is real (or fake). It works on mobile phones and web browsers, and can even be integrated into your existing apps and experiences. The result is that, with Intellicheck, you do not need to tradeoff between validation effectiveness and user experience. You get both.