Thieves steal almost $500 million in 2017 from bank cards used to shop online.
Online shopping with credit and debit cards has never been riskier with almost $500 million stolen in 2017, according to new figures released this week by the Australian Payments Network (AusPayNet), an industry group that collects payments statistics.
Fraud figures for Card-Not-Present (CNP) purchases rose from $418.1 million in 2016 to $476.3 million in 2017 – up 13.9 per cent. The figure has risen every year since 2012, when it was $183.1 million.
Industry experts attribute the increase to a boom in online shopping, with card details given for purchases stolen by fraudsters and re-used.
Giselle Lindley, a principal fraud consultant for Asia and Pacific with ACI Worldwide, said criminal activity had shifted away from counterfeit cards and skimming. “For those of us who have been in the fraud risk management business for long enough, it is no surprise at all that we are seeing significant growth in online card fraud.”
The increase in CNP fraud follows a well-known pattern, says bankinfosecurity.com.
Advances in technology, such as putting chips in cards, had made in-person fraud at ATMs and merchants vastly more difficult with skimming and counterfeit fraud registering just $30.9 million, down nearly 48 per cent from 2016.
But as a result, fraudsters had migrated to using card details stolen online.
“Attention is now focused squarely on online fraud,” said AusPayNet chief executive Leila Fourie.
She said AusPayNet was developing a framework to help merchants, payments companies and financial bodies reduce CNP fraud. For instance, if a merchant did not hit fraud targets, it could be required to go to greater lengths to authenticate payments, such as by sending customers a text message with a password needed to complete the payment, as often occurs with online banking.
The framework would also encourage greater use of "biometric" authentication, such as fingerprint scanners or facial or voice recognition technology.
However, Lockstep Technologies managing director Stephen Wilson told bankinfosecurity.com that moves to introduce stronger security measures while using cards online were being met with opposition. Merchants fear overly intrusive security steps will cause shoppers to abandon their end-of-purchase shopping carts, he said.
Ms Lindley said that there was “no silver bullet” to e-commerce fraud, with a balance between security and customer experience a delicate task
Total card fraud grew five per cent, to $561 million, and the overall rate of card fraud, at 7.5c in every $100 spent, was little changed.
What can you do to protect your accounts?
- Secure all passwords to your computer and other mobile devices.
- Make sure you have anti-virus and anti-spyware software installed, running, and receiving automatic updates. Avoid pirated software upgrades.
- Use mobile applications with caution.
- Malware can easily be inadvertently downloaded from seemingly legitimate shopping applications. Update all applications when notified, but only from trusted sources.
- Limit online shopping to merchants that you know and trust.
- Do not respond to pop-ups.
- Be alert for potential charity donation scams and lottery scams.
- Always sign out of your internet account.
- Check your bank statements regularly.
Have you ever been a victim of online card fraud? Have you ever had your card blocked by your bank because they had noticed unusual activity?