Fraud Prevention in Payments: Through the User Journey - Ofer Golan, Wix
Welcome to 2020: Statistics You Need To Know About Fraud, Data Privacy and Stolen Identities
It’s a brand new decade and the perfect time for companies to make new year’s resolutions about how to protect their businesses, their users and their data better than ever before. So what’s the state of play now?
Here are 7 top trends companies need to know to plan for the year to come.
1. Fraud is a concern like never before for consumers and merchants alike
- 46% of consumers said they are concerned with being victimized by fraudsters this holiday season
- 69% of U.S. merchants report that a significant amount of company time and expense is now dedicated to dealing with payment fraud
- 13.7% of all sessions are attacks. These attacks range from fake account registrations, promotion abuse, account takeover, inventory scraping, spam and fake listings.
2. Fraudsters no longer focus on checkout alone, but have spread to attack the entire consumer journey:
- Account registration attacks are the most attacked customer touchpoint, with every 1 in 5 account openings being malicious.
- Dormant accounts are at risk from ATO: 65% of compromised accounts have not logged in for more than 90 days, and 80% of these accounts belong to users that have not logged in for more than 30 days.
- Fraud related to loyalty programs increased by 89% percent between Q2 2018 and Q2 2019
3. The scale and the speed of these attacks is daunting:
- 86% of cybercriminals commit attacks against more than one industry
- And it’s all at scale — 33% of merchants indicated an increase in botnet activity from previous year.
4. Companies are between a rock and a hard place.
They have to prevent fraud and limit identity risk — and it seems like consumers are behind that endeavour.
- More than 95 percent of shoppers view additional identity validation as positive when shopping online with a merchant — a sign, perhaps, that they rely on merchants to protect them.
But in practice, consumers want convenience, and they won’t stay with a site that doesn’t provide a seamless experience.
- Buyers tend to bail out of purchases if they have to complete more than 3 steps in the transaction
- Half of consumers back out of a purchase if the checkout process pushed them to a tab or window
- Top frustrations: 50%, having to re-enter credit card info. 44% — have to reenter shipping info. 42% — having to login for a second time. 41% — having to take a picture of ID. Compared to 37% — shipping costs too much.
5. In the background to all this, but increasingly coming to the forefront, data theft and data privacy are now burning concerns for both consumers and companies:
- If consumers do experience fraud on a company’s platform, 91% say they likely won’t use that company again in the future, while 86% say they will tell others about their fraudulent experience. So fraud is a wider problem than many people realise; the implications of a successful fraud attack can ripple through time, affecting customer loyalty and harming brand reputation.
- ImmuniWeb found over 21 million (21,040,296) stolen credentials belonging to Fortune 500 companies. The most popular sources of the stolen info were third parties, trusted third parties, and the victims themselves.
- …which is unsurprising, given that 32% of data breaches involved phishing as part of the attack tactic and nearly 60% of all mobile fraud attacks are mobile phishing.
- In the 2019 holidays, 52% noted they would avoid patronizing a business with a poor track record when it comes to breaches.
And it’s all having a long-term impact, too. 49% of businesses reported a decline in customer trust over the past year.
6. Third parties are a big part of the problem:
- More than half the breaches in the United States these days are due to third parties. 59% of companies said they have experienced a data breach caused by one of their vendors or third parties. In the U.S., that percentage is even higher at 61 percent.
- What’s more, many breaches go undetected: 22% of respondents admitted they didn’t know if they’d had a third-party data breach in the past 12 months.
- Companies continue to increase their reliance on third parties and, on average, share confidential and sensitive information with approximately 583 third parties.
And that takes us full circle back to the impact of online fraud: 73% of fraud instances involved PII.
While sharing data with third parties might open companies (and their users) up to considerable increased risk, one of the touted alternatives isn’t ideal either.
7. Self-sovereignty is not the answer to our data privacy woes either — or at least not anytime soon:
- 25% of employees use the same password for every account
- Almost 10% of people have used at least one of the 25 worst passwords on this year’s list
- 35% would use a non password-protected public wifi network even for sensitive tasks
- 25% of consumers consider themselves uninformed about cybersecurity
Considering all the stories about successful phishing attacks, even against fairly knowledgeable people, none of this should be such a surprise. Even fraud prevention professionals can fall for a trick when they’re stressed or in a hurry.
Bonus trend: There is some good news.
- Trust in technology industry has actually increased, and is at a 5 year high
- 55% believe CEOs can create positive change when it comes to personal data and 76% believe CEOs should take the lead on change rather than waiting for government to impose it
So the challenges are real, but consumers have faith that companies can and will solve them. Identiq couldn’t agree more. As we’ve said before, we think that consumer opinion, translated into legislation, will provide the motivation companies need to improve — and technology will create solutions. Identiq’s own network is the perfect example of that.
We’re betting that 2020 is the year these trends start turning around.
TransUnion’s 2019 Holiday Retail Fraud Survey
2019 Digital Payments Survey, American Express
Arkose Labs, Fraud & Abuse Report, Q4 2019
Ponemon Institute’s The Cost of Credential Stuffing Report
DataVisor Fraud Index Report: Q2 2019
7th Fraud Attack Index, Forter
PYMNTS Fraud Decisioning Tracker
Lexis Nexis True Cost of Fraud Study
Forter’s Buyer Bailing survey, via OnePoll
Immuniweb Dark Net Study
Infinite Want: Consumers Demand Speed and Security in the Digital Experience
7th Annual Fraud Report, IDology
Ponemon Institute “Data Risk in the Third-Party Ecosystem” study
Fraud Prevention with Integrated Identity Verification, Forrester and Neustar
Open VPN’s Cyber Hygiene Study
SplashData’s Password Study 2019
Fiserv 2019 Cybersecurity Awareness Insights Study
2019 Edelman Trust Barometer
What’s a Rich Text element?
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
Static and dynamic content editing
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
How to customize formatting for each rich text
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Identiq is SOC2 Type II Certified - and Constantly Committed to More Than Compliance
Fraudology Podcast: Karisse Hendrick Discusses the Holy Grail of Fraud Prevention