Chip Cards Projected to Shift Fraud Risk to Card-Not-Present Transactions
With new card-fraud liability rules favoring those who use EMV chip-card technology, the transition to such cards is well under way. Some 70% of consumers now carry at least one chip card.1 Additionally, by June 2016, 50% of the nation’s 15 million point-of-sale (POS) retail locations are expected to have EMV-enabled terminals in place, and 90% are expected to accept chip cards by 2017.2
As card fraud becomes harder to commit at the point of sale due to the protection that the more secure EMV technology affords against card counterfeiting, some analysts are forecasting an increase in card fraud related to online and telephone purchases —so-called card-not-present transactions. With e-commerce sales expected to exceed $530 billion by 2020,3 this shift in fraud targets is troublesome for U.S. companies that accept payments online.
The following practices can help merchants reduce the risk of fraud related to card-not-present transactions:
- During these transactions, request and validate the cardholder’s name, full billing address, email address and phone number linked to the account.
- Request and validate the Card Identification Data (CID) security code and card expiration date, both of which appear on the back of the credit card, to verify that the actual cardholder is using the card.
- Check with your gateway provider to ensure you have a full suite of fraud detection tools, such as an Address Verification Service (AVS) that confirms a cardholder’s billing address.
- Place limits on online transactions. For example, you can block computer IP addresses from initiating multiple transactions from different cards assigned to different cardholders.
Similarly, businesses with commercial card programs can use the following best practices to help reduce card-not-present fraud related to their accounts:
- Monitor card accounts daily – Sign up for email and text alerts and notifications of account activity. Quickly spotting anomalies will enable you to alert your bank or card company to potential fraudulent charges.
- Update security software – Install a firewall and keep anti-virus and anti-spyware software updated. Make sure employees who make online purchases for your company stay current on their virus definitions and browser and security software.
- Suspend inactive commercial cards – Fifth Third commercial cardholders can suspend a card when they know they will not be using it for a certain period of time. These features are available through Fifth Third’s Commercial Cardholder Portal at: https://commercialcard.53.com/portal/auth/login/Login
For more information on ways to mitigate your company’s card-not-present fraud risks, contact your Fifth Third Bank Relationship Manager.
- “8 FAQs about EMV credit cards,” by Sienna Kossman, CreditCards.com, April 8, 2016. Available at: http://www.creditcards.com/credit-card-news/emv-faq-chip-cards-answers-1264.php
- “EMV Merchant Adoption Slower Than Expected,” press release issued on study conducted by The Strawhecker Group, Feb. 17, 2016. Available on Business Wire at: http://www.businesswire.com/news/home/20160217005243/en/EMV-Merchant-Adoption-Slower-Expected
- “Online sales in the U.S. will top $530 billion by 2020,” statistics from Forrester Research cited by Internet Retailer, available at: https://www.internetretailer.com/trends/e-retailers/online-sales-us-will-top-530-billion-2020/