Experian: EMV Tied to a New Wave of eCommerce Fraud

April 3, 2017         By: Steven Anderson

Sometimes it seems like mobile payments security is just squeezing a balloon. Just as a clampdown takes place in one sector, another sector bulges out to match the squeeze placed on the other end.

A study from Experian found that the move to Europay / Mastercard / Visa (EMV) standards on credit cards did indeed help with at least one kind of fraud…but it made for a substantial spike in another.

The instances of cloned-card fraud, Experian found, dropped significantly in the interval between now and when EMV cards first started to become a major affair. However, in that same period, there was a substantial uptick in card-not-present fraud, a development that effectively moved fraudsters from one type of fraud to a completely different kind of fraud.

Worse, there was also said to be a net increase in overall fraud, as 2016 saw 1,093 breaches in the entire year, making credit card data that much easier to come by.

With reports from the Federal Trade Commission making it clear that credit card fraud was on the rise—up from 16 percent of consumers reporting stolen data in 2015 to over 32 percent in 2016—and Experian itself suggesting that these numbers will likely get worse before they get better, it’s clear that the switch to EMV is not the solution to fraud some were hoping for.

However, the numbers do prove that the EMV switch likely worked as advertised, delivering a lower quantity of credit card fraud…in a way. Granted, the fraudsters just immediately jumped to a more accessible fraud, making the net fraud in the system actually increase a bit, but still, it did work for its intended goal.

This, meanwhile, proves to the rest of us how important it is to engage in proper control measures for our various mobile payment systems, regardless of the type; watch accounts, engage in strong passwords, that sort of thing.

External measures do quite well, and these should be regularly improved. Yet we also have a part to play in the security of our mobile payment systems, and the better a job we do, the better the whole system will do in response.