Digital Transactions Authoritative, insightful and timely information for payments professionals
As more consumer and business activity, let alone shopping, migrates to digital channels, the potential for additional risk increases. A new white paper from Giact Systems LLC outlines where some of the risk may be emerging.
The Allen, Texas-based payments and identity-fraud prevention firm said undetected fraud can erode consumer trust. In its “Identity Fraud in the Digital Age” report, Giact says 65% of consumers learn of identity fraud from sources that are not their bank or card issuer. That includes their own monitoring of their accounts online and paper statements, contact from a debt collector, and law-enforcement notification.
“The sheer awkwardness of placing consumers into the unofficial role of fraud detection specialist damages corporate reputations,” the report says. Javelin Strategy & Research, a Pleasanton, Calif.-based research firm, prepared the report for Giact. “More than 60% of the time, consumers are discovering identity fraud in a wide variety of ways without any notification from their financial-services provider. Some may argue that consumers need to be more attentive to their own personal financial lifestyles, but in placing the consumer on the front lines of fraud detection, businesses are falling on their own swords.”
Criminals also are adept at changing tactics. Among non-card-based account takeovers, checking or savings accounts accounted for 29% in 2019, up slightly from 28% in 2018. Accounts such as PayPal, what Javelin calls e-mail payment accounts, accounted for 16% in 2019, up from 9% in 2018, while store-branded accounts were 16% in 2019, compared with 11% the year prior.
“Criminals exhibited greater agility in 2019 by focusing on valuable non-card-based targets that otherwise, in previous years, may have represented smaller net gains,” the report says.
And to make detection tougher, once criminals take over an account they will act to hide their activity. The most likely tactic, seen in 30% of the cases, is to change the email address for the account, followed by changing the password, 28%; and changing the physical address, 27%.
