CNP Expo: Fraud on the Move

May 20, 2015

CNP Expo: Fraud on the Move Justin McDonald, senior risk management consultant with The Fraud Practice, started a Wednesday afternoon discussion on mobile fraud by pointing out, “Mobile is convenient and immediate for customers, but fraudsters are taking advantage of that as well.”

Panelists discussed current trends in mobile fraud, noting that mobile fraud rates are growing slightly faster, on average, than e-commerce in general.

“Mobile fraud rates are growing faster, because the newer, smaller-to-midsize merchants are racing to mobile but often are not prepared for fraud,” said Kount COO Rich Stuppy.

Chance Bowlin, corporate loss prevention manager for Petco, agreed: “We have seen fraudsters making desktop fraud look like mobile, even though they’re not actually on a mobile device. They know most merchants are more lax on mobile purchases, and they are trying to exploit that.”

Mobile is no more risky than other forms of e-commerce fraud, Carl Tucker, head of CyberSource Managed Risk Services said, but only if you approach it in the right manner.

“If you do it right, you actually have more data about the customer, and you could even have a lower fraud rate if you apply that.”

So what does “doing it right” look like?

The panelists remarked that having a dedicated mobile app (as opposed to a mobile website) makes collecting data easier during the transaction, and that data allows the merchant to make better decisions about the risk level of a transaction.

Western Union’s Bernard McManus said, “Knowing the channel a transaction is coming in on can allow you to use different tools to see the data and verify that this is a good transaction. There are distinctly different patterns from different kinds of devices and carriers. The fraudsters know the weakest link in terms of mobile carrier and type of device, so when you see that, you can approach that decision differently.”

Stuppy also encouraged the audience to “monitor ALL activities in app, not just payments—changes in a password or account information, for instance, can be indicators of fraud.”