August 9, 2016
Digital identity technology provider ThreatMetrix identified several trends in its quarterly Cybercrime Report of significant interest to card-not-present merchants highlighting the EMV migration, account creation and rising mobile transactions. EMV implementation in the U.S. was widely expected to cause fraud to migrate from card-present to card-not-present channels. ThreatMetrix’s Q2 Cybercrime Report confirms what other reports are seeing: fraud attacks targeting e-commerce merchants are up sharply since the Oct. 1, 2015 liability shift. ThreatMetrix identified 69 million attacks on e-commerce companies using its services during the second quarter of this year, up 90 percent from the same time a year ago.
“EMV migration represents a big win for straightforward, friction-free transacting, but at what cost?” said Vanita Pandey, vice president of strategy and product marketing at ThreatMetrix. “Businesses increasingly have to balance careful fraud and risk management with strong customer authentication to ensure this upward trajectory of fraud attacks is held in check.”
The report also found attacks on new accounts increased more than 250 percent since Q2 2015, fueled by identity credentials obtained illegally on the dark web. Many fraudsters are using bots to create new accounts they can monetize later. During the second quarter, ThreatMetrix identified the first mobile bot attack to occur on its network. The reason mobile has become a more inviting target? More transactions. The company found mobile transactions are growing at a rate of 200 percent year-over-year, and 40 percent of transactions on its network now come from mobile devices.