Retail losses from fraud are continuing to increase despite the introduction of EMV chip cards that were supposed to dramatically reduce credit card fraud, according to a new study from LexisNexis.
Each retail company surveyed saw an average of 238 successful fraud incidents a month in 2017, with an average transaction value of $181, according to the “True Cost of Fraud” study. That was up from 206 incidents in 2016, when the average value was $146. In 2015 — the year retailers were required to install chip card readers or face increased exposure to fraud costs — there were 156 incidents with an average value of $113.
“The introduction of chip … cards continues to move fraud to the online channel.”
— LexisNexis, “The True Cost of Fraud”
When all costs of dealing with fraud are factored in, the “fraud multiplier” amounted to $2.77 for every dollar of fraud, an increase of 15 percent over 2016, the company said. For online retailers the amount came to $3, an increase of 21 percent.
“The introduction of chip … cards continues to move fraud to the online channel,” the report said. With the growth in online fraud exceeding the 16 percent growth in online sales reported by the Commerce Department, “we can point to EMV implementation at physical retail stores as a cause,” says LexisNexis Risk Solutions Vice President of Fraud and Identity Management Strategy Paul Bjerke.
The new chip cards are more difficult to counterfeit than traditional magnetic stripe credit cards, a move intended to discourage criminals from hacking into computer databases to steal card numbers. But the chip plays no role when purchases are made online, and EMV critics have long predicted that chips would cause fraud to move online rather than eliminating it.
The study found that credit cards accounted for 54 percent of successful card-related fraud at large merchants with ecommerce operations, up from 48 percent the year before, and 44 percent at large merchants selling both physical and digital goods, up from 38 percent.
Significantly smaller percentages were seen for other types of fraud examined, including identity theft, fraudulent returns, stolen merchandise and “friendly” fraud.
Verification of customer identity was the leading challenge faced by retailers in fighting fraud, cited by 50 percent of those selling online. (No number was reported for bricks-and-mortar retailers.) Unlike EMV cards used in the rest of the world, U.S. EMV cards still rely on an easily forged signature rather than a more-secure personal identification number that the National Retail Federation has said would reduce fraud both in-store and online. The study said better verification is needed, but did not take a position on chip-and-signature versus chip-and-PIN.
Credit cards aside, the study found that multichannel merchants have a higher percentage of successful fraud attempts than those who sell only in stores, and need to adopt fraud prevention techniques that address the differences between selling in person and online.
“Merchants selling physical and digital goods often apply a one-size-fits-all program to fight fraud, and they use a limited set of solutions,” says LexisNexis Senior Director of Fraud and Identity Management Strategy Kimberly Sutherland. “These less advanced and less sophisticated legacy solutions do not appear to be working, given the sharp rise in costs and volume of successful fraud attempts.”
The study was based on a survey of over 650 risk and fraud executives at retail companies ranging from less than $1 million in annual sales to more than $50 million.
Liz Parks is a Union City, N.J.-based writer with extensive experience reporting on retail, pharmacy and technology issues.