Worldwide delivery of smartphones and tablets has risen. In fact, shipments are now exceeding traditional desktop and laptop devices. Merchants and consumers need to brace themselves for the new fraud channels. Traditional fraud screening isn’t effective for the new generation of payment methods.
The mobile payment problem
Screening techniques like CVV, comparing billing and shipping addresses and IP Geolocation are essentially moot with mobile payments. Even the more recent, and very effective methods of device fingerprinting are less effective in the mobile payment workflow. To make matters worse, consumer expectation of instant gratification will negate the possibility of the most effective method of screening questionable transactions – manual review of transaction details. And just to make it all more interesting, at least 73,000 malware threats are released on a daily basis thanks to mobile device owners downloading mobile apps with wild abandon while ignoring malware protection apps.
The mobile payment solution
Fraud prevention strategies for mobile payment are emerging but balancing consumer convenience and speed against fraud prevention isn’t trivial. Fraud screening needs to be done in realtime or near realtime. There just isn’t any other solution. An article by Alisdair Faulkner in E-Commerce times presents five strategies for retailers. I won’t detail them here but I’d urge you to read the article but to summarize…
- Current transaction mix review to assess vulnerabilities
- Reliance on mobile Web for application authentication and authorizations especially for high-risk transactions
- Centralization of fraud intelligence among the retailer’s departments
- Behavior and location profiling using mobile device GPS technology
- Layered fraud prevention which has always been the best approach
I would add one more – Data sharing among merchants and processors. Data sharing at Ethoca’s FraudStop has proven to be very effective. When more data is available for making intelligent decisions, fraud rates will drop. When will the industry stop resisting the data sharing concept? I don’t know. But it would cut fraud significantly.