With compromised credit cards and data breaches dominating the headlines in the past couple of years, it’s hard not to have some concern about fraud. Technology such as EMV promises to make some payments safer, but experts predict fraud will remain a growing problem for years to come.
Data breaches totaled 1,540 worldwide in 2014 -- up 46 percent from the year before -- and led to the compromise of more than one billion data records.1 Twelve percent of breaches occurred in the financial services sector; 11 percent happened in the retail sector.1 Malicious outsiders were the culprits in 55 percent of data breaches, while malicious insiders accounted for 15 percent.1
FACTOID:
32 data records were lost or stolen every second in 2014.1
North America was the continent most affected by data breaches in 2014, accounting for 1,164 or 76 percent of breaches in the world. The United States accounted for 1,107 of those breaches -- 72 percent of breaches in the world. Next in line were the United Kingdom (8 percent), Canada (4 percent), Australia (2 percent), Israel (1 percent) and China (1 percent).1
Fifty-four percent of data breaches in 2014 related to identity theft, 17 percent aimed at financial access and 11 percent sought account access. The remainder were considered nuisance attacks or attempts to get at intellectual property or classified information.1
Among the most highly-publicized breaches in recent years:
• EBay: 145 million records accessed.1 • Home Depot: 109 million records accessed.1 • JP Morgan Chase: 83 million records accessed.1 • Michael’s Stores: 3 million records accessed.1 • Staples: 1.16 million records accessed.1 • Domino’s Pizza: 650,000 records accessed.1 • Sony Pictures Entertainment: 47,000 records accessed.1 • Target: 40 million credit card numbers and 70 million addresses accessed.2 • Nieman Marcus: 350,000 cardholders impacted.2
Card fraud
Most card fraud occurs in the United States. In fact, a 2015 research note from Barclays stated that the U.S. is responsible for 47 percent of the world’s card fraud despite only accounting for 24 percent of total worldwide card volume.2
The high level of debit and credit card fraud in the United States also impacts other countries. Among U.K.-issued cards in 2015, 35 percent of fraud-related losses occurred in the United States, compared to 10 percent in France and Australia, 9 percent in Canada and 6 percent in Germany.3
Cross-border fraud occurs when criminals use a consumer's credit or debit card data in one country to make fraudulent transactions in another country. In 2014, 47 percent of fraudulent cross-border transactions on U.K. credit cards took place in the United States.4
U.S. credit card fraud is on the rise, too. About 31.8 million U.S. consumers had their credit cards breached in 2014, more than three times the number affected in 2013.5
That fraud isn't cheap. Nearly 90 percent of card breach victims in 2014 received replacement credit cards, costing issuers as much as $12.75 per card.5
Most experts believe that the reason the U.S. has a disproportionately high amount of fraud is because it has been slow to adopt EMV, a global standard in which credit cards carry computer chips that cut down on counterfeiting by dynamically authenticating card transactions. Countries that have deployed EMV have enjoyed a decrease in counterfeit fraud as a result -- 70 percent in the U.K., for example, between 2005 and 2013.2
The U.S. is implementing EMV, and once it becomes widespread, counterfeit card fraud should drop here, too. But as in other countries, other types of fraud -- especially card-not-present (online) fraud -- will probably grow. In the United States, card-not-present fraud is already a big problem. In fact, it accounted for 45 percent of credit card fraud in 2014, followed by counterfeit card fraud (37 percent) and lost/stolen cards (14 percent).6
The total value of card-not-present transactions is expected to grow from $9 billion in 2013 to nearly $19 billion in 2018, as fraud at the point of sale (POS) shrinks.5
The quest for identity protection Identity theft was the number one concern expressed in 2014 in the Consumer Sentinel Network, a Federal Trade Commission database of consumer complaints. Identity theft accounted for 13 percent of complaints. The most common way victims' information was misused was to try to get government documents or benefits fraudulently. That accounted for 39 percent of cases. Thieves tried to use stolen personal data to commit credit card fraud in 17 percent of the identity theft complaint cases.7 Source: Federal Trade Commission Consumer Sentinel Network Data Book, 2014
Identity theft strikes people of all ages. In 2014, identity theft complaints to the FTC broke down nearly evenly among working-age adults:
Identity fraudsters bilked $16 billion from 12.7 million U.S. consumers in 2014. As alarming as that statistic is, it's actually an improvement over the year before, when fraudsters stole $18 billion from 13.1 million victims.8
Students are the least likely to realize on their own that they’ve been a victim of identity fraud; 22 percent in 2014 realized that they were a victim of identity fraud only after being denied credit or being told by a debt collector that they had been victimized -- three times higher than other fraud victims.8
How fraudsters strike
Of consumers who reported the method by which they were targeted by fraudsters in 2014, 54 percent said fraud attempts were initiated by phone, 23 percent said by email, and 4 percent said by mail.7
Fraud is most likely to take place between 2 a.m. and 6 a.m. when fraud victims are sleeping. Fraudsters don’t take off for the holidays. Christmas Eve and Christmas Day are among the worst days for fraud, with rates soaring by more than 200 percent on those days compared to the average fraud rate.9
Call centers are also susceptible to fraud. In fact, fraud attempts that targeted U.S. call centers for retail and financial institutions increased by 30 percent in 2014 from the year before. The call centers of credit card issuers were most likely to be targeted by fraudsters, with one in every 900 calls being a fraud attempt.10
Mobile transactions are particularly at risk of fraud. While mobile transactions only accounted for 14 percent of transaction volume in 2014, they made up 21 percent of all fraudulent transactions. That’s bad news for merchants who sell through mobile channels, as they lost 70 percent more revenue due to fraud in 2014 than in 2013.11
Most incidents of mobile fraud in 2014 were related to credit cards. In fact, credit cards were used in 53 percent of mobile commerce-related fraud.11
With fraud so prevalent in the mobile space, it's not surprising that 56 percent of mobile commerce merchants in 2014 believed fraud is inevitable, compared with 49 percent of merchants in general.11
Americans' experiences with fraud
Twenty four percent of American investors -- 28 percent of women and 21 percent of men -- have had their credit or debit card information stolen through a computer hack attack, according to a 2015 survey. Of those who've had the experience, 90 percent only had it happen to them once or twice. However, 8 percent noted that it had happened three or four times and 1 percent reported that it had happened more than four times.12
In January 2014, 18 percent of American adults who spend time online said they had had personal information stolen such as their Social Security number or credit card or bank account information.13
Eighty-three percent of data breach victims in 2014 said that the breaches compromised the security of their identity and 85 percent said it was important to take all recommended steps to protect themselves after the breach.5
When asked what they would do if they were victims of a data breach, 70 percent of consumers said they would avoid doing further business with the company where their information was breached, but only 19 percent of consumers who were victims of a data breach in 2014 actually did avoid the business afterward.5
Americans don't have much faith in financial organizations' abilities to keep them safe. In the fall of 2014, 9 percent of Americans said they were "very confident" and 29 percent said they were "somewhat confident" that their credit card issuers would keep their data secure.14
So, how far would consumers go to protect their data? Two-thirds of U.S. consumers in a 2015 survey said they think using biometrics, such as facial, voice or fingerprint recognition, would help prevent fraud, and one in four would share their DNA information with their banks in order to better protect their information.15
That may ultimately be what it takes for us to protect ourselves, as the number of fraud victims is expected to reach 14 million in 2018. The number of consumers who experience a credit card breach and the sting of fraud in the same year is expected to grow 34 percent between 2014 and 2018.5
