Now, more than ever, it’s essential for businesses to implement new and improved fraud-prevention models.
According to the 2015 AFP® Payments Fraud and Control Survey, 62 percent of businesses were victims of actual or attempted payments fraud in 2014. The report, which was underwritten by J.P. Morgan, emphasizes the need for new cybersecurity models and stricter control governance. And this is particularly important here in Pittsburgh, where a number of key industries with valuable data, including health care, technology and bioscience, are located.
Smart Business spoke with Chase Commercial Banking’s Thomas C. Engler, vice president of Western Pennsylvania Middle Market, about how businesses can protect themselves — and their customers.
What does the payments fraud landscape look like now?
In 2012, 61 percent of businesses reported being victimized or affected by payments fraud. That number dipped slightly, to 60 percent, in 2013, but last year, it rose back to 62 percent.
So, it doesn’t seem to be going away. And cybercriminals don’t really discriminate — you tend to hear more about the bigger, high profile data breaches, but it’s happening to businesses of all sizes and across a wide range of industries.
As technology continues to play a stronger role in payments, we’re likely going to see even more instances of actual and attempted payments fraud.
Which payment types tend to be the most targeted?
Year over year, paper checks continue to lead as the payment type most susceptible to fraudulent attacks, despite the fact that their overall use continues to decline. Check fraud also accounts for the largest dollar amount of financial loss due to fraud.
Credit and debit cards are the second most frequent targets of payments fraud, followed by wire transfers.
Many businesses experience unsuccessful attempts at payments fraud. How are they coming out unscathed?
Fraudsters attempt to ‘attack’ companies to gauge their weaknesses, to identify the payments methods that can be most easily breached. If an attempt faces security obstacles, the fraudsters will likely move on.
When it comes to check fraud, two of the most-effective obstacles, or features that can help prevent fraud, are the use of controlled check stock, which is not readily available to fraudsters, and the use of dual-tone true watermark.
When it comes to credit and debit cards, organizations need to make sure they’re EMV-compliant. EMV (named after its original developers, Europay, MasterCard and Visa) technology uses a chip, or microprocessor, that’s embedded in a card to make payments at the point of sale (POS). The chip uses encryption to protect, secure and store sensitive data, and it validates the card during each interaction with the POS device.
What does it mean to be EMV compliant, and why is it so important?
EMV is becoming the global standard for credit card and debit card payments — and as of October, Visa, MasterCard, American Express and Discover are expected to shift liability for credit card-present chargebacks to U.S. merchants. So, if you’re not using a chip card acceptance device, and if you’re the least-compliant party, you may be liable for the cost of a fraudulent transaction.
From a fraud perspective, EMV is incredibly important because it:
- Minimizes fraud and chargeback losses related to the use of counterfeit, lost or stolen cards.
- Prevents the skimming of card data with dynamic encryption.
- Prevents liability for POS fraudulent transactions by complying with card brand deadlines.
- Reduces payment card industry compliance requirements by accepting payments through contact and contact-less chip-certified devices.
Ninety-two percent of finance professionals believe EMV cards will be effective in reducing POS fraud. Ultimately, the sooner you implement high-security checks and EMV capabilities for your business, the safer you — and your customers — will be.
Insights Banking & Finance is brought to you by Chase