It would not be unfair to compare some of today’s black hats to the illusionists of yesteryear, as the Target and Neiman Marcus data breaches were tricks of almost Houdiniesque proportions – they occurred right before our eyes, while being almost unbelievable.  These massive breaches have since inspired a backlash from bankers, consumers, government officials, and the media; all of which are demanding action to prevent these types of crimes from continuing to occur.

The clamor for improved security has created a groundswell of support among stakeholders for the EMV transition in the U.S.  Based on previous experiences overseas, it is expected that EMV will eliminate counterfeit card fraud, while removing the incentive for criminals to compromise card data from POS merchants.  Yet, in our attempts to anticipate fraud after EMV is broadly adopted, we are again putting ourselves in a position to be misled. EMV is now closer than ever to being part of the everyday payments experience for U.S. consumers.   This has drawn attention and action in response, to the CNP-fraud experience in the U.K. from both the financial industry and merchants here in the U.S.  Like following the magic wand, the expectation is that criminals will shift focus from POS to CNP fraud after EMV finds its footing in the U.S. If we were to look more closely, we would notice indications from U.K. card fraud data that we are in for more surprises.  Card ID Fraud, the combination of account takeovers and fraudulent applications, more than doubled in the U.K. between 2002 and 2008 (according to the U.K. Cards Association).  If the combined total losses attributable to fraudulent new accounts and account takeovers in the U.S. grew similarly over a comparable period (2013 to 2019), fraud losses could exceed $12 billion. While attempting to make an $11 billion problem disappear (which represents the total losses attributable to fraud on existing card accounts in 2013), a larger one could seemingly materialize out of nowhere.

Everyone remain in your seats and stay focused.  Despite there being only so much budget-money to go around for fraud prevention, FIs and credit-card issuers need to remain vigilant in protecting card accounts from takeover and in preventing fraudulent new accounts from being opened. For recommendations (#Javelinmagic) on how to protect your customers and your institution, see the 2013 Banking Identity Safety Scorecard, the 9th Annual Credit Card Issuer's Identity Safety Scorecard, and How to Upgrade Online and Mobile Account Opening for an Omnichannel Era: 2013. Post-EMV fraud trends are like a puff of smoke that makes you look to the left as the magician takes the watch from your right wrist.  This is not to say we shouldn't prepare for CNP fraud, but let's not get so distracted that we are robbed right before our eyes.

Author

About Al Pascual

An accomplished industry analyst, market researcher, and financial industry practitioner, Al Pascual is Javelin’s Research Director and Head of Fraud & Security. As Research Director, Al leads Javelin’s Advisory Services and Custom Research businesses. He oversees growth of these businesses while ensuring that Javelin’s research content meets quality standards and provides the innovative perspectives that clients expect from the firm.

As Head of Fraud & Security, Al provides clients actionable insights on a variety of fraud and security issues, acts as a partner in developing strategies for managing risk, and identifies and raises awareness of future threats and solutions. Al researches a range of topics, including the applicability of biometrics in banking and payments, the effect of data breaches on the integrity of consumer identities, the relationship between identity fraud and loyalty, and the best methods for securing payment data and transactions.

Al has presented findings from Javelin’s rigorous, industry-leading research at conferences around the world, including BAI, CARTES, Money20/20, NACHA, and RSA. Al has provided commentary on fraud and security issues to American Banker, Bloomberg, CNNMoney, Fox Business, Reuters, The New York Times, The Wall Street Journal, The Washington Post, and Wired.

Previously Al held risk management roles at HSBC, Goldman Sachs, and FIS. He is a member of the Association of Certified Fraud Examiners, the International Association of Financial Crimes Investigators, and the Federal Reserve Secure Payments Task Force. Al also serves on the board of advisers to the Information Security Media Group. He earned a Bachelor of Arts degree in History from the University of South Florida.

Stay in Touch!