FeedBurner makes it easy to receive content updates in My Yahoo!, Newsgator, Bloglines, and other news readers.
Here’s a nice change of pace going into the weekend: It looks like online fraud did something unsual for Black Friday this year. It went down. For the first time in several years, credit card fraud (the most common fraud form factor for retailers online) fell to 42 percent of total fraud during the holiday shopping weekend. Last year, the same weekend saw credit card fraud at 59 percent of all fraud, according to data from authentication and fraud prevention provider iovation.
Online retailers — and consumers — have something new to be thankful for this holiday season: a decrease in online fraud. For the first time in recent years, credit card fraud — which remains the highest fraud type for online retailers — has dropped to 42% of total fraud during the holiday weekend (Nov. 24 – 27, 2017). This level was 59% of total fraud for the same period in 2016, according to data from device intelligence for authentication and fraud prevention provider Iovation. Overall, this decrease demonstrates that online retailers are making strides in their ability to identify and prevent card-not-present (CNP) fraud which has been on the rise since brick-and-mortar retailers have increased their adoption of EMV card technologies, the study reported.
– Chain Store Age
iovation, the leading provider of device intelligence for authentication and fraud prevention, today released data collected from its retail and e-commerce subscribers from the 2017 holiday weekend (Nov 24-27th). For the first time in recent years, credit card fraud -- which remains the highest fraud type for online retailers -- has dropped from 59% of total fraud found in 2016 to 42% of total fraud found in 2017 based on specific reports received by iovation’s online retail customers. This represents a 29% decrease from last year’s four day holiday weekend and demonstrates that online retailers are making strides in their ability to identify and prevent card-not-present (CNP) fraud which has been on the rise since brick and mortar retailers have increased their adoption of EMV card technologies.
Retail Transactions: From HoliDAY to HoliWEEK
iovation’s data also showed a higher volume of that consumer transactions in the days leading up to Black Friday and Cyber Monday, indicating that while consumers are doing more of their holiday shopping online in general, online retailers are extending their promotional deals several days before and after Black Friday and Cyber Monday, lessening the relative impact of each of the major shopping days. iovation’s data also shows that 62% of consumer’s online retail transactions from Black Friday to Cyber Monday originated from mobile phones/tablets, compared to 55% from last year’s holiday season, continuing an increase in m-commerce during the holidays and year-over-year.
“We can infer a number of trends through the analysis of billions of e-commerce transactions processed through our FraudForce platform. Most notable among these is that online retailers who leverage device intelligence are making significant inroads when it comes to proactively preventing card-not-present fraud,” said Greg Pierson, CEO and co-founder for iovation. “This type of fraud not only cuts into their bottom line results, it can cause irreparable harm to their brand so this is a meaningful improvement.
Consumer Behaviors: Password Complacency Still Reigns
iovation also conducted a survey of more than 1,000 consumers across four generations to better determine how knowledge of fraud affects online behavior. While 83% of respondents understand how to protect themselves online - using a credit card rather than a debit card for online purchases, monitoring credit scores regularly and shopping at well-known retailers - consumers across all demographic groups continue to exercise poor password hygiene.
On the topic of consumer behaviors, Pierson continued stating, “attitudes towards online shopping shows that consumers are becoming better educated about how to protect themselves online. However, they remain largely complacent as it relates to their password hygiene, which is why we are seeing a steady rise in identity theft and account takeovers.”
While currently serving as consumers’ primary means of authentication, passwords frequently fail when it comes to both user experience and security. And despite these shortcomings, vulnerable passwords are firmly ensconced in today’s online experience. Of those surveyed, 60% of consumers say they are not changing their passwords regularly (less than every 6 - 12 months) and of greater concern, close to 70% of consumers say they use the same password across multiple sites, meaning that a hacker can easily take over multiple consumer accounts with just a single compromised credential.
A shift from static, password-based authentication to frictionless, multi-factor authentication (MFA) is crucial to combat today’s escalating threat environment. Multi-factor authentication combines the best of user experience and heightened security for businesses, using context to determine how trustworthy the user is, and as a result, the appropriate level of authentication required. Simply, dynamic authentication makes the right things easy and the wrong things more difficult, providing additional or less layers of authentication when needed. iovation’s user friendly, mobile multi-factor authentication solution, LaunchKey, allows both brands and consumers the ease in choosing which authentication options best fit their security needs.
Click here to view an infographic highlighting these and other key findings from iovation.
Eddie Glenn is the Product Marketing Manager for iovation, a provider of online fraud prevention and authentication solutions, and the company behind ‘Identifying Self-Excluded Players in Real Time’, a new webinar for the gambling industry (Tuesday, December 5th). He spoke to TotallyGaming.com about iovation playing its part in safeguarding the sports betting industry, going the extra mile to recognise self-excluded players, and placing a greater emphasis on device intelligence to prevent the onboarding of problem gamblers.
– Totally Gaming
A majority of North American financial institutions plan to invest in machine learning analytics to help combat fraud, according to a new report by global research and advisory firm Aite Group and authentication and fraud prevention technology provider iovation. It’s clear that the threat environment continues to escalate, the report said, and effective fraud prevention is an increasingly competitive issue for financial institutions. The study was compiled from interviews with 28 senior fraud and data analytics executives at 20 North American financial institutions.
– Information Management
iovation, the leading provider of device-based consumer authentication and fraud prevention solutions, today announced the achievement of a new certification under the U.S. Department of Commerce’s EU-U.S. Privacy Shield Framework, effective October 3, 2017.
The EU-U.S. Privacy Shield Framework, developed by the European Commission in conjunction with the U.S. Department of Commerce, offers a regulated system for data flows between the European Union and the United States, ensuring organizations protect and process personal data to standards acceptable in the European Economic Area. Governed by the International Trade Administration (ITA) within the U.S. Department of Commerce, the framework holds certified U.S. businesses to the highest level of data privacy protection. Achievement of the EU-U.S. Privacy Shield certification reflects iovation’s pursuit of a larger security and compliance initiative, ensuring comprehensive preparation ahead of the EU General Data Protection Regulation (GDPR) legislation, which goes into effect in May 2018.
“Privacy and data protection are integral to doing business on a global scale, and certification under the Privacy Shield Framework echoes iovation’s continued effort to help our customers fight fraud without putting their user’s privacy at risk,” said Mark Weston, Compliance Manager and Data Protection Officer for iovation. “Certification under the Privacy Shield Framework is a significant step on the path to GDPR compliance and further proof that we’re diligently working to safeguard how consumer data is managed and processed.”
Now that iovation has made the public commitment to comply with the Privacy Shield Framework’s requirements, adherence to the its principles are enforceable by law. iovation continues to take measures to ensure the protection and privacy of its customers’ data, including minimising the amount of personal data collected and ensuring that it is secured according to industry accepted best practices.
The combination of trained fraud experts and machine learning promise a best way forward for financial institutions in the battle against fraud, in today's omni-channel experience. Findings from a new report by iovation showed that while 68% of financial institutions (FIs) cite ML analytics as a high priority investment over the next few years the path to adoption will not be without its challenges. iovation and Aite Group will be hosting a webinar at 10AM PST on November 9th to discuss the results of this survey.
– Information Age
iovation, the leading provider of device-based consumer authentication and fraud prevention solutions, today released insights from its latest report conducted in partnership with global research and advisory firm Aite Group, “Machine Learning: Fraud is Now a Competitive Issue”. The study centers on the progress toward using machine learning (ML) analytics for improving fraud mitigation and customer experience. Findings showed that while 68 percent of Financial Institutions (FIs) cite ML analytics as a high priority investment over the next few years the path to adoption will not be without its challenges. iovation and Aite Group will be hosting a webinar at 10AM PST on November 9th to discuss the results of the survey.
It’s clear that the threat environment continues to escalate, and effective fraud prevention is an increasingly competitive issue for FIs. Organized crime rings, armed with billions of stolen data records, are targeting the financial services industry with sophisticated card fraud, application fraud, account take-over (ATO) attacks, wholesale ATO and the specter of faster payments, all of which were cited among the top pain points for FIs today in the Aite research.
“What this study highlighted is that those who are early adopters of advanced machine learning analytics will be able to greatly reduce fraud while also improving the customer experience, giving those FIs a decided edge over their competitors who lag in these advancements,” said Julie Conroy, Research Director for Aite Group’s Retail Banking & Payments practice and author of the report. “Data is the new currency, and creating intelligence from data at scale requires machine learning technology.”
With the omni-channel approach to consumer engagement there are several points of interaction (ATMs, call centers, email, etc.), for hackers to gain access to personal data. In fact, cross-channel fraud was mentioned throughout the interviews with fraud and analytics executives as a key attack vector. All of this points to why FIs must embrace machine learning analytics to spot patterns and holistically prevent fraud at each point of contact with stronger yet more convenient authentication measures, which will ultimately improve the customer experience.
“Hackers see FIs as the perfect target for fraud. And, if you pile on the intense pressure to make the banking experience easier and more frictionless for customers it’s clear that FIs need a solution that will make significant improvements to their fraud fighting approach,” said Eddie Glenn, Product Marketing Manager for iovation. “We are seeing FIs turn to machine learning analytics as the foundation for a broader solution. Leveraging the vast amount of customer data at their disposal and applying advanced, machine learning techniques, FIs can create insights that allow them to better predict new fraud types they have not seen before as well as implement more contextual authentication measures that can understand the relative risk of a given transaction to ensure a more seamless experience for retail bank consumers.”
One of the misconceptions about machine learning is the perception that ‘unsupervised models” in which sophisticated algorithms alone will become the prevalent model to identify and reduce FI’s exposure to fraud will be the ultimate arbiter of whether a transaction is potentially fraudulent. However, according to the report, the majority of the installations of ML among the FIs interviewed use some type of combination of scoring generated by ML and highly trained fraud experts to continually refine and improve their models. In fact, fifty percent of respondents are using entirely supervised techniques or primarily supervised. While unsupervised models might be the goal in the long term, supervised and semi-supervised models in which trained fraud experts provide input to better train and fine tune their ML models are critical to creating a fraud prevention system that can proactively identify fraudulent activity while reducing the incidence of false positives that can negatively impact the customer experience.
The report was compiled from interviews with 28 senior fraud and data analytics executives at 20 different North American financial institutions. These interviews were conducted by Aite and took place during August and September 2017. To access the full Machine Learning: Fraud is Now a Competitive Issue report, please visit: https://www.iovation.com/resources/reports/machine-learning-fraud-is-now-a-competitive-issue
Until today, anti-fraud, security and authentication activities in organizations have operated as largely-separate domains, with IT Ops even more separated, in most cases. This is due, in part, to the "silo mentality" in enterprises, where it's more convenient to have a bunch of teams running their own disciplines. After all, collaboration and synchronization increase the degree of difficulty. Politics, momentum, status quo, and decentralized operations that use third-party providers are also contributing to the current operational division. Given the escalating threat environment and evolving data protection requirements, I think it's high time we began converging these siloed efforts.
New fraud prevention tools such as device fingerprinting have the potential to shift the function of fraud teams away from being simply cost centres towards becoming an integral part of operators’ sales and marketing effort, says iovation’s Eddie Glenn. Download the PDF and go to page 106 to read the entire article.
– iGaming Business - Issue 106
Fraud Protection expert Dwayne Melancon is the VP of Product at iovation. He says it’s a good idea to freeze your credit immediately. “Regardless of whether you’re affected or not, I recommend freezing your credit report. So you can either go to each of the three credit bureaus individually, or you can go to a aggregator. There are a lot of services like Lifelock or Identity Guard that will do that work for you. They’ll work with all three credit bureaus and freeze your credit.”
While financial firms and other companies targeted by cyber-criminals and fraudsters have begun moving away from using such “knowledge-based factors” to verify their customers, most companies are not so sophisticated, Dwayne Melancon, vice president of product for fraud-prevention firm iovation, told eWEEK. “Companies that are relying on knowledge-based assessments—they may need to add additional factors,” he said. “They need extra safeguards— some which will be burdensome, such as proof using documentation—others could use some sort of device-based check.”
As our world grows more connected and hackers become more sophisticated, businesses need to plan ahead and act fast to protect sensitive information and bolster their cybersecurity approach. Read on for a few dos and don’ts on how businesses can fortify their security posture and avoid being a target of cybercrime.
I play a lot of video games and one of the things I’ve noticed is that when you first start playing, the game often keeps you from venturing into places where you’re likely to fail... That got me thinking: is there an equivalent model we can use for providing more access in our corporate or application environments? Using a combination of authentication and access privileges, it seems we ought to be able to create an environment in which we start them off with less complicated capabilities in our systems and software, then gradually “unlock achievements” for them as they demonstrate competency within our world.
– HelpNet Security
iovation, whose software is used for online fraud detection, in January hired Weston to spearhead GDPR efforts and tap his expertise as a privacy expert based in the United Kingdom. The company has a working group of managers tackling GDPR. So far, Weston said the company hasn’t introduced any major product changes but other elements of the business have been impacted. “Behaviorally, the way the data is handled — who it’s shared with and how long it’s kept — all that has come under scrutiny,” he said. “It’s good practice for anyone. I have been fortunate the executive team realized the challenges and opportunities ahead.”
– Portland Business Journal
Ahhhhh, summer. It’s officially here. The sun is shining, the birds are chirping and would-be fraudsters are eager to launch their latest cyberattacks against relaxed, unsuspecting vacationers. Their newest tools can compromise your identity faster than your email can send an “Out of Office” response. Whether you’re hitting the same old beach town or taking a cycling tour of Provence, follow these Top Five steps to stay cyber secure while soaking up the sun.
– HelpNet Security
Most of the organizations I speak with are talking about cyber-risk these days, and for good reason. Unfortunately, many of them are doing a lot more talking than actually doing. Some of this is human nature – threats are “somebody else’s” problem until they hit close to home, and it’s no different in cybersecurity. Often, the risk only starts to feel real once it’s too late.
The best way to combat the shortcomings of SMS based 2FA isn’t to just move where that authentication code is received—some 2FA alternatives provide codes generated standalone apps, which would require compromising a device itself to access—but to change how login attempts are authenticated. "The world that we're going into is going to require multiple factors,” Thelander said. “It's going to require layers of authentication that can be delivered at a point and time based on the level of risk of what a user is trying to do and the level of risk that is detected."
– International Business Times
In fact, the number of debit and credit cards that were exposed to hacking efforts at U.S. ATMs and stores jumped 70% in 2016, according to a report from data analytics and credit scoring company, Fair Isaac Corporation (FICO). In addition, what’s known as “card-not-present” fraud — fraudulent transactions that occur when the card isn’t physically present — is expected to cost merchants and retailers $7.2 billion by 2020, according to a report by iovation, a provider of digital intelligence for fraud prevention.