Year in Review: Understanding Fraud Trends During COVID-19
Consumers have fully embraced digital payments in the COVID-19 era. In fact, a staggering 78% of consumers have now completely adapted their payment methods due to safety concerns and 48% will no longer shop at a store which doesn’t offer contactless payment1. While presenting enormous opportunity for digital-first retailers, these new behaviors are not without risks.
With consumer’s shift online, fraudsters have sought opportunities to exploit changes in how people pay for goods and services. Global businesses reported an average of 4,000 cyberattacks on average per day since COVID-19, representing a 400% increase from what was reported pre-pandemic2. In turn, we were seeing organizations adopting new security procedures to ensure transactions remain trusted and secure.
COVID-19 presents fraudster with new opportunities
This new era of fraud is marked by more sophisticated attempts to trick people into sharing sensitive information. For example, across Central Europe, Middle East and Africa, we have seen an increase in social engineering attacks, including phishing, where fraudsters are exploiting the gaps which existed pre-pandemic and have intensified during the crisis. Phishing, specifically, has grown much more complex throughout the pandemic, and now includes a number of variants, such as spear phishing - attacks targeting a specific victim with personalized communication and vishing (voice phishing scams), as well as spoofed websites. Impersonations can be made to appear like family, friends, executives, or government officials.
‘Friendly fraud’ is another type of attack on the rise, where individuals’ card and passcodes are used without permission by friends, family or other close associates. For merchants it can be a cost of doing business because it’s difficult to track, and most of the time refunds are issued without investigating the matter further. Friendly fraud is said to reduce legitimate sales by 1% and profits by 20%3.
Ecosystem responded well
Despite this, the commerce ecosystem has recognized the challenges and responded well, taking a technology-led approach to address emerging threats. While most businesses were already investing in technology-led security systems, the pandemic kicked this into overdrive, as businesses fought to better combat fraudsters and navigate the new, digital world. As businesses accelerated the use of secure technologies, including tokenization, contactless and EMV ‘smart card’ chips, the secure nature and performance of digital transactions also improved.
Investing in security for the post-COVID world
With COVID-driven uncertainty set to remain in the near future, the next 12 to 18 months may bring even more disruption and transformation. However, I believe that the dramatic shift we have seen towards digital payment will continue as consumers and merchants show increasing preference for eCommerce and contactless payments.
The pandemic has undoubtedly accelerated the widespread use of digital payment methods, with customers across the globe opting for contactless payment and digital alternatives. Even as lockdowns lift, the growth in digital commerce continues, indicating a real shift in consumer behavior and one which will last well into the new year, and long after COVID-19. In fact, 96% of consumers in the CEMEA region expect that their use of e-commerce will increase or stay the same post COVID-194.
Given how rapidly consumer behavior is changing and how sophisticated fraudsters are, it is not surprising that the complexity of risk management will likely increase in the near future. 79% of organizations say that risk management will be a growing focus for their company over the next two years5.
As we move forward, merchants are expecting contactless usage to grow by around 30% post pandemic, making it more important than ever for organizations to embrace the demand for digital6. Of course, as fraudsters become increasingly sophisticated in a digital world, organizations must innovate and invest in technology to, not only meet evolving demands, but to ensure the safety and security of digital transactions for customers.
Investing in new, innovative ways of onboarding customers and new ways to pay, such as online, in-app, contactless, and IoT, will make or break a business in a post-COVID-19 world.
Hector Rodriguez
With over 20 years’ risk management experience in the payments industry, Hector specializes in Credit Settlement Risk, Enterprise Risk Management and Payment System Risk, including Data Security, Brand Protection and Cyber Investigations. Hector is also leading the Visa’s engagement and partnerships with governments and regulators in the CEMEA region as the interim Head of Government Relations.
Since joining Visa in 2003, Hector has held several senior leadership positions with Visa’s Risk team. Most recently, he was Head of Global Risk Strategy and Analytics, leading a team responsible for setting and driving Visa’s payment system risk and CNP strategies, strategic analytics, Risk’s government engagement, as well as reporting and communications. Before that, as Head of Global Third Party Risk, Hector was responsible for evaluating third parties’ compliance with Visa risk requirements, focusing on validation of compliance with Payment Card Industry security standards.
Hector holds a Bachelor of Science in International Business and an MBA from United States International University in San Diego, California.
1 The Visa Back to Business Study: Global Small Business and Consumer Insights, 2020
2 Top Cyber Security Experts Report: 4,000 Cyber Attacks a Day Since COVID-19 Pandemic. Prnewswire. August 2020
3 Source: Tough Customers and Thieves: How Fraudsters Disguised as Your Most Demanding Customers May Be Robbing You Blind. Payments Journal. August 2020
4 The Visa COVID-19 CEMEA Impact Tracker
5 Managing Risk in the Age of Digital Transformation, Forrester Study Commissioned by Visa, May 2020.
6 The Visa COVID-19 CEMEA Impact Tracker
All brand names, logos and/or trademarks are the property of their respective owners, are used for identification purposes only, and do not necessarily imply product endorsement or affiliation with Visa.
Share Feedback