Current trends to secure the future of money
As people start to look past the pandemic, it’s clear that consumers have embraced digital payments for the long term.
Convenience, reliability and security have all contributed to generating the explosive growth in ecommerce and contactless payments in Europe during the past two years.
However, with these shifts in consumer behaviour, external threats continue to evolve. And now, more than ever before, there is a need to partner on a global scale to tackle increasingly sophisticated fraudsters and cyber criminals.
Worldwide, Visa has played its part by investing $9 billion in fraud prevention and cybersecurity in the past five years1. This means using real-time, global technology to protect payments from fraudsters who know no borders.
This investment has helped prevent an estimated $25 billion in global fraud every year and incidents of fraud occur in less than 0.1% of transactions – among the lowest for all payment forms2.
However, that alone is not enough. We are continually adapting our security to protect all participants in the payments ecosystem as fraudsters look for new ways to exploit weaknesses.
Here are five trends we’re seeing:
- Biometrics will become the default form of authentication selected by fintechs, issuers and merchants.
There have been lots of false starts with biometrics in the past but the confluence of the pandemic, improvements in recognition accuracy, new modalities (behavioral biometrics), and the growing number of consumers comfortable with the technology offers a tailwind for change in 2022.
Biometrics is also a key technology for implementing the Strong Customer Authentication (SCA) requirement. The directive has reverberated beyond Europe and now even markets without regulation are exploring how to strengthen authentication requirements as a result of an overall rise in internet crime. At Visa, we’ve processed more than 3.5 billion EMV® 3-D Secure transactions3 to date to help prevent fraud in ecommerce transactions through stronger customer authentication. Data shows that risk-based authentication leads to higher authorisation rates and growth.
In addition, the increase in open banking fintechs continues to grow, with Europe and the Americas leading the way .
These companies will have to manage factors such as fraud detection and prevention, cybersecurity, risk management, and local regulation. The FIDO Alliance is an example of broad participation among industry leaders across all categories trying to address these issues. They recognise that all companies and industries must move away from passwords and adopt digital identities as the way forward.
- Manually addressing the rise in enumeration attacks will no longer be adequate.
Ecommerce has been a lifeline for businesses of all sizes throughout the pandemic and that won’t change – we’ll only see an evolution in the different ways consumers want to pay, including Buy Now, Pay Later. But these new payment methods present opportunity not just for consumers, but for fraudsters as well.
Enumeration attacks – where hackers can extract data from a platform – identity fraud and account takeover fraud are on the rise, targeting ecommerce channels around the world. They take advantage of online channels that lack adequate fraud prevention capabilities and leverage the anonymity offered by the internet to commit fraud. It’s an emerging challenge facing issuers and merchants alike, and one that both parties will have to tackle together.
- Interest in crypto will continue and the sector will mature with regulation appearing in markets on know your customer, anti-money laundering and cybersecurity.
Consumer interest in cryptocurrencies continues to rise, and fraudsters are following the money. Despite the many daily headlines suggesting cryptocurrencies are becoming mainstream, cryptocurrencies remain in the nascent stages of development, which creates opportunities for fraudsters to exploit. Sustained and responsible growth in the sector will be dependent upon building trust – that includes addressing payment security and regulatory requirements.
- Issuers and merchants will team up to tackle first party misuse.
First party misuse has risen simultaneously with ecommerce adoption, whether it’s an unrecognised transaction, friendly fraud (a child purchases an app on their parent’s smartphone without consent), or something more intentional.
Traditional authentication solutions are only half of the equation since the misuse is sometimes perpetuated by legitimate accountholders. The cost of first party misuse burdens issuers and merchants with added expenses such as dispute processing costs, fraud model degradation and increasing fraud risk profiles that can lead to lower approvals. There is an opportunity to address this before it becomes a bigger problem, but it will require all parties involved to contribute and share.
- Companies will invest more money into business continuity and risk management with 3rd party providers scrutinised more closely to mitigate risks.
A part of risk management that is often overlooked and underappreciated is business continuity. The pandemic showed that organisations need to be prepared to prevent service disruption to clients and employees, especially global companies with exposure to region-specific risks. These risks can range from cyber to public health to climate change and natural disasters. At Visa, we've spent decades building, evolving and implementing business continuity plans to ensure that no matter the situation, our global payment network remains operational and secure, so worldwide commerce continues to function.
Moreover, exposure to risk extends beyond the four walls belonging to a company and includes that of ecosystem partners and service providers. The pandemic put many business continuity plans through a rigorous test and companies will need to regularly revisit and audit their plans to ensure compliance and relevance.
Stay current with the latest payments insights from Visa Navigate Europe – subscribe today.
All brand names, logos and/or trademarks are the property of their respective owners, are used for identification purposes only, and do not necessarily imply product endorsement or affiliation with Visa.
Case studies, comparisons, statistics, research and recommendations are provided “AS IS” and intended for informational purposes only and should not be relied upon for operational, marketing, legal, technical, tax, financial or other advice. Visa Inc. neither makes any warranty or representation as to the completeness or accuracy of the information within this document, nor assumes any liability or responsibility that may result from reliance on such information. The Information contained herein is not intended as investment or legal advice, and readers are encouraged to seek the advice of a competent professional where such advice is required.
1 Visa, Investing in the ecosystem, 24 December, 2019 https://usa.visa.com/visa-everywhere/blog/bdp/2019/12/24/investing-in-the-1577207091483.html
2 Visa, Outsmarting fraudsters with advanced analytics, 7 December, 2021 https://usa.visa.com/visa-everywhere/security/outsmarting-fraudsters-with-advanced-analytics.html
3 Global VisaNet data, 2022