iovation, a provider of device intelligence for authentication and fraud prevention, today released data collected from its retail and e-commerce subscribers from the 2017 holiday weekend (Nov. 24 – 27, 2017).
For the first time in recent years, credit card fraud, which remains the highest fraud type for online retailers, dropped from 59 per cent of total fraud found in the 2016 holiday week to 42 per cent of total fraud found in 2017 based on specific reports received by iovation’s online retail customers.
This represents a 29 per cent decrease from last year’s four-day holiday weekend and demonstrates that online retailers are making strides in their ability to identify and prevent card-not-present (CNP) fraud which has been on the rise since brick and mortar retailers have increased their adoption of EMV card technologies.
Retail transactions: From holiday to holiweek
iovation data also showed that consumers are doing more of their holiday shopping online in general, with transactions occurring solely on Black Friday and Cyber Monday falling over the past several years. This is the result of a shift in sales strategy from online retailers, who are now extending promotional deals beyond the holiday shopping weekend.
According to the data, 62 per cent of consumer’s online retail transactions from Black Friday to Cyber Monday originated from mobile phones/tablets, compared to 55 per cent from last year’s holiday season, continuing an increase in m-commerce during the holidays and year-over-year.
“We can infer a number of trends through the analysis of billions of e-commerce transactions processed through our FraudForce platform,”ovation co-founder and CEO Greg Pierson said.
“Most notable among these is that online retailers who leverage device intelligence are making significant inroads when it comes to proactively preventing card-not-present fraud. This type of fraud not only cuts into their bottom line results, it can cause irreparable harm to their brand so this is a meaningful improvement.”
Consumer behaviour: Password complacency still reigns
iovation also conducted a survey of more than 1,000 consumers across four generations to better determine how knowledge of fraud affects online behaviour. While 83 per cent of respondents understand how to protect themselves online – using a credit card rather than a debit card for online purchases, monitoring credit scores regularly and shopping at well-known retailers – consumers across all demographic groups continue to exercise poor password hygiene.
On the topic of consumer behaviours, Pierson said: “Attitudes towards online shopping shows that consumers are becoming better educated about how to protect themselves online. However, they remain largely complacent as it relates to their password hygiene, which is why we are seeing a steady rise in identity theft and account takeovers.”
While currently serving as consumers’ primary means of authentication, passwords frequently fail when it comes to both user experience and security. And despite these shortcomings, vulnerable passwords are firmly ensconced in today’s online experience. Of those surveyed, 60 per cent of consumers say they are not changing their passwords regularly (less than every 6 – 12 months) and of greater concern, close to 70 per cent of consumers say they use the same password across multiple sites, meaning that a hacker can easily take over multiple consumer accounts with just a single compromised credential.
A shift from static, password-based authentication to frictionless, multi-factor authentication is crucial to combat today’s escalating threat environment. Multi-factor authentication combines the best of user experience and heightened security for businesses, using context to determine how trustworthy the user is, and as a result, the appropriate level of authentication required. Simply, dynamic authentication makes the right things easy and the wrong things more difficult, providing additional or fewer layers of authentication when needed. iovation’s user-friendly, mobile multi-factor authentication solution, LaunchKey, allows both brands and consumers the ease in choosing which authentication options best fit their security needs.