Page 47 - index
P. 47
How to Avoid Incorrectly Labeling Innocent Customers as Guilty
this Holiday Shopping Season
By Reed Taussig, president and CEO, ThreatMetrix
The holiday shopping season is under way with two of the year’s largest shopping days – Black
Friday and Cyber Monday – taking place in November. Consumers are projected to spend a
record $600 billion this holiday shopping season. Hand-in-hand with an increase in consumer
spending is the annual monsoon of increased online credit card theft, identity theft and
attempted bank fraud. It is a predictable annual feeding frenzy that will come on top of an
already record year of significant wins for global cybercriminals.
All too often, Target, Home Depot, eBay and other major retailers are portrayed as the culprits
behind the rapid increase in cybercrime following recent data breaches when in fact retailers,
just as consumers, are the victims of the arms race between enterprise security and fraud
departments and the well-funded, successful, cyber thieves.
As cybercrime becomes more advanced, retailers, financial services companies and enterprises
continuously develop more advanced ways to protect sensitive information from being
compromised or being used once the company has been breached. Advanced fraud prevention
strategies are certainly justified and necessary, but the unfortunate side effect is that online
consumers are often presumed to be guilty until proven innocent during the online shopping
experience.
The net result of incorrectly assuming customers are guilty has been a rapid increase in the use
of two-factor authentication and out-of-band authentication, which is expensive to the enterprise
and introduces many extra steps and a lot of inconvenience into the online shopping
experience. This in turn increases shopping cart abandonment rates, leading to reduced topline
revenue for the business.
Businesses are justified in adding layered security measures, especially when the percentage of
risky or fraudulent transactions is taken into consideration. The following data from the
ThreatMetrix® Global Trust Intelligence Network reveals several stats about online fraud
percentages:
• As many as 10 percent of all online credit card applications are executed using either
stolen or synthetic identities
• On average as many as five percent of all online credit card purchases across
industries are suspicious or outright fraudulent and for some industries this number is
double or even triple that average
• To put this into perspective, ThreatMetrix processes close to one billion online
transactions per month and of these, more than fifty million will be either suspicious,
triggering additional costly and inconvenient additional screening measures, or outright
fraudulent.
47 Cyber Warnings E-Magazine – November 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
