Industry ‘turns corner’ on card fraud, as AusPayNet records 20 per cent drop in fraud cases

Card Fraud Rates decline

AusPayNet chief executive Andy White has praised the payments industry’s uptake of the Fraud Mitigation Framework believing it key to a nearly 20 per cent drop in card payment fraud last year.

The payments industry authority recorded a 19.5 per cent reduction in card fraud in 2019 – the biggest single drop since AusPayNet first published fraud data in 2014.

Reaching a record high of $576 million in 2018, the total value of credit card fraud dropped to $464 million last year (a figure not seen since 2015).

The considerable plunge came despite total card spending rocketing to a record $819 billion last year, a year-on-year increase of 3.9 per cent, as well as a 16 per cent increase in online and e-commerce transactions, representing $220 billion.

The record drop in fraud rates was due in large part to the significant decline in fraudulent card-not-present (CNP) transactions, which saw a 13.6 per cent drop between 2018 and 2019 (from $330 million to $306 million).

CNP transactions, in which a credit card is not physically present when a payment is made, represents around 87 per cent of all card fraud on Australian-issued cards, AusPayNet figures reveal.

CNP fraud as a share of total fraudulent card transactions actually grew by two per cent between 2018 and 2019. AusPayNet attributed this rise to a beefing up physical card security by card issuers as well as a strategic shift by criminals to online scams and personal data sourcing.

EMV chip technology, the venerable ‘smart card’, appears to have had a considerable impact in reducing fraudulent face-to-face transactions, with rates of card counterfeiting or skimming falling to $16.8 million in 2019 – a 72 per cent drop from a peak of $59.2 million set in 2016.

Hampered in their ability to transact fraudulently in-person, criminals have shifted their resources and tactics to the online world, taking advantage of large-scale data breaches to capture personal card data, as well as engaging in social engineering tactics to steal identities, allowing them to perform transactions with false credentials.

However, AusPayNet chief executive Andy White said the industry’s adoption of CNP Fraud Mitigation Framework has played a significant part in driving down overall rates of card fraud.

“The early experience reinforces that a whole of industry approach is required to reduce fraud”, White said.

“Just as chip technology has shut down the space for skimming and counterfeit fraud, we have reason to be optimistic that we have turned the corner on online card fraud.”

Under the CNP Fraud Mitigation Framework, implemented in mid-2019, merchants who exceed fraud threshold targets (currently set at 20 basis points and $50,000 in fraud losses) are obligated to tighten their customer authentication processes.

The Framework encourages the uptake of tokenisation, strong customer authentication, real-time monitoring, and machine learning by merchants (including payment gateways) and issuers to reduce rates of fraud.

Part of the Framework also requires credit issuers and acquirers to provide quarterly updates on fraud rates and fraud rate breaches.

White urged the industry to “remain vigilant” during the Covid-19 pandemic, as e-commerce volumes, and thus efforts at CNP fraud, increase considerably, stressing that “[criminals] will be looking for new opportunities through scams”.