Card not present – APAC’s risk
According to Experian Managing Director in Southeast Asia, Jeff Price, the potential for card not present (CNP) fraud exists whenever a transaction is conducted over the phone, on-line or through the mail.
“Of all the frauds perpetrated using credit cards, more than half occurs in situations where the credit card is not physically presented by a consumer. With the tremendous growth of e-commerce, CNP transactions will only increase as a percent of total transactions – which means the risk of this type of fraud is increasing!”
For businesses, this is a concern because if the potential fraud is not detected before the transaction occurs, they will have provided a good or service for which they will not be paid. As a result, merchants and banks are more cautious in authorizing CNP transactions than they are for in-person sales. To differentiate ‘friend from foe’ the merchant or bank may ask for additional verification, for example entering a code from a SMS message, before approving a transaction.
But, these additional verification steps add cost and time to the process and inconvenience for the consumer.
“In some merchant categories, as high as 25-percent of transactions may be blocked or dropped because of an inability to gain sufficient verification, and most of these attempted transactions would be completely legitimate.
As a result, globally, more than US$120 billion of online card transactions are declined due to suspected fraud. This leads to often overlooked indirect costs such as reputational risk and customer dissatisfaction that can lead to damaged relationships, customer attrition, or even the challenge of attracting new customers.
According to Price, Asia Pacific experiences a higher risk to CNP fraud as the region is a diversified landscape of both mature and emerging markets, with many of the latter still lacking the proper infrastructure to tackle CNP fraud.
“Coupled with the rapid growth of the internet, the evolution of payments, and cross-border commerce, the region is no doubt more susceptible for these fraudsters to target,” Price said. He concluded that it would be good for businesses to enact strong authentication measures and multiple factors to make it harder for those that have stolen credentials to easily use them.