From an IT security perspective, one of the more important issues of our time is how to protect important financial information during online transactions. At times, it can seem like the risks are greater than the rewards. All you have to do is run a quick Google (News - Alert) search on data breaches and you’ll see story after story of complex breaches that have affected millions of people nationwide. But what’s being done to stop this dangerous behavior?
The State of Data Breaches
While 2015 saw some of the biggest known data breaches in history, 2016 was a year in which there were more small-scale attacks. Some of the well-known organizations affected last year include the U.S. Department of Justice, the IRS, Snapchat, Wendy’s, LinkedIn, Oracle, Dropbox (News - Alert), Yahoo! (twice), Weebly, and Cisco.
When you consider the millions of people who transact with these organizations on a daily basis, it can be pretty scary to think about the far-reaching ramifications – particularly when it comes to credit fraud and how hackers can access confidential financial information.
According to some of the most recent data available, 318 million U.S. consumers had their credit cards breached in 2014. That number was up nearly three times from 2013.
And this isn’t just an issue for the companies who are hacked and the consumers who are affected. Right around 90 percent of credit card breach victims in 2014 received replacement cards. This cost issuers roughly $12.75 per card.
While credit card information can be stolen via any number of methods, online card not present (CNP) situations accounted for 45 percent of all fraud in 2014. It’s believed that, by 2018, the total value of fraudulent CNP transactions will hover right around $19 billion.
What’s Being Done to Protect Credit Fraud?
While it’s easy to look at credit card fraud as an issue that the financial services industry needs to deal with on their own, the fact of the matter is that it’s just as much an IT responsibility. Today’s consumers are unassumingly being targeted by fraudsters and we need a stronger IT infrastructure to prevent attacks.
Here are some things currently being done:
1. Advancements in Credit Monitoring
In the past, monitoring your credit score was a complicated process. You had to fill out a form and could only check your score a couple of times per year without being charged.
In many cases, a soft check of your credit score even posed the risk of lowering your score. Thankfully, that’s all changing. New online services make it simple and easy to check credit scores without any risk attached.
While this may not prevent credit fraud from happening, it does help customers stay up-to-date so they can correct small issues before they become bigger problems.
2. Stronger Online Account Security
Nobody likes having to remember passwords and jumping through hoops to log into an account, but stronger online account security is one way banks and creditors are preventing dangerous cyber attacks.
Specifically, there’s been considerable growth in the area of two-factor authentication, which adds another layer of security to an account by requiring the user to have the username, password, and a specific device on them.
3. Growth in HTTPS Adoption
While HTTPS technology has been around since the dawn of the Internet, it’s always been very lightly adopted. In the past, large e-commerce websites were the only ones to adopt it. However, things changed last year. Two independent sources show that HTTPS adoption more than doubled during 2016 – going from 2.9 percent to 9.6 percent according to one survey, and from 5.5 percent to 12.4 percent in another.
HTTPS, which is essentially a security layer that encrypts the communications sent between a user’s browser and the website being accessed, helps prevent fraud and makes it more difficult for hackers to access credit card information. So, as HTTPS adoption increases, it stands to reason that fraud will decline.
4. Rapid Alerts and Freezes
In the past, a consumer may not have known their credit card was compromised for a few days or weeks. Now, thanks to the increase of rapid credit card fraud alerts, it’s possible to know about an issue within minutes. This mitigates fraudulent activity and keeps consumers abreast of what’s going on.
And then there are freezes, which can be implemented by consumers with the click of a button. “Freezes are far more effective than alerts,” The Wall Street Journal explains. “Icing your files prevents any company from accessing your credit unless you already do business with them, effectively sealing your records against any new creditor.”
Making IT Security a Priority
IT security plays a direct role in curbing the rising rates of consumer credit fraud. While it’s not the only answer, it’s certainly a key solution. In the coming months and years, it’ll be important for the business community to develop stronger methods for preventing fraud and protecting the personal information of consumers.
Edited by Alicia Young