U.S. credit card fraud is on the rise. A study by NASDAQ showed that credit card fraud tripled from 2013 to 2014, affecting over 30 million U.S. consumers. While many experts believe that the United States is particularly susceptible to card fraud because of their late adoption of EMV standard technology, also known as chip-and-pin, fraud numbers are expected to grow. In a study released today, market researchers found that while migration to EMV should reduce certain types of fraud, card-not-present fraud may grow from $3.2 billion today to over $7 billion by 2020. The study also projects application fraud to exceed $1 billion and account takeovers to reach $2 billion by 2020.
The Aite Group, in conjunction with iovation, interviewed representatives covering 73% of the credit card market and 69% of the debit card market. They found that the U.S. is expected to have almost 100% EMV standard coverage in the debit and credit card market by 2020. Using data from early adopters of chip-and-pin including the U.K., Australia and Canada, the study was able to identify trends in credit card fraud before and after widespread use of EMV. For example, they found that in the U.K., credit card fraud of all types, as a percentage of total transactions, was almost halved from 2004-2015. However, while counterfeit payment card fraud declined sharply, from 128 million pounds in 2004 to 45 million in 2015, card-not-present fraud more than doubled, from 150 million pounds to 398 million over the same time period.
Their projections are that fraud in the U.S. will follow a similar pattern. Counterfeit card losses are expected to decline from $4.5 billion in 2016 to under $1 billion by 2020, when EMV is expected to have almost total penetration of the electronic payments market. However, account takeover, application fraud, and card-not-present losses are expected to continue to grow even after the adoption of chip-and-pin technology.
The study recommends that card issuers continue to invest heavily in security to prevent card fraud. Methods of fraud prevention could include physical and behavioral biometrics, malware detection services to users, and knowledge-based or out-of-band (two-factor) authentication.