Sift Logo Several blue dots forming a sphere to the left of the word Sift in italic font.
  • Products

    Digital Trust & Safety Suite

    Fight fraud without sacrificing growth

    Learn more →

    Passwordless
    Authentication

    Account
    Defense

    Content
    Integrity

    Payment
    Protection

    Dispute
    Management

    Sift
    Connect

    PSD2
    Solution

    New Releases & Enhancements

  • Partners

    Sift Partner
    Program

    Join the leader in Digital Trust & Safety

    Learn more →

    Commerce platform partners


  • Industries

    One solution, many applications

    Learn how Sift can work for your industry

    Learn more →

    Featured industries


    Fintech

    Retail

    Food & Beverage

  • Customers

    See case studies by industry

    Sift works across every use case and region

    Learn more →

    Featured customers


  • Resources

    Explore our resources

    Access trends, guides, and insights from Sift

    Learn more →

    Blog

    Ebooks

    One Pagers

    Demos

    Videos

    Webinars

    Infographics

    Podcasts

    Trust & Safety University

  • Fraud Center
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more →

    Our mission: Help everyone trust the internet


    About

    Careers

    News & Press

Request a demo
Products
  • Digital Trust & Safety Suite
  • Passwordless Authentication
  • Account Defense
  • Content Integrity
  • Payment Protection
  • Dispute Management
  • Sift Connect
  • PSD2 Solution
  • New Releases & Enchancements
Why Sift
  • Salesforce
  • Magento
  • Shopify
Industries
  • Fintech
  • Retail
  • Food & Beverage
Customers
Resources
  • Blog
  • Ebooks
  • One Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Fraud Center
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a DemoSign In
  • Blog Home
  • Digital Trust & Safety
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

Mobile Payments, EMV, and Fraud: A Chat with ETA’s Jason Oxman

By Jenny Jedeikin  / 

11 Jul 2016

If you’re a criminal looking to commit credit card fraud, the most popular way to successfully make that happen today is to create a counterfeit card and use it in an in-store purchase. Cha-ching. Free Stuff.

“Counterfeit cards are still the number one form of card fraud in stores in the U.S. today,” explains Jason Oxman, CEO of Electronic Transaction Association, the trade association of the payments industry. “These are fake cards that are created by criminals using stolen account numbers.”

But all of that is shifting, says Oxman, since recent technological innovations are making counterfeit cards harder and harder to use in person. “Criminals are going to have a much tougher time using fake plastic cards,” Oxman says. “But now that payments in stores are getting more secure,” he adds, “it’s opening a window for online fraud.”

Two reasons in-store payments are getting more secure

First of all, many retailers now accept payments from customers using mobile wallets—such as Apple Pay or Android Pay—when making an in-store purchase. “With a mobile payment transaction, there is no account number transmitted, and therefore nothing to steal and no way to make a counterfeit card,” says Oxman.

mobile payments apple pay
Image: iphonedigital

Mobile payments use tokenization technology, which transmits a cryptogram instead of an actual account number. “So even if a criminal were able to intercept a mobile payments transaction, they wouldn’t have an account number they could do anything with,” explains Oxman.

And besides, mobile payments are way better at identifying account holders. According to Oxman, signatures – the old school verification process used for in store credit card transactions – pale in comparison to mobile wallets’ use of biometrics, where account holder identities are verified using a fingerprint or other cutting-edge authentication technologies.

The second way in-store payments are becoming more secure is through the roll-out of chip or EMV technology, which began back in October 2015. “The EMV chip generates a unique or dynamic security code with each use,” Oxman explains, “That way, no one can produce a counterfeit card because they don’t know what security code to use on that card.”

Oxman thinks that once retailers start using chip technology across the board, it’s going to drastically reduce in-store fraud. “This is the most significant technology upgrade to the payment systems in decades. We have literally been using those plastic cards with magnetic stripes on the back for 40 years. It’s the same technology used in cassette tapes,” Oxman adds. “That’s how old it is.”

This radical change is affecting 1.2 billion cards in the market today and 8 million merchants. “It’s a lot of work to do the upgrades in the stores,” says Oxman, “but it’s important because we all share an interest in stopping crime.”

So, what do we do about online fraud?

But don’t get too excited, Oxman cautions. All this new security isn’t going to cut off criminals in their tracks. Oxman says fraudsters will likely turn their dirty work to online transactions, where an actual credit card isn’t needed.

“Historically, around the world, in markets that have migrated to chipped cards, there has been an increase in online fraud as criminals seek other outlets,” says Oxman. The problem is, through a variety of methods—including data breach and theft—criminals will continue to get access to credit card account numbers, and since they can’t make a counterfeit card, they’ll go shopping online with the stolen account number.

In order to stop online fraud, Oxman stresses, the focus has to be on making sure that criminals can’t collect credit card numbers in the first place. One way to prevent that is by making sure online retailers encrypt their transactions. “Encryption is a very good way to prevent online fraud, because it encrypts the transaction at the point of sale online,” says Oxman. “Recently the largest thefts of card numbers comes from data breaches at large retailers in the U.S., like Target and Home Depot. Those data breaches were possible because of a lack of encryption,” he says.

But even with more secure systems in place, Oxman acknowledges that one way or another there will always be criminals who get their hands on credit card numbers. So it’s going to become increasingly important for online retailers and other companies to up their game when it comes to security.

Online fraud currently accounts for 50% of all fraud in the U.S., and that number is likely to increase. Oxman says industry experts anticipate a decrease in in-store counterfeit cards by more than 50%, while card-not-present fraud will jump $3.3 billion to $6.4 billion by 2016.

So what else should retailers do? With the increased need for vigilance, retailers and other companies that do business online will be looking to apply new and innovative technologies to raise the bar on online security, says Oxman.

There are a number of different solutions out there, using a variety of approaches – from rules to machine learning – and each business should evaluate their unique needs and goals when choosing a fraud-prevention vendor. In the end, says Oxman, there is no mandate for security. “It’s going to be up to the individual outfit to decide what type of security update to employ.”

Related

EMVmobile payments

Jenny Jedeikin

Jenny Jedeikin is a freelance writer in Northern California. Her writing has appeared in Rolling Stone Magazine, The San Francisco Chronicle and The Advocate, as well as in marketing blogs for LinkedIn, University of Phoenix, and Salesforce.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.