Sift Logo Several blue dots forming a sphere to the left of the word Sift in italic font.
  • Products

    Digital Trust & Safety Suite

    Fight fraud without sacrificing growth

    Learn more →

    Passwordless
    Authentication

    Account
    Defense

    Content
    Integrity

    Payment
    Protection

    Dispute
    Management

    Sift
    Connect

    PSD2
    Solution

    New Releases & Enhancements

  • Partners

    Sift Partner
    Program

    Join the leader in Digital Trust & Safety

    Learn more →

    Commerce platform partners


  • Industries

    One solution, many applications

    Learn how Sift can work for your industry

    Learn more →

    Featured industries


    Fintech

    Retail

    Food & Beverage

  • Customers

    See case studies by industry

    Sift works across every use case and region

    Learn more →

    Featured customers


  • Resources

    Explore our resources

    Access trends, guides, and insights from Sift

    Learn more →

    Blog

    Ebooks

    One Pagers

    Demos

    Videos

    Webinars

    Infographics

    Podcasts

    Trust & Safety University

  • Fraud Center
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more →

    Our mission: Help everyone trust the internet


    About

    Careers

    News & Press

Request a demo
Products
  • Digital Trust & Safety Suite
  • Passwordless Authentication
  • Account Defense
  • Content Integrity
  • Payment Protection
  • Dispute Management
  • Sift Connect
  • PSD2 Solution
  • New Releases & Enchancements
Why Sift
  • Salesforce
  • Magento
  • Shopify
Industries
  • Fintech
  • Retail
  • Food & Beverage
Customers
Resources
  • Blog
  • Ebooks
  • One Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Fraud Center
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a DemoSign In
  • Blog Home
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

‘Tis the Season to be Wary: Holiday Mobile Commerce Fraud Trends

By Angela Marrujo  / 

12 Dec 2018

Mobile is the way of the future – or rather, the present – for e-commerce. Holiday shoppers continue to move away from brick-and-mortar stores to online sites, but are doing even more shopping via mobile devices than ever before. Fraudsters are growing savvy to the trend and capitalizing on the colossal amount of purchases made during the holiday season.

Exponential growth, by the numbers

Black Friday and Cyber Monday mark the official start of the gift-buying deluge, and this year the flood gates were thrown wide open: Black Friday online sales increased more than 23% year over year to over $6 billion, while sales on Thanksgiving Day grew approximately 28%, to $3.7 billion. Of the Black Friday online traffic, a whopping 49% was generated by smartphones. Shoppers were ready and willing to spend, with the average online basket dollar amount at $138, a 6% increase from 2017.

As a testament to the exploding demand for mobile and e-commerce shopping options, the 30 merchants that ranked well on the Checkout Conversion Index report had the fastest, most streamlined online checkouts compared to the 30 merchants with the lowest scores, who had inconsistent checkout experiences. This is worth noting, given that 39% of shoppers will use “buy now” buttons via smartphones this holiday season, and consumers are expected to spend $93.5 billion by the end of the year via mobile.

Merchants that want part of that pie will need to step up their mobile experience.

Cybercrime and the holidays go hand in hand

As is generally the case with fraud, industries experiencing a cascade of wealth are riddled with cybercriminals. The holidays are the perfect time for fraudsters to camouflage illegitimate online purchases among the sea of real transactions.

In 2017, e-commerce fraud attempts increased by 22% from Thanksgiving to December. The number of attempts was highest on Thanksgiving Day, at 1.94% (up from 1.26% in 2016), then on Christmas Eve with 1.78% (1.48% in 2016), and on December 21 – the cutoff date for express shipments – at 1.67% (1.49% in 2016). Peak fraud days were driven by shipment cutoffs, levels of consumer traffic, and pick-up-in-store transactions.

Cybercriminals create fake accounts well ahead of the peak fraud days to make these fraudulent purchases; they sit dormant, age, and then get used during the busiest days of the holidays so they draw less attention.

Fraudsters taking the cheer out of the holidays

The ease and speed of mobile commerce are ideal for holiday shopping (not to mention the ability to avoid crazy crowds by shopping at home), but it’s not without risk, and fraudsters have found ways to exploit the features that make mobile commerce so attractive.

In-store card-not-present (CNP) purchases and contactless payments. Some retailers are now allowing in-store CNP purchases involving store-branded credit cards. The associate looks up the account and the consumer verifies their identity via SMS code or QR code.

Unfortunately, fake QR codes and SMS interception hacks can make these security checks completely useless, and they’re becoming more commonplace tactics for undermining identity verification.

Contactless payment platforms like Apple Pay and Google Pay are considered much more secure forms of payment than credit cards or CNP thanks to their use of biometric authentication and tokenization, but consumer adoption rates remain low due in part to low retailer adoption rates. Only 20% of stores are contactless-enabled, but it’s a great method for protecting consumer payment information, both during and after the holidays.

Looking ahead, dual-interface credit and debit cards that support contactless payments are something more card issuers and retailers are expected to adopt, providing an alternative payment option for consumers who may be mobile averse, but with all the security of mobile contactless payments.

Convincing fakes. Increasingly believable phony websites are an easy way for consumers to fall prey to fraudsters while making holiday purchases via mobile. These sites lure in consumers with too-good-to-be-true deals, which are all the more tempting during the holidays when money might be tighter, and less suspicious since sales are happening everywhere anyway. Not only do fake sites steal money from your business, they ferret out sensitive customer data. They scrape a legitimate retailer’s site in an attempt to recreate the design and layout, but warning signs, like grammatical errors or URLs that have extra words like “deals” or “sales,” can help distinguish real from not.

Behavioral analytics are your friend. Fake accounts that sit unused until the holidays roll around can be weeded out with the help of biometrics and behavioral analytics. Examine actions, such as:

  • How hard does the real user hit the keys on the screen? Bots and scripts tend to hit the same exact pixels on a screen, while a human finger has more variation and applies more pressure.
  • How do they swipe from page to page?
  • How do they hold their device?
  • Does the user touch type or swipe type?
  • Is the mobile device being charged, with a full battery, or is it just running on battery? Click farms run by humans tend to use mobile devices that are constantly charging with perpetually full batteries, versus a legitimate customer who is generally shopping from a device that either isn’t charging, or is and has less than 100% battery.

If certain actions don’t match the typical behaviors of real users, you may have a fraudster on your hands. Email validations and captchas can be triggered when suspicious activity is detected, to create roadblocks for bad users.

Additionally, mobile shoppers tend to have a smaller number of items in their carts at a given time. If you see a cart with a large number of items, particularly gift cards, consider it a red flag. (And make sure to read our blog on why gift cards are such hot ticket items for fraudsters during the holidays.)

Don’t let fraudsters take the happy out of your holidays. Consult our ebook, Maximizing Mobile Opportunities, to help you build a mobile strategy that maximizes conversions and makes life difficult for fraudsters without throwing a wrench in your customer experience.

Related

behavioral analyticsbiometricsBlack Fridaycontactless paymentsCyber Mondaycybercrimeecommercefraudholidayholiday fraudholidaysm-commercemobilemobile commercemobile paymentspayment fraudpayments fraudretail

Angela Marrujo

Angela Marrujo, Content Marketing Manager at Sift, is a lifelong gamer with a deep love for Nintendo, in particular. Illustration and music are her other passions. Angela is a San Francisco State University alumna and, prior to Sift, worked in PR and Marketing in the video game industry.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.