• Products

    Digital Trust & Safety Platform

    Fight fraud without sacrificing growth

    Learn more

    Platform solutions

    • Payment Protection
    • Account Defense
    • Dispute Management
    • Content Integrity
    • Sift Connect
    • Passwordless Authentication

    Sift innovations

    • PSD2 Solution
    • New Releases & Enhancements
  • Industries

    One solution, any industry

    Learn how Sift can work for your industry

    Learn more

    Featured Industries

    • Fintech
    • Payment Service Providers
    • Retail
  • Customers

    Case studies by industry

    See how leading brands succeed with Sift

    Learn more

    Featured Customers

    • DoorDash
    • Uphold
    • Paula’s Choice
  • Partners
  • Fraud Center
  • Resources

    Fraud-fighting resources

    Explore fraud trends and insights

    Learn more

    • Blog
    • Demos
    • Infographics
    • Ebooks & Reports
    • Videos
    • Podcasts
    • One-Pagers
    • Webinars
    • Trust & Safety University
  • Company

    Why leaders choose Sift

    Technology, community, and partnership

    Learn more

    Our mission: Help everyone trust the internet

    • About
    • Careers
    • News & Press
Request a demo
Products
  • Digital Trust & Safety Platform
  • Payment Protection
  • Account Defense
  • Dispute Management
  • Content Integrity
  • Sift Connect
  • Passwordless Authentication
  • PSD2 Solution
  • New Releases & Enchancements
Industries
  • Fintech
  • Retail
  • Payment Service Providers
Customers
Partners
Fraud Center
Resources
  • Blog
  • Ebooks & Reports
  • One-Pagers
  • Demos
  • Videos
  • Webinars
  • Infographics
  • Podcasts
  • Trust and Safety University
Company
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a Demo Sign In
  • Blog Home
  • Fraud
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

‘Tis the Season to be Wary: Holiday Mobile Commerce Fraud Trends

By Angela Marrujo  / 

12 Dec 2018

Mobile is the way of the future – or rather, the present – for e-commerce. Holiday shoppers continue to move away from brick-and-mortar stores to online sites, but are doing even more shopping via mobile devices than ever before. Fraudsters are growing savvy to the trend and capitalizing on the colossal amount of purchases made during the holiday season.

Exponential growth, by the numbers

Black Friday and Cyber Monday mark the official start of the gift-buying deluge, and this year the flood gates were thrown wide open: Black Friday online sales increased more than 23% year over year to over $6 billion, while sales on Thanksgiving Day grew approximately 28%, to $3.7 billion. Of the Black Friday online traffic, a whopping 49% was generated by smartphones. Shoppers were ready and willing to spend, with the average online basket dollar amount at $138, a 6% increase from 2017.

As a testament to the exploding demand for mobile and e-commerce shopping options, the 30 merchants that ranked well on the Checkout Conversion Index report had the fastest, most streamlined online checkouts compared to the 30 merchants with the lowest scores, who had inconsistent checkout experiences. This is worth noting, given that 39% of shoppers will use “buy now” buttons via smartphones this holiday season, and consumers are expected to spend $93.5 billion by the end of the year via mobile.

Merchants that want part of that pie will need to step up their mobile experience.

Cybercrime and the holidays go hand in hand

As is generally the case with fraud, industries experiencing a cascade of wealth are riddled with cybercriminals. The holidays are the perfect time for fraudsters to camouflage illegitimate online purchases among the sea of real transactions.

In 2017, e-commerce fraud attempts increased by 22% from Thanksgiving to December. The number of attempts was highest on Thanksgiving Day, at 1.94% (up from 1.26% in 2016), then on Christmas Eve with 1.78% (1.48% in 2016), and on December 21 – the cutoff date for express shipments – at 1.67% (1.49% in 2016). Peak fraud days were driven by shipment cutoffs, levels of consumer traffic, and pick-up-in-store transactions.

Cybercriminals create fake accounts well ahead of the peak fraud days to make these fraudulent purchases; they sit dormant, age, and then get used during the busiest days of the holidays so they draw less attention.

Fraudsters taking the cheer out of the holidays

The ease and speed of mobile commerce are ideal for holiday shopping (not to mention the ability to avoid crazy crowds by shopping at home), but it’s not without risk, and fraudsters have found ways to exploit the features that make mobile commerce so attractive.

In-store card-not-present (CNP) purchases and contactless payments. Some retailers are now allowing in-store CNP purchases involving store-branded credit cards. The associate looks up the account and the consumer verifies their identity via SMS code or QR code.

Unfortunately, fake QR codes and SMS interception hacks can make these security checks completely useless, and they’re becoming more commonplace tactics for undermining identity verification.

Contactless payment platforms like Apple Pay and Google Pay are considered much more secure forms of payment than credit cards or CNP thanks to their use of biometric authentication and tokenization, but consumer adoption rates remain low due in part to low retailer adoption rates. Only 20% of stores are contactless-enabled, but it’s a great method for protecting consumer payment information, both during and after the holidays.

Looking ahead, dual-interface credit and debit cards that support contactless payments are something more card issuers and retailers are expected to adopt, providing an alternative payment option for consumers who may be mobile averse, but with all the security of mobile contactless payments.

Convincing fakes. Increasingly believable phony websites are an easy way for consumers to fall prey to fraudsters while making holiday purchases via mobile. These sites lure in consumers with too-good-to-be-true deals, which are all the more tempting during the holidays when money might be tighter, and less suspicious since sales are happening everywhere anyway. Not only do fake sites steal money from your business, they ferret out sensitive customer data. They scrape a legitimate retailer’s site in an attempt to recreate the design and layout, but warning signs, like grammatical errors or URLs that have extra words like “deals” or “sales,” can help distinguish real from not.

Behavioral analytics are your friend. Fake accounts that sit unused until the holidays roll around can be weeded out with the help of biometrics and behavioral analytics. Examine actions, such as:

  • How hard does the real user hit the keys on the screen? Bots and scripts tend to hit the same exact pixels on a screen, while a human finger has more variation and applies more pressure.
  • How do they swipe from page to page?
  • How do they hold their device?
  • Does the user touch type or swipe type?
  • Is the mobile device being charged, with a full battery, or is it just running on battery? Click farms run by humans tend to use mobile devices that are constantly charging with perpetually full batteries, versus a legitimate customer who is generally shopping from a device that either isn’t charging, or is and has less than 100% battery.

If certain actions don’t match the typical behaviors of real users, you may have a fraudster on your hands. Email validations and captchas can be triggered when suspicious activity is detected, to create roadblocks for bad users.

Additionally, mobile shoppers tend to have a smaller number of items in their carts at a given time. If you see a cart with a large number of items, particularly gift cards, consider it a red flag. (And make sure to read our blog on why gift cards are such hot ticket items for fraudsters during the holidays.)

Don’t let fraudsters take the happy out of your holidays. Consult our ebook, Maximizing Mobile Opportunities, to help you build a mobile strategy that maximizes conversions and makes life difficult for fraudsters without throwing a wrench in your customer experience.

Related

behavioral analyticsbiometricsBlack Fridaycontactless paymentsCyber Mondaycybercrimeecommercefraudholidayholiday fraudholidaysm-commercemobilemobile commercemobile paymentspayment fraudpayments fraudretail

Angela Marrujo

Angela Marrujo, Content Marketing Manager at Sift, is a lifelong gamer with a deep love for Nintendo, in particular. Illustration and music are her other passions. Angela is a San Francisco State University alumna and, prior to Sift, worked in PR and Marketing in the video game industry.

  • < prev
  • Blog Home
  • next >
  • Company
  • About Us
  • Careers
  • News & Press
  • Partner With Us
  • Blog
  • Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety University
  • Fraud Management
  • Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
  • Social

Don’t miss a thing

Get industry trends, insights, and actionable fraud-fighting tips.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.
Do Not Sell My Personal Information

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2022 Sift Science, Inc. All rights reserved. Sift and the Sift logo are trademarks or registered trademarks of Sift Science, Inc.
Privacy & Terms

Secure your business from login to chargeback

Stop fraud, break down data silos, and lower friction with Sift.

  • Achieve up to 285% ROI
  • Increase user acceptance rates up to 99%
  • Drop time spent on manual review up to 80%
Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.