Black Friday will mark a new milestone this year, when mobile devices for the first time will account for about half of all online purchases during the first weekend of the holiday shopping frenzy, according to a new study.
It will also be a field day for fraudsters, who will exploit the convenience of mobile channels, digital gift cards and one-click checkout services.
Transactions via mobile phones and tablets will reach a peak of 48% of all e-commerce sales from Black Friday on Nov. 27 through Monday, Nov. 30, Portland, Ore.-based Iovation forecasted this week, based on a long-term analysis of millions of transactions from clients of its online fraud-prevention services. After the first weekend, mobile devices will account for about 41% of all online retail sales for the 2015 holiday season, compared with 32% in 2014 and 20% in 2013 for the same periods, Iovation said.
Not surprisingly, as e-commerce volumes rise, so will fraud, warns Iovation. Credit card fraud and phishing will occur, but so will new attacks enabled by digital technology.
Contrary to some forecasts, the U.S.’s ongoing transition to EMV-chip payment cards is unlikely to affect e-commerce fraud rates this year, according to Experian.
"Some people have predicted we’ll see counterfeit card fraud start to migrate from the [point of sale] to online, card-not-present channels because of the U.S. EMV shift, but we don’t see it happening this holiday season," said Mike Gross, Experian’s director of risk strategy for fraud and identity. "EMV adoption is still very light on the merchant side, and also on the consumer side, as issuers are only about halfway through the job of pushing out chip-enabled cards to all consumers."
What’s likely to be a bigger risk for e-commerce merchants is the growing popularity of streamlined mobile checkout options and "buy buttons"—clickable links that can be integrated into social media sites and email, enabling consumers to purchase a product on a mobile device without leaving the platform, Gross said.
"With so many more people using their phones to make purchases now, merchants are eager to simplify that process with streamlined checkout and ‘buy buttons,’ and very often these lack good security controls," he said.
Desktop e-commerce sites have layers of built-in security controls, but many mobile commerce sites have fewer and weaker methods for authenticating users, Gross said. "Mobile devices are playing catch-up by laying on security controls as e-commerce grows, and though we’re seeing the emergence of biometrics and other multi-factor authentication for mobile commerce, it’s still very early in the development of what we’ll see over the next few years, making the current phase particularly risky."
Scams surrounding digital gift cards and e-commerce merchandise delivery are two of the most popular new paths to online fraud, according to a study payments processor ACI Worldwide released this week.
Downloadable gift cards accounted for 9.5% of all attempted online fraud over the last year, followed by e-commerce purchases associated with next-day delivery (6.57%), international e-commerce transactions (2.38%) and online sales for merchandise to be picked up in stores (2.15%). Naples, Fla.-based ACI sampled payment transactions data from U.S. and European retailers between January and July 2015, compared with the same period a year earlier. Overall, online retail fraud attempts rose 30% during the past year compared to the prior year, ACI said.
Digital gift cards account for only about 10% of all gift cards, according to the Retail Gift Card Association. But downloadable gift cards—suitable for mobile devices and more popular with millennials—are among the fastest-growing in the gift card category and are becoming a bigger target for fraud, experts say.
Smaller and midsize companies with new digital gift card operations face the highest risk, said Julie Conroy, a research director for Aite Group.
"Some of these merchants probably haven’t been big targets for cybercriminals in the past, but the highly fungible nature of gift cards will put them in fraudsters’ sights this year," she said.
Larger companies that specialize in digital gift cards typically have more robust systems to block fraud, and increasingly use fraud-prevention services that guarantee against losses from fraud, Conroy noted.
