Will You Be a Credit Card Fraud Victim This Holiday Season?

Before you go, we thought you'd like these...
Before you go close icon
Senior woman looking horrified at computer monitor
Getty Images
By Robert McGarvey

Three letters may spell trouble for you in the frantic shopping season that is about to explode: CNP, which stands for Card Not Present. That -- obviously -- is how online merchants process payments (unlike, say, a local pizzeria, they never see or touch the plastic). And at least some experts are predicting an explosion in CNP over the holidays.

CNP fraud is going up three times faster than card present fraud, said Julie Conroy, a banking expert at consulting firm Aite Group.

That was expected, kind of -- but the fast velocity of growth is much brisker than had been anticipated. And, said Conroy, expect to see still more: "We see steady growth for CNP fraud."

The trigger event happened Oct. 1 when both merchants and card issuers were supposed to -- by edict of MasterCard (MA) and Visa (V) -- be ready for so-called EMV cards, aka chip cards. The plus of a chip card is that it dramatically cuts down on card counterfeiting. With mag stripe cards, card printers were plentiful and cheap, as was card stock. Anybody with a stolen credit card number could print out a new card and be in business thieving at a local merchant. Not so with EMV, where the chip technology introduces complexities that, so far, seem beyond the ability of crooks, certainly of run-of-the-mill criminals, to manufacture counterfeits.

So they turn to online shopping where the chip plays no role, because -- again -- the online merchant never sees or touches the plastic.

Just about very fraud expert had predicted a spurt in CNP fraud post Oct. 1, but Conroy is saying CNP started exploding before Oct. 1, and the theft has just kept on surging.

She's not alone. ACI Worldwide, a global provider of electronic payment and banking solutions, has said its data show a 28 percent spike in card not present fraud, which ACI attributes to the deployment of EMV.

Branden Williams, a vice president at large credit card processor First Data (FDC), said there's worse to come. According to him, First Data expects the real explosion of CNP fraud to happen next holiday season, not this one. That's because for now criminals have plenty of retailers that aren't yet EMV compliant (he estimated that maybe 80 percent of terminals aren't).

Even so, Alisdair Faulkner, chief product officer at security company ThreatMetrix, predicted: "We expect to see a dramatic spike in CNP over the holiday season. For many retailers a large amount of profits come in a short period. Businesses find it hard to scale fraud detection systems."

The crook's hope: his stolen credit card will escape notice in an avalanche of credit cards used, say, on Black Friday.

Multiple experts also said they believed the top online retailers -- think Amazon (AMZN) -- are well prepared for the surge in CNP fraud attempts. But small- and mid-sized online retailers, not so much. Crooks may find the going easy with the smaller fry.

Understand: this puts you in the crosshairs. Thieves have at their disposal hundreds of millions of stolen credit card numbers -- from Target (TGT), HomeDepot (HD) and other breaches -- and they are putting those numbers to use making Card Not Present purchases online. Yes, you are protected against loss, especially with credit cards (protections are weaker for debit cards), but you have to notice a fraudulent transaction and report it. This is no time to get negligent about reading credit and debit card statements. Double down on that chore, because the criminals are doubling down on their thieving.

Is there more you can do? Said Chris Strand, an EMV expert with security firm Bit9+Carbon Black: "It's up to us to be proactive. The bank may or may not be. We can take control."

How? Jim Wang, who blogs at WalletHacks, offered a clever tactic. He gets instant notification from a credit card whenever a CNP transaction occurs. He said American Express (AXP) offers that. "For other cards that don't offer CNP alerts, I turn on security alerts via email for transactions over $10," Wang added. "It might sound like a lot of notifications but the emails arrive shortly after the transaction, so I always remember the purchase that triggered it."

Isn't that a lot of work? It is. But know this: trying to clean up credit trashed by identify theft criminals is a lot more work. More advice -- a labor-saving tip from multiple experts -- is save time in the holiday season by using just one credit card for the bulk of our purchases. That makes it all the easier to stay on top of what's happening inside your credit.

This article is commentary by an independent contributor.
Read Full Story

Sign up for Finance Report by AOL and get everything from business news to personal finance tips delivered directly to your inbox daily!

Subscribe to our other newsletters

Emails may offer personalized content or ads. Learn more. You may unsubscribe any time.

People are Reading