Mon | Feb 19, 2018

Ajay Bhalla | Retail fraud on the rise - Act now to prevent cybercrime

Published:Wednesday | July 6, 2016 | 12:00 AM
Ajay Bhalla

The convergence of the physical and digital worlds is fundamentally changing almost every aspect of our lives - not least the way we shop. This presents opportunities, but also new threats that we must be prepared to challenge.

Two pieces of recent research underscore this very point.

On the one hand, a study indicates that, for the first time, people are doing more of their shopping online than in-store. Yet at the same time, research by the British Retail Consortium (BRC) shows that retail fraud is up by 55 per cent year-over-year in the United Kingdom, driven largely by a sharp rise in offences committed online.

As more commerce moves online, organisations at every link in the chain must ensure they are properly equipped to withstand the threats of today's cybercriminals.

Because, while payment technologies have never been safer, criminals have never been smarter.

Everyone from political leaders to the heads of major law-enforcement agencies and senior NATO officials concur that cybercrime is now one of the most serious threats to businesses, governments and national economies that has ever been seen. The wave of large hacks on banks in recent months plainly demonstrates the scale of the damage that can be wreaked.

Law-enforcement agencies have been among the first to admit that efforts to police this growing menace has so far proved ineffective. For that reason, we must focus our attention on what can be done immediately: prevention.

Retailers, card issuers and banks may not be able to track down the perpetrators of these crimes, but every organisation in the retail and payments ecosystem can embrace the technology already available to thwart fraud before they become victims.

And because we refuse to stand still in the fight against fraud, we are constantly developing new technologies to anticipate future threats and guard against them.




Take card-not-present fraud (the unauthorised use of a payment card when the cardholder does not physically present at the time of the transaction), for example. That accounts for more than half of all fraud, but can be countered through existing identity verification techniques. Entry-level cardholder verification tools are still not universally used, yet far more secure methods using biometrics are already waiting in the wings. For example, MasterCard Identity Check Mobile app - which uses biometrics and other advanced technologies to prove a consumer's identity when making online transactions.

Or consider the hundreds of millions of cardholder identities that are exposed every year through merchant system breaches - a figure that could be dramatically cut through greater use of encryption and tokenisation, which shield sensitive data by making consumers' card numbers anonymous.

The crucial point is that there is no silver bullet to preventing security breaches and defeating fraud. A multi-layered approach is essential.

To turn the tide in this battle requires the universal commitment of financial institutions, retailers and payment networks, as well as greater vigilance among consumers.

Through the right global standards, best products and services, and our desire to constantly innovate, we can ensure everyone is protected everywhere and every time they pay, which will ultimately define and defend the future of payments.

- Ajay Bhalla is MasterCard's president for global enterprise risk and security. Email feedback to