Visa Inc. reported last week that its cardholders made more than 1 billion transactions using chip cards in March 2017, triple the number in March 2016.
As the hard to fake chip cards are dealt out, fraudsters are migrating to card not present (CNP) transactions, and both trends are likely to accelerate.
An Identity Fraud study by Javelin Strategy and Research released in February found that two million more U.S. consumers were victims of identity fraud in 2016 compared with the year before, while CNP fraud rose by 40% and account takeovers by 61%.
“The final bastion of counterfeit card producers is now instigating transactions online, and they must be wondering why they didn’t do this years ago. It’s so much easier than committing in-store fraud!” says Whitepages Pro’s Tom Donlea.
Whitepages, the Seattle tech firm that put the US phone book online, sees a call to action in the latest fraud and EMV compliance statistics.
Retailers need to be especially wary with “buy online pick up In store”, (“click and collect”) transactions, says Donlea, VP of Pro Marketing for Whitepages Pro, the firm’s B2B unit.
“One large retailer found BOPIS was three times more likely to be fraudulent than other e-comm,” Donlea advises.
The risk increases in the holiday seasons, he adds – “larger haystack, smaller needle”.
Whitepages Pro works with many retailers to help check identities, approve mortgage transactions and reduce fraud exposure.
“Our product tends to complement a fraud platform – for example the Kount, or Cybersource platforms,” says Donlea. “There are always going to be some questionable transactions even after they’ve been screened by those search engines, and that’s where they use our data on name, address, phone number, e-mail, and IP to decide if they trust an identity as presented.
“Retailers who don’t connect up those data elements can often miss ID theft or account fraud,” he says.
“For example, a savvy criminal has Jane Smith’s credit card number and without actually compromising her account they create an email account for her, using an address in the same zip code area, which would be fine for most credit card checks in the US.
“Unless the retailer sees that the email was created yesterday, or the phone number doesn’t tie back to Jane’s ID – they could easily think the transaction’s legit. A proxy IP, or an IP on another continent to the billing address is another warning sign.
“We have over 100 data sources including one that gives IPs’ geo-locations and whether they’re behind proxies.”
While Whitepages Pro has partnerships with all-in-one fraud platforms, it can deliver the data to merchants directly if that is how they want to receive it, says Donlea.
“Most online merchants don’t have the resources to integrate third party data providers like us – but we work with several that do and have been more than happy to incorporate our API (application programming interface),” he says.
Two recent examples he can quote are Moosejaw Mountaineering and Backcountry, both oudoor gear retailers.
Moosejaw’s testimonial says “before Whitepages, we were all over the internet trying to verify identity” and since then their review rate has gone from 15-18% to 6%, their chargebacks ratio once at 50-80 bps is down to about 20 bps and they are up to more than 95% resolution in under a week, with greatly reduced customer friction.
Backcountry’s testimonial is similar: with Whitepages, their customer insult rate (ie number of customers complaining about a rejected order) was down 12% year on year, their fraud detection rate was up 13% and their fulfilment rate was near perfect at 99%.
Whitepages says it has “identity profiles on billions of people globally–more than 90% of US adults (name, address, phone and email)–and ingests more than 7 billion of these data elements each month.”
“Outside the US” the company holds data on “borderless attributes like email and IP globally and in certain markets can tie people to addresses and phones.”
Donlea attributes some of Whitepages Pro’s success to the gap in the market he claims they fill – a solution with reliable data but not too much. Credit bureaus, he asserts, use clunky spreadsheets that are slower to update than Whitepages graphs, and their voluminous data on criminal records etc are unnecessary for e-commerce.
Other contenders offering identity checks based on just one attribute such as email addresses are unreliable, he argues.
The company’s founder Alex Algard paid just $900 for the whitepages.com domain 20 years ago and stepped down as CEO last year to concentrate on a new spin-off Hiya – handing the leadership of Whitepages to a new CEO, Rob Eleveld, whose experience leading multiple start-ups will be key to Whitepages’ future success.