As long as there have been businesses and consumers, there has been fraud. And now fraud is infiltrating the newest and quickest-growing channel for business transactions – mobile. Importantly, because mobile offers reach to over 7 billion connections, according to the GSM Association, and reach on devices deemed so valuable that many people keep them within arm’s reach at all times, mobile fraud presents an especially penetrating threat to businesses and consumers. But I propose that a new way of defining the most critical aspects of mobile fraud will help both enterprises and mobile service providers better contain this rising threat.
An increase in mobile fraud has been driven by several key factors. In just the last few years, new mobile technologies have revolutionized the way the way we make purchases the way we manage our payment card and bank accounts, and the way we share information with friends, just to name a few things. In particular, as smartphones increasingly become the main way that people manage their everyday lives, and as mobile networks’ speed and capacity have strengthened to a level that allows people to carry out complex tasks like online banking and e-commerce, companies from hip start-ups to old-school retailers have come to see the value of offering options for mobile payments. And, unfortunately, where the money goes, criminals usually follow.
While the topic of fraud remains a sensitive topic for enterprises and service providers alike, the hard truth is that any fraud has a direct impact on a company’s profits. In a fiercely competitive business world where the first priority is increasing revenues and minimizing costs, and where every dollar is counted and valued, fraud can represent a shocking and serious leak of hard-earned money. Moreover, it can result in significant damage to market value and public reputation, among several other areas. On any level, fraud exacts an extremely high price to pay.
Recently, this price has gotten even higher. Companies are now individually losing up to $240 million in revenue each year, with the average annual loss totaling $92 million, according to a report by mobile identity provider TeleSign and IT security firm RSA. Moreover, in just the U.S., mobile devices now make up a disproportionate share of the $6 billion that fraud costs merchants and card issuers each year. While mobile payments account for 14 percent of transactions among merchants that accept them, they make up 21 percent of fraud cases, according to a survey by LexisNexis Risk Solutions.
Yet enterprises and service providers face a number of tough challenges in taking on this fraud problem. The number of mobile users continues to rise globally along with the range of mobile transactions that companies offer to serve them. Also, authentication processes like logging in to accounts are limited in their complexity, and thus their level of protection, to avoid consumer frustration. Plus, mobile transactions enabled by banks, payment card providers, software systems and private networks that all depend on each other remain equally vulnerable at the weakest link in the system. Finally, new mobile technologies like LTE present a host of new processes and loopholes that are vulnerable to exploitation by fraudsters.
To better confront these threats, I think enterprises and service providers need to redefine the ways we approach mobile fraud. Based on some of my recent customer engagements and on 20 years of developing mobile and technology fraud solutions, I’ve defined four areas I think enterprises and service providers should place special focus on:
- Separate mobile strategy – Although many fraud schemes are first perpetrated on the Internet through PCs before being directed to mobile devices, it’s imperative that mobile fraud be treated as a separate channel distinct from fraud on other digital channels. Mobile fraud attacks have unique, complex characteristics that demand a specialized strategy specific to the mobile channel.
- Predictive analysis capability – Following from the point above, in implementing a separate mobile strategy for fraud, the strategy must include a predictive analysis capability to provide a sophisticated, far-ranging approach to obtaining the best data and using it to respond to particular fraud patterns. For this reason, it’s critical to partner with a mobile fraud specialist to ensure that fraud can be addressed by a company with deep expertise and specific experience in this area.
- Cloud-based solutions – Even though a range of mobile fraud solutions are now available, their cost and time to implementation make them impractical for a number of businesses, especially smaller ones. Cloud-based systems offer much more cost-efficient and quickly deployable solutions and represent the future of a fast and effective response capability for mobile fraud attacks.
- Global approach to highly organized criminal networks – Finally, today’s mobile fraud is vast, highly organized and often professionally managed by criminal rings across multiple locations and networks around the world. A successful mobile fraud strategy thus requires a truly global approach and must incorporate a coordinated effort across all a company’s geographic regions to ensure a comprehensive and consistent response.
As mobile use continues to soar and become a more and more essential element of our lifestyles, mobile fraud will in parallel become an increasing risk. Based on my experiences, I think shifting our approach to focus on the four factors above will enable us to combat this problem more effectively.
Do you agree? What do you think are some of the most effective ways to stop mobile fraud? Please leave a comment.