SAN FRANCISCO – The 2017 Identity Fraud Study by Javelin Strategy & Research revealed that the number of identity fraud victims increased by 16% (rising to 15.4 million U.S. consumers) in 2016, a record high since Javelin Strategy & Research began tracking identity fraud in 2003. The study found that despite the efforts of the industry, the amount fraudsters took increased by nearly $1 billion to $16 billion.
There was a resurgence in existing card fraud in 2016, which saw an increase of 40% in card-not-present (CNP) fraud. The study also found that the increase in EMV cards and terminals was a catalyst for driving fraudsters to shift to fraudulently opening new accounts. On a positive note, while fraudsters are becoming better at evading detection, consumers with an online presence are getting better at detecting fraud quicker, leading to less stolen overall per attempt.
The 2017 Identity Fraud Study found four significant trends:
- Fraud leaps to a record high incidence: In 2016, 6.15% of consumers became victims of identity fraud, an increase by almost 2 million victims from the previous year. The incidence rate jumped by 16% from 2015, the highest incidence since Javelin began tracking identity fraud. This increase was driven by growth in existing card fraud, which saw a significant spike in card-not-present transactions.
- Card-not-present (CNP) fraud rises significantly: Driven by closing opportunities for point-of-sale fraud and the growth of e- and m-commerce, fraudsters are increasingly moving online, dramatically increasing the prevalence of CNP fraud by 40%. Meanwhile, incidences of fraud at the point-of-sale remained essentially unchanged from 2014 and 2015 levels.
- Account takeover bounces back: After reaching a low point in 2014, both account takeover incidence and losses rose notably in 2016. Total ATO losses reached $2.3 billion, a 61% increase from 2015, while incidence rose 31%. Account takeover continues to be one of the most challenging fraud types for consumers with victims paying an average of $263 out of pocket costs and spending a total of 20.7 million hours to resolve it in 2016—6 million more than in 2015.
- New-account fraud continues unabated: As EMV cards and terminals continue to permeate the U.S. payments environment, fraudsters shift to opening accounts. At the same time, fraudsters have become better at evading detection, with new-account fraud (NAF) victims being notably more likely to discover fraud through review of their credit report (15%) or when they were contacted by a debt collector (13%).
New this year, the study identified and analyzed four consumer personas:
- Offline Consumers have little online presence, either social networking or shopping, and are exposed to less fraud risk than digitally connected consumers, but their minimal digital life brings other risks. With a distrust of both online and mobile banking, these consumers take more than 40 days to detect fraud and incur higher fraud amounts than other fraud victims.
- Social Networkers share their social life in digital platforms (like Facebook, Instagram, Snapchat and other networks), but do very little e- or m-commerce, and face the risks associated with having their personal information widely available to fraudsters who can use it to overcome security measures or socially engineer victims. This manifests in a 46% higher risk of account takeover fraud.
- E-commerce Shoppers (including m-commerce) expose their financial information to potential compromise and experience an elevated risk of existing card fraud. Sixty-two percent of these ecommerce shoppers made an online purchase within the past week. While this customer segment experienced the highest prevalence of fraud of any of the four segments, they also tended to catch it very quickly, minimizing the impact. Seventy-eight percent of fraud victims in this segment detected fraud within one week of it beginning.
- Digitally Connected Consumers have extensive social network activity, frequently shop online or with mobile devices, and are quick to adopt new digital technologies. Twenty-five percent of these consumers used a P2P payment service in the past week. Digitally connected consumers have a presence on an average of 4.9 social networks and are predominantly female; this also exposes them to greater risks, including a 30% higher risk of fraud.
“After five years of relatively small growth or even decreases in fraud, this year’s findings drive home that fraudsters never rest and when one area is closed, they adapt and find new approaches,” said Al Pascual, senior vice president, research director and head of fraud & security, Javelin Strategy & Research. “The rise of information available via data breaches is particularly troublesome for the industry and a boon for fraudsters. To successfully fight fraudsters, the industry needs to close security gaps and continue to improve, and consumers must be proactive too.”