The Rise of Online Payment Method Fraud

Online Transactions in the Digital Age

Digital and mobile wallets are currently the most utilized payment methods, constituting 49 percent of global payments. Credit and debit cards follow, accounting for 32 percent of payments. However, in the next ten years, the card industry is anticipated to incur over $400 billion in losses.

The rise in online transactions worldwide will be accompanied by a notable increase in financial crimes and advanced cyberattacks, with a substantial portion fueled by unauthorized access and exploitation of consumer information. Coupling these factors with increasingly sophisticated approaches to fraud means protecting your business and customers with an adaptable, real-time fraud detection solution is more important than ever.

payment method by industry - popularity chart

Industries Most Affected by Online Payment Fraud in 2023

top industries affected by compromises

With the rise of digital payments, it is critical to note that each industry faces distinct challenges in combating fraudulent activities. In the aftermath of a data breach, each compromise results in differing victim counts and can pose a significant financial burden to your business and customers. In the graph below, the number of victims of fraud is dramatically larger than the number of compromises per industry – signaling that a large-scale breach and the resultant data theft can stem from a single compromise.

 

victims affected by compromises

Financial services was the most attacked industry in 2023, looking at year-over-year totals, surpassing healthcare. While the total number of victims has decreased, data breaches are at an all-time high. When left unmanaged, these risks can pose an “existential threat” to your business. 

Year
Q3 2023Q3 2022Q3 2021
CompromisesVictimsCompromisesVictimsCompromisesVictims
Education421,905,778221,097,582251,259,723
Financial Services20410,455,000663,152,906691,732,946
Government262,869,27319219,441211,927,008
Healthcare11316,753,924935,059,3647811,150,980
Hospitality10132,1841069,027,431531,069
HR/Staffing2134,469
Manufacturing652,958,9476423,089,1034848,306,467
Construction2037,595
Non-Profit227,136,7371665,16121143,457
Professional Services8116,467,396691,705,652481,534,208
Retail301,256,27620363,88021520,028
Social Services317,349
Technology404,883,245212,969,68212406,007
Transportation2518,47162,517,8308329,171
Utilities1012,857
Wholesale Trade1321,063
Other271,598,20064691,1348863,908,379
Unknown135,000,000
Totals73366,658,764471109,959,056445166,249,443

Targeted Information: What Do Fraudulent Users Want

The type of information compromised in each data breach determines the quality of resources a fraudulent user can steal and the extent of damage that can be done with it. Personally identifiable information (PII), such as bank accounts, social security numbers, and driver’s license numbers, enable fraudsters to access online accounts and payments. Other data, like names and dates of birth, are more readily leveraged in phishing and smishing scams. On an annual basis, social security numbers are the most frequently compromised piece of PII.

Most Common Fraud Attacks

Cyberattacks and human and system errors are the two main ways fraudsters steal data. While some compromised data is inconsequential, most information, in the wrong hands, can be damaging. For example, if cyber-attackers access an individual’s background information, they can use that data and other collected details to bypass anti-fraud checks more efficiently.

Four Key Payment Fraud Vectors and How SEON Solves Them

Account Takeover (ATO)

Colloquially known as hacked accounts, ATO is a form of payment fraud in which fraudsters gain access to a victim’s account, typically an online banking, an ecommerce account or a digital wallet. Using stolen or phished credentials to log in, the fraudster changes account details to seize control. Once in, they can make unauthorized transactions, transfer funds, and purchase using stored payment methods.

SEON’s solution: With device fingerprinting, IP modules, and user behavior analysis, SEON detects irregular logins and other suspicious user behaviors and flags them in real-time, giving your business the tools to stop ATO in its tracks.

Chargeback Fraud

Frequently referred to as friendly fraud, chargeback fraud occurs when a cardholder makes an online purchase and then requests a chargeback from the issuing bank after receiving purchased goods or services. Legitimate chargebacks are meant for unauthorized use or defective products, while chargeback fraud is committed when the request is made despite no actual issue with the transaction.

SEON’s solution: Using transaction monitoring and behavioral analysis, SEON identifies suspicious chargeback requests and prevents fraud.

 

Stolen Card Fraud

From physical theft of card information or a card’s skimmed details from illegal devices, stolen card fraud involves the unauthorized use of credit or debit card information. Fraudsters use card details to make unauthorized transactions or cash withdrawals, leading to financial loss for legitimate cardholders and the financial institutions involved.

SEON’s solution: SEON’s device fingerprinting, IP module, BIN module and velocity rules catch card testing behavior or stolen cards used across several transactions.

Money Laundering

Money laundering is a complex financial crime involving concealing the origins of illegally obtained money. Typically, it involves three steps: placement, layering, and integration. Placement involves introducing illicit funds into the financial system, layering conceals the source through a series of transactions and bookkeeping tricks, and integration provides legitimacy to the funds through additional transactions and investments. This process makes it difficult to trace the illegal money back to the crime.

SEON’s solution: With transaction monitoring and an anti-money laundering (AML) module, SEON enables payment companies to detect and report potential money laundering activities.

Q3 2023Q3 2022Q3 2021
Cyberattacks614414388
Phishing/Smishing/BEC80131124
Ransomware647893
Malware171533
Non-Secured Cloud Environment516
Credential Stuffing44
Unpatched Software Flaw2
Zero Data Attack6921
Other72123
NA – Not Specified3681772
System & Human Error944243
Failure to Configure Cloud Security6320
Correspondence (Email/Letter)401510
Misconfigured Firewall774
Lost Device or Document932
Other26107
NA – Not Specified64
Physical Attacks14126
Document Theft122
Device Theft741
Improper Disposal11
Skimming Device22
Other23
NA – Not Specified31
Data Leak21
Unknown937

How to Avoid Fraud

Given the widespread occurrence of fraud and the increased risk of financial crime, enhancing your fraud prevention strategies with proactive measures is imperative. Fraudsters in the payments space can steal PII, but obtaining or replicating a person’s digital footprint is much more difficult. A digital footprint is the trail of data created by an individual’s online activities as they engage with digital platforms, online accounts, social media and other online services. By looking at the unique signals that comprise an online identity in combination with device intelligence – examining the extensive proprietary device, IP, software and hardware configurations – atop of a user’s advanced digital footprint, you can protect against fraud with a multi-layered approach.

Four Steps Toward Transformative Fraud Prevention
How Payment Fraud Detection Can Protect Your Business

As an end-to-end fraud prevention and AML solution, we combine advanced digital footprinting, proprietary device intelligence and machine learning to ensure real-time payment fraud detection and prevention.

Speak with an expert

Methodology

Data on the split of global online payment methods is proprietary to SEON. Unless cited otherwise, all other data was retrieved from the Identity Threat Research Center’s Data Breach Annual Report. 

Share article

Subscribe to our newsletter

Get anti-fraud and compliance insights and tips from SEONs experts.

Author avatar
Tamas Kadar

Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.

Industries
Payments