Retail TouchPoints: Mobile Commerce’s Most Dangerous Fraud Tactics And Ways To Stop Them

November 28, 2017 — Mobile Commerce’s Most Dangerous Fraud Tactics And Ways To Stop Them

Don Duncan, Engineer at NuData, comments on this article by Whitepages Pro’s Tom Donlea about mobile commerce’s most dangerous fraud tactics.

From 2012 to 2015 mobile commerce grew from $24 billion to $122 billion in the U.S. And with this growth came an increase in fraud and an all new breed of fraud threats. Nearly 40% of merchants surveyed by Kount indicated that mobile fraud had increased, up 17% over the previous year. Criminals have discovered new ways to leverage mobile as a means to commit fraud.

Mobile fraud is negatively impacting merchants’ bottom lines. One study from Javelin Strategy found that 16% of chargeback losses stem from mobile transactions, nearly equal to losses stemming from in-store purchases. The same study pointed out that retailers are overly reliant on username and password to authenticate purchases.Unfortunately, these simple identity factors are not enough to stop sophisticated criminals.

A mobile phone is typically jailbroken or rooted to expand its uses beyond the manufacturer’s intended purpose. In some cases, this purpose is criminal in nature, like completing fraudulent transactions with stolen credit information. Retailers tracking shopper device/platform should also track if the device is jailbroken or rooted.

But you can’t stop there, according to Don Duncan of NuData Security: “Rooting and jailbreaking is commonly used to extend the life of the device, like in China for instance where rooted Android devices are common. Retailers can potentially lose innocent tech-savvy customers who are jailbreaking their phones simply to gain more control over them.” He challenges fraud teams not to merely look at the fact that the device has been jailbroken, but look at how the user is interacting with the device:“Tools like biometrics can provide insight into users’ motivations, differentiating between a good user and a device that could be running malware.”

For the complete article, go here.