Credit card fraud is expected to decrease at point of sale terminals thanks to the introduction of EMV cards, although online fraud is predicted to go up as criminals shift their operations to cyberspace.
According to a recent study by Javelin Strategy & Research, online fraud is expected to nearly double from $10 billion to $19 billion by 2018 in the U.S. and small businesses will be the most vulnerable.
Since October 1, card issuers are no longer liable for fraudulent charges involving non-EMV credit cards; instead retailers, including small businesses, will have to foot the bill.
One of the aims of the liability shift is to prevent credit card theft at the point of sale (POS). But while the technology which powers EMV does make skimming more difficult, chip-and-pin technology will not help to prevent online fraud.
Gas pumps are not required to adopt the new EMV technology until 2017 because of the high costs involved, so they remain vulnerable to fraud using cloned non-EMV cards.
Online credit card fraud requires only the card number, expiration date and Card Verification Value (CVV), and there is a thriving marketplace in credit card numbers and personal information hacked from the databases of companies like Target, Hilton, and Home Depot.
Fraudsters purchase stolen credit card information in bulk and use it to make online or phone purchases, often refunding the goods for cash or store credit.
According to experts at Mercator Advisory Group, small businesses are particularly vulnerable to online credit card fraud as they frequently have less money to invest in fraud detection and prevention.
Most small businesses cannot afford the advanced software and security services that larger retailers use to identify fraudulent transactions. Merchants are advised to watch out for shipping addresses that do not match billing addresses, unusually large orders as well as requests for overnight delivery.
For their part, consumers should opt out of storing credit card information on retailers' servers when purchasing goods online. The convenience of not having to enter credit card information manually is far outweighed by the danger of exposing it to hackers and fraudsters.