This week ACI Worldwide released their
global survey which finds that a quarter of people across the 17 countries reviewed have been affected by card fraud during the past five years. In particular, 42% of Americans and 34% of Brits admitted they have fallen victim.
From this research I found two insights of interest: firstly that identity theft replaces credit card fraud as the greatest concern from fraud exposure, with 49% admitting they are very concerned about possible harm to their financial standing and rating.
Of course, identity theft can lead to credit card fraud, so in reality it is perception. Secondly, customers believe that receiving notifications from their bank of unusual activity on their accounts/cards is paramount to good customer service, with people’s
preference to be alerted on their mobile phones marking a move away from the 2011 trend of being notified via their home phones.
With immediate notification and action now demanded by customers, it’s good to see there’s a step in the right direction with some banks now notifying customers of any change via mobile phone. By doing so it enables new invisible techniques like Proximity
(Proximity Correlation Logic) and voice biometrics to be used for authentication across all electronic and cards transaction channels. On the other hand, it can also have negative consequences: fraudsters will be quick to take advantage of the mobile phone
as a means of spear-phishing; fraudster sends SMS informing customer that a transaction has occurred and to ring the number in the SMS if not correct. Such a message may induce the customer to call the number and end up speaking to the fraudster.
As the world moves to a more mobile centric and real-time environment, paying anytime, anywhere using a smart phone or tablet, it’s not surprising that preferences on how a bank contacts their customers is moving in the same direction. This is another step
in the convergence process; the same device, with regard to banking, transacts, protects and communicates. Ultimately we need to get to a situation where the authentication process is “invisible” and the customer is never contacted unless something is wrong.
Mutual authentication and voice biometrics will take care of the rest!