During the COVID-19 pandemic, there has seen a sharp rise in payment fraud – in the form of phishing, vishing, spoofing, ID theft, card fraud, chargebacks and account takeover – as the lockdown has seen a shift to digital transactions on the one hand but also a lowering of various security measures, such as the increase in transaction limits for contactless payments on the other. However, the real fallout of the current fraud will not be felt fully for months to come.
According to UK bank trade association UK Finance, there were almost 15,000 impersonation scam cases reported by UK Finance members between January and June 2020, an increase of 84% compared to the same period last year. Among these, more than 8,000 involved criminals impersonating the police or a bank, a year-on-year rise of 94%. According to a US-based Association of Certified Fraud Examiners report, 77% of respondents observed an increase in fraud as of August 2020 and 92% of respondents expect to see a further increase during the next year. In India, a report jointly published by the Data Security Council of India and PayPal India concludes that the pandemic has required the need for a comprehensive framework to tackle cybersecurity risks including digital transactions. “While we have witnessed a tremendous shift in commerce and financial services, there has been an increase in cyberattacks and the global pandemic has revealed gaps in business continuity plans and IT operations,” said Steven Chan, senior director, head of government relations, APAC, PayPal. According to global fraud and merchant dispute specialist Chargebacks 911, industries are now experiencing 10 times the amount of payment disputes that were taking place prior to COVID-19. Monica Eaton-Cardone COO of Chargebacks 911, says “Contactless payments present a number of fraud threats. For one, if a valid cardholder’s information is stolen, it can be added to a mobile device and used to make unauthorised purchases – leaving merchants covering customers’ losses. In addition to this third-party fraud, contactless payments present a greater opportunity for genuine customers to commit first-party (friendly) fraud and lie about whether or not a transaction was actually made by them.”
However, payment fraud was an issue well before the pandemic. The report, Fraud in cash and electronic payments: taxonomy, estimation and projections by Santiago Carbo-Valverde and Francisco Rodriguez-Fernandez for the International Security Ligue was published before the pandemic and offers two main contributions: first, it provides a comprehensive taxonomy of payment fraud alternatives related to both cash and electronic payments. Second, it offers an empirical estimation of the value of fraud with cash and card payments, as well as some insights into the impact of new forms of electronic transactions, such as contactless payments and cryptocurrencies.
The empirical analysis was conducted for the period 2014–2018 in 52 countries in Europe, North America, Central and South America, Asia-Pacific and Africa. In addition, the report provides some projections on fraud for 2025.