Financial Fraud Action (FFA) UK, a financial services industry research and reporting group, recently released their 2016 year-end payment card and banking fraud totals which showed an increase in card fraud overall, primarily led by card not present channel fraud. Changing trends include an increase in fraud attempts but targeting lower order amounts compared to last year, a shift from malware targeting banks to fraudsters directly targeting consumers and consumer account credentials, and mobile banking app fraud losses more than doubling from 2015.
The Financial Fraud Action UK organization is composed of major banks, payment acquirers and card issuers in the United Kingdom, and members report payment card, remote banking and check fraud losses each year. Over the years FFA UK has tracked significant increases in total payment card fraud against UK-issued cards, growing from £341 million in 2011 to £618 million in 2016. This marked a nearly 10 percent increase just from 2015, when the total fraud loss on UK-issued payment cards was £567 million.
Nearly 70 percent of the total fraud losses on UK-issued cards in 2016 were classified as remote purchase fraud, or card not present channel transactions. Interestingly, the total value of fraud losses increased about 9 percent to over £432 million, but the number of fraud attempts jumped 20 percent, from less than 1.2 million to over 1.43 million attempts. The year-over year percentage change in fraud attempts was more than twice that of the volume of fraud losses, implying fraudsters were targeting lower order value amounts with their more frequent fraud attempts against UK-issued cards in 2016.
For the last two years FFA UK has additionally measured the value of fraud that member organizations thwarted. Although the total volume of money saved from prevented fraud increased from £844 million to £982 million 2016, the proportion of fraud prevented relative to the value of fraud attempts declined from £7.01 to £6.40 out of every £10. Member organizations cited a shift in fraud attacks from more malware targeting online banking systems to scams that directly target consumers. Whereas preventative measures more often identified malware attacks to eliminate or contain any losses, phishing scams and data breaches have provided criminals with consumer credentials leading to more issues with account takeover.
This may be a primary reason behind the major increase in mobile banking fraud, specifically fraudulent transactions made from a consumer’s bank account using a mobile banking app. Although minor in comparison to the more than £432 million in remote fraud losses, the nearly £6 million in mobile banking fraud losses is a 104 percent increase from 2015. In this case fraudsters are targeting higher dollar amounts with their fraudulent payments, as the number of mobile banking fraud attempts increased 26 percent by comparison.
There are several types of fraud that are continuing to decline. Counterfeit card fraud, much of which has been squeezed out with Chip & PIN cards, fell by nearly 20 percent to under £37 million. This is the second consecutive year of decline after an increase in 2014. Within the remote purchase fraud category, although eCommerce fraud increased 18 percent from 2015, mail order and telephone order (MOTO) fraud fell by 10 percent.
For more information: