NAFCU Services Blog

By Ann Davidson, Vice President of Risk Consulting | Allied Solutions 

Financial institutions across the country are experiencing the rise of fraud, particularly in the area of card fraud. As touchless payments and online transactions increase, the type of card fraud is switching from primarily card-present fraud to card-not-present (CNP) fraud. This type of fraud is happening to both credit and debit cardholders with over half of Americans having already been victims of digital payment fraud.  

How CNP Fraud Attacks Occur 
Fraud is occurring at alarming rates when the fraudster does not have the physical card being compromised. Already in 2022, there have been 365,000 reports of card fraud. The bad actors are accessing members’ information through credential stuffing, data breaches, synthetic identity, and payment apps like Venmo and Zelle. Most cardholders have already been victims of multiple fraud attempts but may be unaware as the bad guys know how to test out small amounts of fraudulent transactions in hopes they will go unnoticed.  

Tactical Ways to Combat Card Fraud 
To outsmart and outmaneuver the bad guys, consider these tactical approaches: 

• Enable 3-D Secure 2.0: Formerly known as Verified by Visa or Mastercard SecureCode, 3-D Secure is a vital layer of authentication. This is a complimentary card service and all credit unions should have version 2.0 enabled.  
• Know your card provider representative: Every credit union has a designated representative from their card provider (Visa, Mastercard etc.) Knowing and communicating with your representative can help your back-office staff investigate and identify common sources of card fraud. While it is not sufficient to rely on card processors to mitigate card fraud on your institution’s behalf, it is imperative to have a working relationship with your card provider representative.  
• Block fallback: Did you know that the United States is the only country to allow magstripe fallback in the event that a chip is nonfunctional? However, just because this is the norm doesn’t mean that your institution has to opt into this practice. Consider blocking fallback and encourage members to ask for a new card if their chip is malfunctioning.  
• Leverage biometrics: Biometrics use a person’s unique, non-duplicatable body to authenticate their identity before performing a transaction. Biometric authentication can include fingerprints, keystroke dynamics, or voice identification.  
• Conduct new account reviews: New accounts can be an entry point for fraud. Flag new accounts and consider placing a hold or limit on card activity for a set amount of time. 
• Offer identity theft protection: Approximately 19% of Americans will experience identity theft once in their lifetime. Offering identity theft protection to your members can increase their peace of mind with 24/7 ID and fraud monitoring.  
• Partner with a credit union industry bond provider: A full spectrum insurance carrier should also offer continuous risk education for staff and risk reviews. At Allied Solutions we provide risk management expertise for all fidelity bond policyholders and our risk mitigation experts are available immediately by email, phone call or virtual meeting for risk assessments relating to multiple types of fraud, including card-not-present fraud.