With compromised credit cards and data breaches dominating the
headlines in the past couple of years, it's hard not to have some
concern about fraud. Technology such as
promises to make some payments safer, but experts predict fraud
will remain a growing problem for years to come.
Data breaches totaled 1,540 worldwide in 2014 -- up 46 percent
from the year before -- and led to the compromise of more than one
billion data records.
Twelve percent of breaches occurred in the financial services
sector; 11 percent happened in the retail sector.
Malicious outsiders were the culprits in 55 percent of data
breaches, while malicious insiders accounted for 15 percent.
32 data records were lost or stolen every second in 2014.
North America was the continent most affected by data breaches
in 2014, accounting for 1,164 or 76 percent of breaches in the
world. The United States accounted for 1,107 of those breaches --
72 percent of breaches in the world. Next in line were the United
Kingdom (8 percent), Canada (4 percent), Australia (2 percent),
Israel (1 percent) and China (1 percent).
Fifty-four percent of data breaches in 2014 related to identity
theft, 17 percent aimed at financial access and 11 percent sought
account access. The remainder were considered nuisance attacks or
attempts to get at intellectual property or classified information.
Among the most highly-publicized breaches in recent years:
• EBay: 145 million records accessed.
• Home Depot: 109 million records accessed.
• JP Morgan Chase: 83 million records accessed.
• Michael's Stores: 3 million records accessed.
• Staples: 1.16 million records accessed.
• Domino's Pizza: 650,000 records accessed.
• Sony Pictures Entertainment: 47,000 records accessed.
• Target: 40 million credit card numbers and 70 million addresses
• Nieman Marcus: 350,000 cardholders impacted.
Most card fraud occurs in the United States. In fact, a 2015
research note from Barclays stated that the U.S. is responsible for
47 percent of the world's card fraud despite only accounting for 24
percent of total worldwide card volume.
The high level of debit and credit card fraud in the United
States also impacts other countries. Among U.K.-issued cards in
2015, 35 percent of fraud-related losses occurred in the United
States, compared to 10 percent in France and Australia, 9 percent
in Canada and 6 percent in Germany.
Cross-border fraud occurs when criminals use a consumer's credit
or debit card data in one country to make fraudulent transactions
in another country. In 2014, 47 percent of fraudulent cross-border
transactions on U.K. credit cards took place in the United States.
U.S. credit card fraud is on the rise, too. About 31.8 million
U.S. consumers had their credit cards breached in 2014, more than
three times the number affected in 2013.
That fraud isn't cheap. Nearly 90 percent of card breach victims
in 2014 received replacement credit cards, costing issuers as much
as $12.75 per card.
Most experts believe that the reason the U.S. has a
disproportionately high amount of fraud is because it has been slow
to adopt EMV, a global standard in which credit cards carry
computer chips that cut down on counterfeiting by dynamically
authenticating card transactions. Countries that have deployed EMV
have enjoyed a decrease in counterfeit fraud as a result -- 70
percent in the U.K., for example, between 2005 and 2013.
The U.S. is implementing EMV, and once it becomes widespread,
counterfeit card fraud should drop here, too. But as in other
countries, other types of fraud -- especially card-not-present
(online) fraud -- will probably grow. In the United States,
card-not-present fraud is already a big problem. In fact, it
accounted for 45 percent of credit card fraud in 2014, followed by
counterfeit card fraud (37 percent) and lost/stolen cards (14
The total value of card-not-present transactions is expected to
grow from $9 billion in 2013 to nearly $19 billion in 2018, as
fraud at the point of sale (POS) shrinks.
The quest for identity protection
Source: Federal Trade Commission Consumer Sentinel Network Data
Identity theft strikes people of all ages. In 2014, identity
theft complaints to the FTC broke down nearly evenly among
- 18 percent of victims were age 20-29.
- 18 percent were 30-39.
- 19 percent were 40-49.
- 19 percent were 50-59.
- 13 percent were 60-69.
- 7 percent were 70 and over.
- 6 percent were 19 and under.
Identity fraudsters bilked $16 billion from 12.7 million U.S.
consumers in 2014. As alarming as that statistic is, it's actually
an improvement over the year before, when fraudsters stole $18
billion from 13.1 million victims.
Students are the least likely to realize on their own that
they've been a victim of identity fraud; 22 percent in 2014
realized that they were a victim of identity fraud only after being
denied credit or being told by a debt collector that they had been
victimized -- three times higher than other fraud victims.
How fraudsters strike
Of consumers who reported the method by which they were targeted
by fraudsters in 2014, 54 percent said fraud attempts were
initiated by phone, 23 percent said by email, and 4 percent said by
Fraud is most likely to take place between 2 a.m. and 6 a.m.
when fraud victims are sleeping. Fraudsters don't take off for the
holidays. Christmas Eve and Christmas Day are among the worst days
for fraud, with rates soaring by more than 200 percent on those
days compared to the average fraud rate.
Call centers are also susceptible to fraud. In fact, fraud
attempts that targeted U.S. call centers for retail and financial
institutions increased by 30 percent in 2014 from the year before.
The call centers of credit card issuers were most likely to be
targeted by fraudsters, with one in every 900 calls being a fraud
Mobile transactions are particularly at risk of fraud. While
mobile transactions only accounted for 14 percent of transaction
volume in 2014, they made up 21 percent of all fraudulent
transactions. That's bad news for merchants who sell through mobile
channels, as they lost 70 percent more revenue due to fraud in 2014
than in 2013.
Most incidents of mobile fraud in 2014 were related to credit
cards. In fact, credit cards were used in 53 percent of mobile
With fraud so prevalent in the mobile space, it's not surprising
that 56 percent of mobile commerce merchants in 2014 believed fraud
is inevitable, compared with 49 percent of merchants in general.
Americans' experiences with fraud
Twenty four percent of American investors -- 28 percent of women
and 21 percent of men -- have had their credit or debit card
information stolen through a computer hack attack, according to a
2015 survey. Of those who've had the experience, 90 percent only
had it happen to them once or twice. However, 8 percent noted that
it had happened three or four times and 1 percent reported that it
had happened more than four times.
In January 2014, 18 percent of American adults who spend time
online said they had had personal information stolen such as their
Social Security number or credit card or bank account information.
Eighty-three percent of data breach victims in 2014 said that
the breaches compromised the security of their identity and 85
percent said it was important to take all recommended steps to
protect themselves after the breach.
When asked what they would do if they were victims of a data
breach, 70 percent of consumers said they would avoid doing further
business with the company where their information was breached, but
only 19 percent of consumers who were victims of a data breach in
2014 actually did avoid the business afterward.
Americans don't have much faith in financial organizations'
abilities to keep them safe. In the fall of 2014, 9 percent of
Americans said they were "very confident" and 29 percent said they
were "somewhat confident" that their credit card issuers would keep
their data secure.
So, how far would consumers go to protect their data? Two-thirds
of U.S. consumers in a 2015 survey said they think using
biometrics, such as facial, voice or fingerprint recognition, would
help prevent fraud, and one in four would share their DNA
information with their banks in order to better protect their
That may ultimately be what it takes for us to protect
ourselves, as the number of fraud victims is expected to reach 14
million in 2018. The number of consumers who experience a credit
card breach and the sting of fraud in the same year is expected to
grow 34 percent between 2014 and 2018.
Payment method statistics
Credit card delinquency statistics
Credit score statistics
Gemalto's 2014 Breach Level Index
Barclays' Security in Payments: A Look into Fraud, Fraud
Prevention, & the Future, May 22, 2015
Financial Fraud Action UK's Fraud The Facts
FICO press release, June 25, 2015
Javelin Strategy & Research 2015 Data Breach
Fraud Impact Report
Aite Group's EMV: Lessons Learned and the U.S.
, June 10, 2014
Consumer Sentinel Data Book for January -
Sallie Mae: How America Pays for College
Forter Study Recap, 2015
Pindrop Security Phone Fraud Report
2014 LexisNexis True Cost of Fraud
Millionaire Corner survey
2014 Pew Research Center January 2014
Pew Research Center: Americans' Attitudes About
Privacy, Security and Surveillance
Telstra's Mobile Identity - The Fusion of
Financial Services, Mobile and Identity