Indue Indue
Indue Connect
  • Home
  • Our Story
    • The Indue Difference
    • Our Clients
    • Industry Representation & Partners
    • Regulatory Disclosures
    • Corporate Responsibility and Giving Back
  • Our Markets
    • Fintechs
    • Retailers
    • Banking
    • Religious Charitable Development Funds
    • Mutuals
    • Mortgage Originators
    • Program Managers
    • Government
  • Our Solutions
    • New Payments Platform (NPP)
    • Orion Financial Crimes Service
    • Prepaid & Gift Card Programs | Indue
    • Mobile Payments
    • Nucleus Card Platform
      • Credit Cards
      • Debit Cards
    • Bureau Service
    • Payment Services
  • Our People
    • Our Culture
      • Join The Team
      • Life At Indue
    • Our Leadership
      • Our Board Members
      • Our Executive & Senior Leadership Team
  • News & Events
  • Media Centre
  • Contact Us
  • Call
Indue Indue
  • Home
  • Our Story
    • The Indue Difference
    • Our Clients
    • Industry Representation & Partners
    • Regulatory Disclosures
    • Corporate Responsibility and Giving Back
  • Our Markets
    • Fintechs
    • Retailers
    • Banking
    • Religious Charitable Development Funds
    • Mutuals
    • Mortgage Originators
    • Program Managers
    • Government
  • Our Solutions
    • New Payments Platform (NPP)
    • Orion Financial Crimes Service
    • Prepaid & Gift Card Programs | Indue
    • Mobile Payments
    • Nucleus Card Platform
      • Credit Cards
      • Debit Cards
    • Bureau Service
    • Payment Services
  • Our People
    • Our Culture
      • Join The Team
      • Life At Indue
    • Our Leadership
      • Our Board Members
      • Our Executive & Senior Leadership Team
  • News & Events
  • Media Centre
  • Contact Us
  • Call
  • Indue Latest Industry News and Events
Mar 26

Card Not Present (CNP) Fraud: Keeping Pace in the Fraud Race

  • March 26, 2019
  • Financial Crimes, Industry News

Keeping Pace in the CNP Fraud Race

Card not present (CNP) fraudThe Australian payment industry has seen a seismic shift in the past few years from traditional retail store purchases to online shopping. This migration coupled with the strong fraud protection provided by EMV chip technology for in-person transactions has unfortunately prompted an adverse mirrored trend – an increase of fraud in card not present channels. Card not present (CNP) fraud now accounts for almost 85% of all card payment fraud in Australia and further to this, CNP fraud seems to be growing 13% year on year at an industry level.

To combat this increased threat, AusPayNet in conjunction with key industry stakeholders have initiated an industry-wide collaboration program entitled the ‘Card Not Present Fraud Mitigation Framework’. This Framework sets out the industry approach to mitigate CNP payments fraud for all members across the payment value chain – merchants, consumers, Issuers, Acquirers, card schemes, payment gateways, payment system providers, and regulators. It is a framework designed to reduce fraud in CNP online channels, while also ensuring that online transactions continue to grow and thrive. The key tenets of this framework have been established by the industry:

Guiding Principles

1. Consistently apply Strong Customer Authentication (defined below)
2. Leverage global standards and best practice from other jurisdictions where possible
3. Be technology neutral to provide choice and ease of implementation
4. Use dynamic data wherever possible to reduce fraud
5. Act now, plan for the future – deal with the current fraud issues with the ability to review and update the Framework over time.

Card Not Present (CNP) Fraud Framework: Issuer Obligations

This framework requires participants across the payment value chain to take a more active role in reducing Card Not Present (CNP) fraud. For Card Issuers in particular, the two main obligations within this new framework are as follows:
• Ensure fraud rate remains below Issuer Fraud Threshold
• Perform Strong Customer Authentication or Risk Based Authentication when requested by the Merchant

This framework has set an industry fraud benchmark for an acceptable level of Issuer and merchant risk. Quarterly reporting to AusPayNet of fraud rates will be mandated as part of this framework. Issuers and merchants with fraud rates under the established threshold will not be required to perform any additional fraud mitigation activities. Issuers and merchants operating over the industry fraud rate will be required to perform Strong Customer Authentication. Should Issuers and merchants continue to breach industry thresholds over consecutive quarters, fines and sanctions can be imposed.

Strong Customer Authentication (SCA)

SCA is an authentication method requiring the cardholder’s identity to be verified with at least two independent factors from the following categories:
1. Something only the cardholder knows (knowledge factor) – a password, an answer to a secret question or a PIN
2. Something only the cardholder possesses (possession factor) – a credit card, a hardware token or a smartphone
3. Something the cardholder is (inherence factor) – a biometric feature such as a fingerprint scan, an iris scan, or facial recognition; or a behavioural feature such as type or swipe dynamics.

Although cardholder authentication will actively reduce the occurrence of fraudulent activity, the industry must also consider the user experience when implementing an authentication solution. The framework should provide the consumer with confidence that online transactions are secure without adding a disproportionate degree of friction to the transaction journey.

Card Not Present (CNP) Fraud Framework:  Implementation Timeline

The industry timeline for the implementation of the framework is outlined below:

Card not present (CNP) fraud implementation timeline

Indue has been involved with developing the industry-wide framework via representation and collaboration at forums and consultation submissions. Indue has commenced an internal program of work to build the capability to support the required AusPayNet reporting. We will work closely with all of our card issuers in the next few months to ensure understanding of the initiative requirements and next steps to comply with the new framework.

Update

The banking industry has commenced the execution phase of this framework, which aims to tackle the most prevalent type of card fraud  Read our follow up article here.

  • Facebook
  • Twitter
  • LinkedIn
  • E-Mail

Related Posts

Leave a reply Cancel reply

Your email address will not be published. Required fields are marked *

CATEGORIES

  • Artificial Intelligence (AI)
  • Events
  • Financial Crimes
  • Fintech
  • Indue
  • Industry News
  • Mobile Payments
  • NPP
  • Open Banking
  • Prepaid
  • Technology
  • Webinar

Subscribe to Indue News

Our Story

The Indue Difference

Our Clients

Industry Representation & Partners

Regulatory Disclosures

Our Markets

Fintechs

Retailers

Banking

Religious Charitable Development Funds

Mutuals

Mortgage Originators

Program Managers

Government

Our Solutions

New Payments Platform (NPP)

Orion Financial Crimes Service

Prepaid & Gift Card Programs

Mobile Payments

Nucleus Card Platform

Payment Services

Connect With Us

Enquire Online

LinkedIn

Twitter

YouTube

© Copyright 2018 Indue Ltd | ABN 97 087 822 464 | AFSL No 320204 Legal, Privacy Policy & CookiesFinancial Claims Scheme

Please fill in your details below and you will be redirected to The Orion Financial Crimes brochure after submiting the form.

 

  • This field is for validation purposes and should be left unchanged.
Please fill in your details below and you will be redirected to The Orion Financial Crimes brochure after submiting the form.

 

Contact Indue
  • This field is for validation purposes and should be left unchanged.