The ongoing digital transformation of commerce and payments has radically reshaped the holiday shopping season.
On the one hand, it has never been easier — or more streamlined and immediate — to find a great deal on the perfect gift. But with the surge in online shopping comes an equal and unfortunate increase in holiday scams, as cybercriminals increasingly take advantage of the festive season to exploit unsuspecting shoppers and unwittingly vulnerable businesses.
And while organizations like the U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) put out seasonal guidelines for identifying fraudulent threats, the onus remains on eCommerce platforms and merchants to establish effective anti-fraud measures and cyberdefenses.
The rise this year of generative artificial intelligence (AI) has given cybercriminals and bad actors the new tool to effortlessly automate and scale their attacks.
Since Black Friday (Nov. 24) alone, the financial services company Stripe claims to have blocked over 15 million fraudulent transactions (and counting) related to holiday sales and purchases.
PYMNTS Intelligence data finds that more than 9 in 10 eCommerce businesses (95%) either already are, or plan to, give their fraud defenses a boost.
But as with most enterprise modernizations, stamping out 21st century fraud isn’t as easy as flipping a switch. As bad actors get more sophisticated in their attacks, businesses face a significant challenge: how to provide their customers with a seamless digital experience while ensuring the highest levels of security and revenue protection.
See also: The Holiday Shopping Deep Dive Edition
Striking the right balance between the need to meet customer demands for convenience, speed and personalization, while simultaneously safeguarding sensitive data, preventing cyberthreats, and optimizing revenue streams is essential for the success and sustainability of businesses operating in a digital age.
The most recent PYMNTS Intelligence data on Black Friday 2023 finds that 43% of consumers made Black Friday purchases online this year, and observers believe that consumers are only going to do more business online next year, with fraud and abuse only expected to grow also.
“It’s incumbent upon any business to think about delivering a great customer experience and delivering the security that they need as an ‘and,’ not an ‘or,’” Forter Chief Information Security Officer Gunnar Peterson told PYMNTS. “Neither one of those things is optional anymore, so it’s about figuring out how do you do both at the same time. Companies need to be able to walk and chew gum at the same time.”
PYMNTS Intelligence in another report finds that nearly half of all retail trade businesses (45%) are elevating their anti-fraud strategies. But that still means the majority remain vulnerable. And to the hammer of a bad actor, every attack vector looks like a nail.
Read also: Why Whack-a-Mole Risk Prevention Won’t Work in Today’s Data Economy
To navigate today’s opportunities and risks, organizations need to invest in layers of defense against increasingly sophisticated fraud attacks, while at the same time improving profitability.
Multiple layers of defense ensure that if one layer fails, others are in place to safeguard the digital customer experience. But with cyber-attacks and payment fraud happening in real time, organizations and businesses need make sure their defenses are equally agile to dissuade would be bad actors.
As PYMNTS has previously noted, there is a “greenfield opportunity for providers and platforms to help automate the verification of counterparties’ identities, payment details and accounts to help combat the rise of synthetic identities developed using AI that are increasingly changing the game in fraudsters’ favor.”
“Everything is becoming digitized — and everything’s faster,” Jeff Hallenbeck, head of financial partnerships at Forter, told PYMNTS. “The attack vectors are more complex. The days of merchants being able to fight all this with teams of humans … are gone. They just cannot do it anymore.”
Paul Fabara, chief risk officer at Visa, told PYMNTS, “In many ways, this is going to become a war of AI, as to who has the strongest data sets to be able to feed those models and ultimately be able to create better protection for consumers.”
This holiday season, it is crucial to remain vigilant – and if you’re making a list, finding out who is naughty or nice can make all the difference.