A year after COVID-19 changed everything, the fight against payment fraud has entered uncharted territory.
According to McKinsey, consumer purchasing in digital channels achieved nearly a decade of growth in just the time since shelter-in-place mandates were first enacted a year ago. In the blink of an eye, mobile shopping apps, buy-online-pickup-in-store (BOPIS), curbside pickup, and same-day delivery went from trending to do-or-die business propositions. And there’s no turning back.
Even as the world slowly reopens, 72% of consumers say they plan to increase their online shopping. But fair warning: the same pandemic-induced digital transformation driving up transaction volumes is also setting us up for a collision between rising customer demand for fast, frictionless digital transactions—and cybercriminal criminal organizations seeking to exploit that very same expectation.
The fact that scams, account takeovers (ATOs), and card-not-present fraud led to more than $42 billion in losses in 2020 is bad enough. The fact those losses could top $200 billion by 2024 compelled me to join RSA Fraud & Risk Intelligence as its CMO for three big reasons.
#1 Payment Fraud is Growing – Fast!
Hackers aren't slackers. Well-funded and highly professional, today's cybercriminal organizations function with the same level of operational agility and technological innovation as any modern enterprise—complete with market research, product development, tech support, quality assurance, call centers, you name it. They just do it in a stealthier way with outsized profit margins versus their traditional, legal counterparts.
Leveraging everything from stolen identity- and credit card-wielding bots, to AI-powered Trojans, to rogue mobile apps, to deep fake-enabled phishing and social media scams and more, fraud losses in all forms raked in more than $4.2 trillion worldwide last year. By the end of 2021, Cybercrime, Inc. could rank as the world's third-largest economy. No consumer-facing business is impervious, no industry immune from this threat. And it's getting worse.
#2 RSA is Advancing the Industry once Again
Founded nearly 40 years ago, RSA is an iconic brand with a heritage as the OG of cybersecurity, with a broad array of customers spanning banking, travel, retail, insurance, gaming, across numerous geographies.
With the pandemic driving an exponential rise in digital transactions, the need to protect card-issuing banks, payment processors, and the businesses and consumers they serve against fraud has never been more urgent. By carving out a dedicated Fraud & Risk Intelligence business, RSA is bringing laser focus to this cause with a dedicated product portfolio.
Our Adaptive Authentication for eCommerce solution is built around the EMVco 3-D Secure 2.x protocol, which provides a frictionless shopping experience for trusted cardholders and challenges only the small minority of high-risk users, leading to a level of accuracy that's unmatched in the industry. For risk-based, multi-factor authentication, RSA Adaptive Authentication for omnichannel offers seamless customer risk decisioning for most verticals. And our cyber-intelligence services, RSA FraudAction, provides complete coverage and takedown services against brand phishing scams, Trojan attacks, rogue mobile apps, fraudulent social media pages, along with a set of intelligence feeds. With a potent mix of solutions like this, nobody else comes close.
#3 Creating a better future for all
As someone who has spent years leading the marketing function at IBM, ThreatMetrix, and Agari, I've seen the damage fraud can do to an organization's ability to operate effectively and execute on plan. And having worked alongside our CEO, Reed Taussig, I know the kind of team he builds, the kind of culture he inspires, and the kind of partnerships he forges.
Our business unit won't just be focused on swatting away the latest payment scam. We'll be helping to protect the digital economy from theft and deter the fraudulent transactions that are used, as so many are, to help fuel drug and human trafficking, terrorism and other nefarious behavior.
There's one other thing that has me amped about my new adventure, and that is out history of helping to shape an industry ecosystem. That's true whether it's through relationships with organizations like EMVco, the non-profit that defines 3DS2 standards, or the governing bodies behind the SCA standards for PSD2, or any other number of emerging mandates worldwide. It's also true of RSA Conference, the driving force behind the world's cybersecurity agenda.
We don't just embrace the important levers for governing and shaping the industry in this pivotal moment. We're here to help lead them. It's more than a mission. It's a movement. And I am definitely all-in as a card-carrying member of the RSA #FraudSquad!