Home Category Region Publishers About Us Contact Us
Home > Market Research Report > Telecom & IT > E-Payment Security and Online Fraud Prevention: Self Defense for the Merchants and Cardholders
Category
Telecom & IT (11452)
Broadband (398)
Contact Centers (153)
Contents (612)
Convergence (197)
Data Center (351)
Digital Broadcasting (310)
E-commerce (204)
IT Outsourcing (321)
IT Security (496)
LBS (151)
Mobile Device (721)
Mobile Subscribers (128)
Network (632)
Network & Access Devices (256)
Next Generation Wireless Com (538)
NFC (148)
Online Marketing (138)
Operator Company Profile (766)
Optical Network (266)
RFID (250)
Satellite Telecom (130)
Set-Top Box (61)
Software (1025)
UC (299)
Web-Service (487)
Wireless LAN/WiMAX (547)
Market Research Report

E-Payment Security and Online Fraud Prevention: Self Defense for the Merchants and Cardholders

Published by Mercator Advisory Group, Inc.
Published April, 2004 Product code 19040
Content info  
Price
Not Available

This publication has been discontinued on July 19, 2011.

Introduction

NEW RESEARCH REPORT BY MERCATOR ADVISORY GROUP

The fear of online card fraud has been the topic of much press coverage recently, with the horrors of identity theft and phishing attacks leaving the public in a state of anxiety.  This heightened fear can have a seriously detrimental effect on e-commerce.  Cardholders need reassurance that merchants aren't unscrupulous criminals, merchants need to know that the cardholders are legitimate and both parties need to know that the transaction cannot be intercepted.

The latest report by Mercator Advisory Group, titled, "E-Payment Security and Online Fraud Prevention: Self Defense for the Merchants and Cardholders", takes an in-depth look at the world of online card payments, the fraud loopholes that are open to criminals and the methods and systms that have been developed to prevent attacks from happening.

Nick Holland, Director of Emerging Technologies Research at Mercator Advisory Group and the author of the report sees a problem of fraud as an arms race between the criminals and the stakeholders in online card payments:

"As with the physical world, the key to fraud control is making the activity of fraud unfeasibly expensive for the fraudsters and still affordable for the stakeholders.  The gap between the two is a fine one..."

The report details a range of different initiatives including VbV (and SecureCode), single use card numbers, password generating tokens and others designed to secure the cardholder/merchant interaction and offers metrics addressing the question: just how bad is online fraud?

Holland sees a major component of the skepticism relating to online transactions to be a result of the fear of the unknown:

"Whatever fear there is of online card theft, the overwhelming opinion among cardholders seems to be 'it's not going to happen to me', But, there are clearly concerns that it might.  The $50 liabillity cap offered on most credit cards provides financial protection from fraud, but it is well known that an incident of identity theft results in not just financial losses, but substantial time and effort to undo the damage to a consumer's credit status.  Moreover, the enduring image of the Internet as a gaping black hole still exists.  At least in a real world incident of card theft or loss, you have some idea of where and when you lost the card, some feeling of control.  The Internet removes time and place and that scares people..."

Table of Contents

Introduction: Fraud - As Old as Money

1. Attack

1.1. Know the Criminal
1.2. Know the Crime
1.2.1. Stolen consumer identities
1.2.2. Stolen merchant identities
1.2.3. Access to payment networks

2. Defense

2.1. Vulnerability: Message Interception. Countermeasure: Encryption
2.1.1. Secure Socket Layer (SSL)
2.2. Vulnerability: Fraudulent Consumer Activity. Countermeasure: Consumer Authentication
2.2.1. 3D Secure
2.2.2. Card Verification Value and Address Verification Service
2.2.3. Password Generating Devices
2.2.4. Distributed EMV
2.2.5. Cellphone Authentication
2.2.6. Transaction History Analysis
2.3. Vulnerability: Fraudulent Merchant Activity. Countermeasures: Merchant Authentication & Card
Number Protection
2.3.1. Merchant Authentication
2.3.2. Card Number Protection
2.4. Defensive Measures Summary

3. How Bad is Online Card Fraud?

4. Conclusion

List of Exhibits

Exhibit 1: Physical World Card Transaction
Exhibit 2: Virtual World Card Transaction
Exhibit 3: The Three Opportunities for Online Payment Fraud
Exhibit 4: Portable Magnetic Stripe Reader (E-Bay Price: $220)
Exhibit 5: Securing the Message Pipeline
Exhibit 6: SSL Sequence
Exhibit 7: Authenticating the Cardholder
Exhibit 8: 3D Secure Transaction Sequence
Exhibit 9: SET Protocol Transaction Sequence
Exhibit 10: Uptake of 3D Secure by Association Members
Exhibit 11: Global VbV and SecureCode Cardholder Uptake (# of cardholders in millions, percentage)
Exhibit 12: Card Verification Value
Exhibit 13: Vasco eDigiPass' Token
Exhibit 14: Cellphone Authentication
Exhibit 15: Merchant Authentication
Exhibit 16: Sample E-Bay Vendor Comments Page
Exhibit 17: Card Number Protection
Exhibit 18: Summary of Defensive Tools
Exhibit 19: Complaints to Internet Fraud Complaint Center, 2003
Exhibit 20: US Holiday Season Online Spend, 2002 / 2003
Exhibit 21: Percentage of Fraudulent Card Transactions Online
Exhibit 22: Global Credit Card Financial Losses by Type
Back to Top