Don’t Let Fraud Spoil Your Holidays

How financial institutions and their accountholders can defend against real-life grinches

The holiday season is often considered the most wonderful time of year. But for financial institutions, it's also a time to be wary of the breaches, identity theft and fraud that ramp up during holiday shopping.

And with expanded payment options – through cards, phones and watches as well as with new online technologies and contactless payments – protection during the holidays is increasingly more difficult and complex.

Overall, traditional identity fraud losses in the U.S., caused by criminals illegally using victims’ information to steal money, exploded in 2021 to $24 billion – an alarming 79% increase over 2020, according to a Javelin Strategy & Research 2022 Identity Fraud Study: The Virtual Battleground. Losses from identity fraud scams, in which a fraud operator influences a victim to divulge or expose their personal information, added another $28 billion in impact, victimizing an additional 27 million U.S. adults. Taken together, identity fraud losses totaled $52 billion and affected 42 million U.S. adults, the study showed.

So what can your financial institution do to keep the holidays happy for everyone except fraudsters? Here are five tips.

1. Remind Accountholders of Seasonal Fraud Trends

Warn accountholders about scams that tend to be more pervasive during the holidays.

For instance, there may be no place like home for the holidays, but that means high travel volume at airports, train stations and highways. However they travel, accountholders should beware: Fraudsters are constantly on the prowl, and accountholders need to protect their phones, physical wallets and travel accessories.

Accountholders' generosity also makes them a huge target for fraudsters, and holidays are a peak time for charitable giving. When accountholders are unfamiliar with a charity or don't recognize the phone number or email address of the solicitor, let them know it's fine to withhold contributions until they've thoroughly vetted an organization.

Account takeovers also are a threat throughout the year. When fraudsters gain access to key details of an accountholder's accounts, they can pose as the accountholder and change account details, make purchases, withdraw funds or use stolen information to access additional accounts. Even during the busy holiday season, remind accountholders to regularly monitor their accounts and spending. 

2. Encourage Accountholders to Help Themselves

The first, and frequently best, line of defense against fraud are engaged and proactive accountholders.

They should always remain cautious about texts or emails from unknown sources – or sources posing as known companies. For instance, Amazon recently announced that fake order confirmations accounted for more than 50% of the Amazon impersonation scams reported by their customers. The unsolicited communications often refer to a purchase the customer didn’t make, asking the customer to act urgently to confirm the purchase. Through November 2022, Amazon said they initiated takedowns of more than 20,000 phishing websites and 10,000 phone numbers being used as part of impersonation schemes. 

Remind accountholders to:

• Keep an eye on their money by monitoring what's in their account and their wallet
• Safeguard their Social Security numbers, personal identification numbers, passwords and other identifying information tied to accounts or cards
• Be cautious when using remote terminals or kiosks such as pay-at-pump gas and standalone ATMs
• Remain suspicious of texts or emails requiring immediate action

3. Review Your Risk Rules

Remember to make annual adjustments to your scoring model to account for the changes in accountholder spending during the holiday shopping season.

In particular, try to reduce the number of false positives that result when a valid transaction is denied. Intelligent, data-driven technology can help achieve that balance between fraud protection and friction. The objective is to optimize your accountholder's shopping experience by maximizing approvals.

4. Set Your Program Controls

Transaction authorization controls are the fundamental building blocks for effective processing. Setting appropriate parameters will enable you to provide a reliable experience and maximize risk reduction.

Transaction limits identify the maximum dollar amounts allowed for specific transaction types within a given period. Review your limits for cash and purchasing activity based on an accountholder's spending profile. Defining appropriate amounts will help keep accountholders happy while safeguarding against card abuse.

Consumer spending velocity defines the maximum number of times a card can be used for ATM, point-of-sale and cash-equivalent transactions within a specified time. Remain nimble by adjusting your velocity limits for individual use patterns and the holiday spending season.

5. Review and Implement New Products and Services

New fraud tools can help you balance mitigation with positive accountholder experiences. Here are some examples:

Card Controls and Alerts: Give your accountholders the ability to receive transaction alerts and actively manage their debit and credit cards through a mobile banking app. Enabling accountholders to define when, where and how their cards are used can drive front-of-wallet behavior and support an improved experience.

Fraud Warning Services: Relying on payment networks for alerts about data breaches and compromised cards may cause costly delays and reduce accountholder satisfaction. New warning services can notify you weeks before a network alert and can pinpoint small and local compromises not normally investigated by the networks. With those added services, you likely can uncover compromised cards earlier.

Risk Exemption Services: Often, if an accountholder uses a debit card to make an uncharacteristic purchase, it can generate a high fraud score and trigger a declined transaction. The accountholder could then receive an alert seeking transaction validation. The validation closes the alert, but without an automated risk exemption service, the same transaction using the same card will go through the same risk applications and could be denied again.

The accountholder then must either use a different card or call you to resolve the problem – an inconvenience in either case. With an automated risk exemption service, after an alert is closed as no fraud, an exemption can be automatically placed on risk applications and rules, allowing the accountholder to complete the transaction without additional intervention.

Texting: Automated voice and email notifications regarding suspicious activity may be missed or ignored. Instead, consider texting, which adds more convenience and helps accountholders confirm fraud sooner. Their real-time responses can prevent payment disruption and minimize fraud exposure.

Tokenized Transactions: Encourage adoption of digital wallets that leverage tokenized transactions. They're often safer than traditional card-based transactions because transmitted data is hardened via encryption methodologies.

Keep Your Holidays Merry

As the scale and frequency of fraud evolves, be ready to evaluate and implement risk management processes that help you find the right balance between mitigation and a hassle-free shopping experience.

Proactive approaches, prudently implemented, can help you defend your financial institution and accountholders, ensuring the holiday season is merry for everyone.