Wayne N. Kawamoto
Managing Editor, www.smallbusinesscomputing.com
More than $700 million in online sales were lost to fraud in 2001, representing 1.14 percent of total annual online sales of $61.8 billion, according to GartnerG2, a research service from Gartner, Inc.
Online fraud losses for 2001 were 19 times as high, dollar for dollar, as fraud losses resulting from offline sales. The new survey also showed that adult consumers in the United States are beginning to adopt credit card company solutions designed to protect against online fraud.
A Gartner Internet survey of more than 1,000 adult U.S. online consumers, conducted in January 2002, showed that 5.2 percent of respondents were victimized by credit card fraud in 2001 and 1.9 percent were victimized by identity theft (although respondents do not know whether the theft occurred online or offline).
More than 18 percent of respondents are attempting to fight fraud by embracing two new credit card protection systems: Visa’s Verified by Visa and MasterCard’s Universal Cardholder Authentication Field (UCAF) standard and Secure Payment Application (SPA).
“After years of missteps, the credit card companies have finally got it right with their consumer authentication technology. Consumers are willing to adopt the easy-to-use password-based applications,” said Avivah Litan, Vice President and Research Director, GartnerG2.
“Other security schemes, including public key infrastructure (PKI), smart cards (that the credit card firms also support) and disposable card numbers, receive far less consumer support,” Litan said. “Most consumers are unwilling to take the extra steps required to use PKI, as the failure of the previous MasterCard/VISA sponsored PKI-based Secure Electronic Transactions (SET) standard clearly demonstrated. Consumers also believe the new Visa and MasterCard systems offer better protection than PKI or smart cards, showing that branding is far more important than technically robust security schemes.”
The credit card companies are, however, not yet willing to take the next major step: inciting merchant adoption by universally lowering merchant fees. MasterCard does plan to partially incite U.S. merchants by making issuers, rather than merchants, liable for UCAF-protected transactions beginning in November 2002. Visa plans a similar shift in liability rules in mid-2003. U.S. merchants will, however, continue to pay higher fees for Internet transactions, which average approximately 2.5 percent vs. 1.5 percent for in-store sales.
“Consumers are interested in using these new security systems, which can significantly reduce online fraud. The credit card companies should, however, back up their belief in these systems by lowering fees for all merchants who support them,” said Litan. “This would guarantee even more widespread adoption.”