This is the first article in our three-part series on ecommerce fraud protection. Click here to read Part 2, for businesses. Part 3, for individuals, is coming soon.
For banks and other large financial institutions, ecommerce is often a double-edged sword. On one hand, the revenue opportunities due to ecommerce continues to surge as shoppers increasingly purchase more items and services outside of brick-and-mortar stores. In fact, global ecommerce sales are predicted to hit over $6.8 trillion in 2025. And each time a payment card is used, the issuer gets a cut of the transaction. Great news for banks.
On the other hand, ecommerce makes fraud – especially card-not-present fraud – exponentially easier to commit, leading to billions of dollars in losses. And while each party involved in the transaction, from merchants to cardholders, takes a hit when fraudsters strike, it’s often the banks that take the punches hardest and most often. In a 2024 LexisNexis study, nearly two-thirds (63%) of financial firms reported a 6% increase in overall fraud over the past year. Bad news for banks.
Let’s dive in to find out what it all means – and how banks can properly protect themselves from fraud.
The Cost of Ecommerce Fraud to Banks
While large financial institutions are not the direct target of ecommerce fraud, they do bear a large portion of the financial brunt. The LexisNexis study concluded that for every dollar lost to a fraudster, North American financial institutions lose $4.41. Why such a steep cost for banks? Thanks to consumer protection laws and banking regulations, banks often have to foot almost the entire bill for fraudulent transactions on payment cards.
It also means banks are seeing increased operational expenses in order to prevent, detect, and remediate ecommerce fraud. The human capital investment alone is huge, as banks must hire and train employees and fraud prevention experts to mitigate the issue. Then there’s the issue of regulatory and compliance costs. Banks need to adhere to stringent regulations aimed at combating fraud, which requires stronger customer authentication processes.
Falling short of these regulations can result in hefty fines and a hit to the bank's reputation – which can lead to customer attrition, negative word-of-mouth, and a tarnished reputation that’s hard to shake off. This is most impactful as banks live and die off consumer trust. If Bank A has less protection across their customers’ financial data than Bank B, Bank A will soon be turned into a Dave & Buster’s as members flee to safety. According to research by Javelin Strategy & Research (via Abrigo), “31% of clients are more likely to leave the financial institution after a fraud event, even when the bank or credit union is not at fault.”
The Concerning Growth Ecommerce Fraud
So, banks have a concerted interest in preventing ecommerce fraud. But as savvy as banks and other financial institutions are, the problem keeps increasing in frequency and magnitude. According to the LexisNexis study linked above, in 2024, US banks ranked CNP fraud as the biggest contributor to their card-related fraud losses. And it’s no coincidence that American retail ecommerce sales increased by 36.4% in 2020, the same year that CNP fraud loss grew by 31.2%.
In short, ecommerce fraud is increasing because ecommerce as a whole is increasing, and effective prevention methods are not yet in place to protect the bank, the merchant, and of course the individual shopper.
Here are the issues that banks face today that often enable more ecommerce fraud:
Data Breaches
When criminals get their hands on sensitive data, they can wreak havoc on bank accounts, leading to fraudulent transactions that are hard to track and even harder to stop.
Weak or Stolen Credentials
Weak passwords and stolen credentials are a gateway for fraudsters to access bank accounts and initiate unauthorized transactions.
Lack of Secure Payment Verification/Authentication
While multi-factor authentication and biometric verification are being rolled out, not all banks have fully integrated these technologies. Weak or inconsistent authentication methods make it easier for fraudsters to take over accounts and carry out their schemes.
Increased Reliance on Digital Channels
As banks embrace digital transformation, they’re opening more doors for fraudsters to slip through. The rapid adoption of online services, mobile banking, and digital payments has created a playground for cybercriminals who are quick to exploit vulnerabilities.
Increased Transaction Volumes
The post-pandemic boom in online transactions has banks playing defense. High transaction volumes can overwhelm existing fraud prevention measures, making it easier for fraudulent activities to slip through the cracks.
Customer Convenience vs. Security
In the race to offer faster transactions and easier payment methods, banks sometimes prioritize convenience over security. Less stringent checks make it easier for fraudsters to carry out their schemes.
So, what can be done?
How Banks Can Prevent Ecommerce Fraud
In the 2024 LexisNexis study linked above, US banks reported using the following methods to control fraud:
Educating customers about information security
Using personalized recommendations to encourage customers to take actions that enhance their security
Training employees to spot fraudulent activity
Deploying AI and machine learning models to identify new fraud patterns
But even with these strategies, banks face challenges. In the same study, North American banks identified some of the problems they face when trying to implement fraud solutions. These problems include:
Staying current with new fraud tactics
Balancing friction with customer experience
Dealing with budget constraints
Lack of employee education
Justifying the value of the fraud prevention solution versus its cost
Banks need a simple, effective solution to prevent CNP fraud. Ellipse Verification Code (EVC) is that solution. EVC is a card-based fraud prevention technology that transforms a card’s static security code into a dynamic security code. The new EVC security code changes whenever the card is “tapped” or “dipped” during a transaction or triggered with a banking app. It’s intuitive, frictionless, and effective.
Staying ahead of ecommerce fraud is crucial for maintaining trust in the financial system. Banks need to stay vigilant, adapt to new threats, and invest in the best technology and training to protect themselves and their customers.
Comments