Rogue mobile apps account for 28% of fraud attacks, according to the Q2 2018 fraud report by Bedford, Mass.-based security solutions company RSA.
Other highlights from the report include:
- Phishing accounted for 41 percent of all fraud attacks observed by RSA in Q2. Canada, the United States, and the Netherlands were the top three countries most targeted by phishing.
- Fraud from mobile browsers and mobile applications increased in Q2 2018 and represented 71 percent of total fraud transactions.
For those in the payments industry, none of this is a huge surprise. With increases in use, usually comes increases of fraud. This also means merchants need to do whatever they can clamp down on them.
Understanding New Types of Mobile Fraud
Click flooding has become a popular fraud trend. This occurs when an unpaid user installs an app and a number of clicks happen, falsely attributing the action a paid advertisement. An advertiser ends up paying a click fee for each false user. This destroys analytics because significantly overstates natural web traffic.
One particular type of mobile fraud is attacking the Install Broadcasts feature of Android devices. All existing apps reside in this feature, and it is notified whenever a new app is downloaded. Cyber attackers create new free apps that when downloaded, sends a series of clicks to networks before installation is completed. In this situation, the scammer gets paid for a natural install.
Another fraud trend is the bot-driven SDK spoofing. This is when malware hides on an app to generate a number of simulated ad clicks but no installation occurs.
Additionally, some retailers have noticed that more fraud occurs during holidays and the summer, most likely because people are paying less attention to installations and apps during these times.
Ways to Prevent Mobile Payment Fraud
Not surprisingly, cyber attackers often target merchants that do not need to deliver a product or service to a shopper. Therefore, in many cases, on-demand services are targeted most.
Merchants need to be cognizant of all of these trends and take actions to prevent them, like:
- Pay attention to ecommerce and mobile traffic and look for abnormalities in both. Distinguishing between the two types of traffic will make it easier when hikes occur.
- Adhere to the Payment Card Industry Data Security Standard. Level 1 provides the highest protection. Though certification may not be necessary for some businesses due to volume levels, following the standard is beneficial. It is a major deterrent to fraudulent activity.
- Track behaviors and set velocity controls. Differences in traffic need to be watched and understood. A large number of current mobile retailers implement seamless secure checkout solutions to their customers to provide safer experiences. Customers who feel protected will continue to make purchases online and with mobile devices. Sending a text, email, or call to a shopper will go a long way at showing their purchases are safe and that security matters.
The Last Word on Mobile Payments
Taking some or all of these actions will help merchants better protect themselves. As the use and security of mobile payments increases, expect scammers to stay one step ahead. Merchants should continuously re-evaluate security.
Apply for Merchant Account Services
If you are a business interested in obtaining account, contact eMerchantBroker.com (EMB). They work with all types of businesses, including those in high-risk sectors. Apply online today.