Last week’s disclosure that hackers had accessed up to 143 million credit records at Equifax Inc. has stirred fears of a tsunami of fraud in coming months. But physical and online merchants are already struggling not only with a huge threat of fraud, but with a stunning fraud cost that goes well beyond the actual merchandise lost in these schemes, according to data released last week.
The intrusion at Atlanta-based Equifax, disclosed Friday, carries even more frightening implications than usual in these cases because the information the hackers accessed included consumers’ names, Social Security numbers, birth dates, and addresses. In some cases, the data even included driver’s license numbers, said the company, one of three major storehouses of data banks, retailers, and other firms rely on to make credit decisions. Some 209,000 of the compromised records included credit card information, Equifax said. All of this can help a fraudster impersonate an actual consumer to buy goods in-store and online.
Even so, companies are already reeling from the effects of fraud and attempted fraud, according to last week’s report from Atlanta-based LexisNexis Risk Solutions, a unit of RELX Group, a London-based specialist in data analytics.
Indeed, on average, nearly one-third of all monthly retail transactions, and 43% of monthly e-commerce transactions, involve attempted fraud, says the “2017 LexisNexis True Cost of Fraud” study, which surveyed nearly 1,200 risk and fraud managers across various industries this spring. These are figures averaged over the months, so fraudulent attempts in holiday seasons is even higher, the report notes.
For merchants, dealing in digital goods multiplies the threat of fraud, since there isn’t much time to verify the buyer’s identity. The attempted-fraud rate among retailers selling both physical and digital goods is 39%, nearly triple the 14% rate found among sellers of physical goods only. Size matters. The fraud rate is significantly higher—42% vs. 28%—among mid-size and large sellers compared to small sellers, the report found.
Among financial-services firms, a similar trend holds. Mid-size and larger firms with few or no digital channels experienced a 17% attempted-fraud rate, compared to a 35% rate among mid-size and larger firms where most of the transactions are digital.
Identity fraud especially hurts mid-size and large e-commerce merchants. The study found losses owing to fraudulent ID accounted for fully 42% of all fraud among these firms, much higher than fraudulent requests for returns or lost-and-stolen merchandise.
While relatively few respondents are yet allowing mobile transactions, this channel is accounting for an outsized share of fraud costs, according to the report. Among retailers of all kinds, mobile accounts for 5% of transactions but 20% of fraud costs, for example. The corresponding numbers for financial-services firms are 10% and 20%. Among just e-commerce sellers, they’re 8% and an eye-popping 41%.
But the cost of fraud goes well beyond the actual cost of merchandise. Across all the types of firms surveyed, the study found fraud cost companies $2.66 for every dollar of fraud loss. That’s accounting for the cost of chargebacks, fees, lost interest, and merchandise replacement and redistribution. For companies selling chiefly online or selling mostly digital goods, the cost per dollar of fraud soars 31% to $3.48.