Retailers must provide a safe shopping experience for Black Friday

Boland Lithebe , Head: Altron Systems Integration Security, CyberTech

November is the start of the annual festive shopping season, and Black Friday – 26 November – is the day when retailers are most under pressure to deliver a safe and seamless shopping experience. The right cyber security approach and protocols are critical to keep consumers safe and protect brand reputations.

Payment card fraud is exploding around the world, with the most recent data from Nilson showing a cost of US$28,65 billion in 2019. These numbers are expected to be higher for 2020 and 2021, fuelled by Covid-19’s economic slowdown and a rise in e-commerce. This type of fraud impacts consumers, retailers and payments companies, and erodes trust in the online experience and in individual brands.

While credit card fraud may be impossible to eliminate, its impact can be mitigated. Retailers need to take an active role to protect consumers and maintain their reputation so that the e-commerce space continues to grow. We recommend the following steps to keep consumers safe and reduce the risk of fraud.

Firstly, companies need to monitor their online footprint to detect any instances where their brand or associated assets are used without permission. Hackers frequently use trademarks of well-known brands to set up phishing sites and dupe consumers into revealing personal information. Similarly, consumers must be able to find legitimate sites online easily so that they reach the company they want to purchase from.

Secondly, retailers must be able to reject transactions where cards have been used fraudulently. This requires ongoing monitoring of the dark web for credit card numbers that may have been leaked – with large enterprises such as banks and big brand manufacturers already engaging in this monitoring.

This also means that retailers need to assess transactions for signs of illegitimacy and follow up accordingly with consumers to confirm. Here, there are several technologies that can assist with this type of threat detection. Geolocation assessments, for example, can flag when a credit card has been used in two different countries during the same time period. Enhanced authentication, which asks consumers to confirm transactions by entering a PIN code sent directly to their phone, adds an additional layer of protection and is already widely used.

Behaviour profiling is an emerging field for cyber security. Here, a consumer’s interaction with an e-commerce or fintech app can be tracked over time. This can help to spotlight transactions that are outside of the norm for the individual user. This can be as subtle as recording the pressure typically applied by an individual’s hand or fingers, the way the phone is tilted, and the speed or slowness in accessing an account and choosing options. If the account is accessed by a different user with the same account details, behaviour profiling can detect this and flag the transaction for follow up by a call centre.

While banks have taken the lead in maintaining credit card security by contacting clients to confirm unusual transactions for their profile, retailers can do the same. A proactive call will help to maintain trust and averts the expense of a fraud investigation, while protecting consumers from financial harm.

By staying abreast of cyber security provisions and thinking ahead to detect threats before they emerge, retailers can work with consumers to provide a safe and trusted shopping environment on the busiest day of the year.