Here’s a statistic that could keep most CIOs awake at night – especially with so many companies having a false sense of security. Mobile fraud is expected to grow by 47 percent in the next five years – and that number might be too conservative.
J. Gold Associates, a market research firm, surveyed 250 organizations with average revenues of more than $2.45 billion for its study on mobile e-commerce. More than half of the organizations believe their revenue from mobile sources will grow 11-50 percent over the next three years.
At the same time, the companies fully expect 3 percent of that revenue will be lost to fraud annually. With the growth of mobile expected to grow by 47 percent in the next three years, J. Gold Associates extrapolated that to mean mobile fraud will grow by the same rate.
Now 3 percent sounds like an innocuous number. After all, brick and mortar stores probably lose just as much to shoplifting and employee theft. But this theft, on average, represents more than $92 million annually for the companies.
As the report states, there is a dark side to this reliance on mobile revenue. More than one-third of companies had lost as much as 5 percent of their revenues; 14 percent had lost more than 10 percent; and, 15 percent said they had lost as much as 25 percent. It’s an understatement when the report states, “This is a staggering level of fraud induced losses. It also indicates a very serious problem exists.”
But companies aren’t spending enough on the problem, the study says, in spite of the fact there is an obvious return on investment. As it points out, investing just 10 percent of the amount lost in fraud annually would provide a significant boost to a company’s ability to protect itself. And, as it states, each dollar not stolen is a dollar applied to a company’s profitability.
There’s also a need to strike now before the exponential growth of mobile fraud. “Companies not making the required investment now in enhanced mobile security will have sharply reduced revenue, as well as much higher costs of operation,” the report said.
What’s probably not surprising is most companies believe they are adequately protected. Apparently, fraud is something that only happens to other companies. That’s probably what leads most companies to state fraud is quickly detected and acted on when it happens on their websites. As the study states, “This seems to be a clear disconnect between reality and perception.”
A new report from LexisNexis has also been released. According to a blog post at Alaric.com, LexisNexis found 15 percent of merchants take mobile payments – a more than 100 percent increase from just two years ago. “But while these make up only 14 per cent of transaction volume, the channel accounts for more than a fifth (21 per cent) of fraudulent cases.This disproportionate amount of fraud is indicative of the risk inherent in these types of transactions,” says the report.
The report also helps explain why there might be overconfidence. It says online fraud costs have dropped about 15 percent per dollar. But the mobile side has risen close to 20 percent. “This is both good and bad news,” the Alaric post says. ”Bad for the very fact that fraudsters are clearly finding it easier to target the mobile sector and are succeeding. But it’s also reassuring to see successful action in the online arena given the growing problem of card-not-present fraud.”
There appears to be a light at the end of the tunnel – and it’s not an oncoming train. Alaric’s report says mobile payments are not a large target [yet] for data compromise because they are still in their growth stage. Kind of makes you shudder what could happen if they become more attractive.
So, what is the good news out of all of this? The Alaric report says, “There is promise that this will continue as mobile payment solutions such as Apple Pay and broader tokenisation schemes from payment industry groups will effectively render mobile payment data unusable for would-be thieves.”
Be frank with yourself. As a CIO, is your organization protected against potential mobile fraud as outlined in the above reports? Be a revenue hero for your company and invest in good protection. Convince the bean counters that it’s good fiscal policy to do so.