SMARTER. TOGETHER.
The Mobility of Fraud
Michael Loox, CFIDirector of Loss Prevention & Safety
Coffee Bean and Tea [email protected]
David JohnstonSr. Director, Loss Prevention
Dunkin’ [email protected]
Understanding the Challenges of Mobile, Loyalty and Virtual Initiatives
SMARTER. TOGETHER.
Objectives
• Today’s changing payment landscape• The challenges that may lie ahead• Identifying fraud in the mobile environment• Getting ahead of the curve
SMARTER. TOGETHER.
The Coffee Bean & Tea Leaf® in the World Today
52 Years
27 Countries
1010 Stores
14,000 Passionate Team Members
SMARTER. TOGETHER.
• 11,300 Dunkin’ Donuts restaurants in 36 countries• 7,500 Baskin-Robbins restaurants in nearly 50 countries• 1,200 Franchise owners and 50 international partners• Franchisee-reported sales of approximately $9.8 billion (2014).
Dunkin’ Brands is home to two of the world’s most recognized and loved brands:
Coffee Fact: Did you know that a single coffee tree produces only an average of 1-1.5 lbs. of roasted beans annually?
Ice Cream Fact: Baskin-Robbins is part of 2 Guinness World Records – Most cones scooped in a minute (19 - Mitch Cohen, Franchisee) and Largest Scoop of Ice Cream (8,865 lbs. in 2005)
SMARTER. TOGETHER.
Changing Payment Landscape
SMARTER. TOGETHER.
SMARTER. TOGETHER.
EMV: Friend or Foe?
• Europay, Mastercard and Visa standards to protect consumers against fraud
• Inclusion of a Chip & Pin Technology to make counterfeiting cards difficult
• Expectations is for retail industry to be compliant by October 2015
• Merchant absorbs more liability
SMARTER. TOGETHER.
EMV: Friend of Foe?
• 10 Million devices require change in U.S.
• Issuers pushing for chip-enabled card distribution – hit 10/1 Liability Shift
• Card variations to exist until ?2017?
• Online fraud expected to increase– UK had upwards of 150% increase– Increase in Mobile Fraud
SMARTER. TOGETHER.
How would you like to pay?
Mobile Wallets Google Wallet / Apple Pay / Visa Checkout
200+ variations across the globe*
Contactless Payments NFC / QR Codes / SMS Payments Mobile Applications (Loyalty and Private Label)
Online Payments Mobile / Advanced Ordering Applications
Gift Cards and Merchandise (CNP environment)
SMARTER. TOGETHER.
The Mobility of Fraud
• Mobile Fraud– Virtual Activations, Value reloads, Ordering
• “Account Take Overs”– Mobile Accounts with Stored Value– Loyalty Accounts
• Digital Fraud Schemes– Coupons– 3rd Party Gift Card Sales
SMARTER. TOGETHER.
Mobile FraudUsing stolen credit card numbers to put value on a gift card or make a purchase in an above store transaction. (Card not present environment)
Expansion into virtual card activations, online reloading can increase the potential for fraud.
SMARTER. TOGETHER.
Mobile Applications FraudSchemes involving private mobile applications involving Ordering, Payment, Loyalty Programs.
“Account Takeovers” – when an outsider gains access into a customer’s account and either “leeches” or “takes over” their account.
– Pretends to be the consumer and uses value on the app for purchases
– Changes access to the account and controls value– Removes value (de-registering) and re-registers the value on
another account
Consumers think…Data Breach
SMARTER. TOGETHER.
Loyalty FraudBenefits of Loyalty Programs- Economics
SMARTER. TOGETHER.
Loyalty Fraud: Then & NowCosts of Loyalty Programs
• Customer abuse- multiple accounts, exploit rewards• Credit card / Gift Card fraud through app• Employee theft- more avenues and opportunities:
point shaving, gifting points, misuse of loyalty redemption codes
• Value Transfers: e-gift and loyalty points• Real Time Redemptions• No App Needed! Link to phone #
SMARTER. TOGETHER.
Digital Schemes
• Digital marketing can cause greater concern with fraud
• Opens 3rd party fraud channels and affects brand and consumer loyalty
SMARTER. TOGETHER.
Staying Ahead of the Curve
Be a continued learner and partner• Learn your digital environment• Understand industry trends and future
applications
• Partnerships with IT and Marketing
• Get involved in Strategic discussions
SMARTER. TOGETHER.
Staying Ahead of the Curve
Understand Proactive Prevention• IT Capabilities to thwart attempts
– Forced account log-ins– “Bot” applications to automate attempts or
uncover account credentials
SMARTER. TOGETHER.
Example of a Credential “Bot”
Courtesy of Krebs on Security
SMARTER. TOGETHER.
Staying Ahead of the Curve
Understand Proactive Prevention• Proper controls and restrictions
– Expiration of coupons or loyalty points– Account thresholds– Strong customer password/multiple
authentication process
SMARTER. TOGETHER.
Staying Ahead of the Curve• Stay current in the payment landscape• Work with cross-functional teams• Think Sales first, but understand exposure• Changes in investigative process• Be ready for constant change
SMARTER. TOGETHER.
Thank you for your timeand enjoy the conference