Search Results for: synthetic id

By: Ken Pruett I want to touch a bit on some of the third party fraud scenarios that are often top of mind with our customers: identity theft; synthetic identities; and account takeover. Identity Theft Identity theft usually occurs during the acquisition stage of the customer life cycle. Simply put, identity theft is the use of stolen identity information to fraudulently open up a new account.  These accounts do not have to be just credit card related. For example, there are instances of people using others identities to open up wireless phone and utilities accounts Recent fraud trends show this type of fraud is on the rise again after a decrease over the past several years.  A recent Experian study found that people who have better credit scores are more likely to have their identity stolen than those with very poor credit scores. It does seem logical that fraudsters would likely opt to steal an identity from someone with higher credit limits and available purchasing power.  This type of fraud gets the majority of media attention because it is the consumer who is often the victim (as opposed to a major corporation). Fraud changes over time and recent findings show that looking at data from a historical perspective is a good way to help prevent identity theft.  For example, if you see a phone number being used by multiple parties, this could be an indicator of a fraud ring in action.  Using these types of data elements can make your fraud models much more predictive and reduce your fraud referral rates. Synthetic Identities Synthetic Identities are another acquisition fraud problem.  It is similar to identity theft, but the information used is fictitious in nature.  The fraud perpetrator may be taking pieces of information from a variety of parties to create a new identity.  Trade lines may be purchased from companies who act as middle men between good consumers with good credit and perpetrators who creating new identities.   This strategy allows the fraud perpetrator to quickly create a fictitious identity that looks like a real person with an active and good credit history. Most of the trade lines will be for authorized users only.  The perpetrator opens up a variety of accounts in a short period of time using the trade lines. When creditors try to collect, they can’t find the account owners because they never existed.  As Heather Grover mentioned in her blog, this fraud has leveled off in some areas and even decreased in others, but is probably still worth keeping an eye on.  One concern on which to focus especially is that these identities are sometimes used for bust out fraud. The best approach to predicting this type of fraud is using strong fraud models that incorporate a variety of non-credit and credit variables in the model development process.  These models look beyond the basic validation and verification of identity elements (such as name, address, and social security number), by leveraging additional attributes associated with a holistic identity -- such as inconsistent use of those identity elements. Account Takeover Another type of fraud that occurs during the account management period of the customer life cycle is account takeover fraud.  This type of fraud occurs when an individual uses a variety of methods to take over an account of another individual. This may be accomplished by changing online passwords, changing an address or even adding themselves as an authorized user to a credit card. Some customers have tools in place to try to prevent this, but social networking sites are making it easier to obtain personal information for many consumers.  For example, a person may have been asked to provide the answer to a challenge question such as the name of their high school as a means to properly identify them before gaining access to a banking account.  Today, this piece of information is often readily available on social networking sites making it easier for the fraud perpetrators to defeat these types of tools. It may be more useful to use out of wallet, or knowledge-based authentication and challenge tools that dynamically generate questions based on credit or public record data to avoid this type of fraud.  

The term “risk-based authentication” means many things to many institutions.  Some use the term to review to their processes; others, to their various service providers.  I’d like to establish the working definition of risk-based authentication for this discussion calling it:  “Holistic assessment of a consumer and transaction with the end goal of applying the right authentication and decisioning treatment at the right time.” Now, that “holistic assessment” thing is certainly where the rubber meets the road, right? One can arguably approach risk-based authentication from two directions.  First, a risk assessment can be based upon the type of products or services potentially being accessed and/or utilized (example: line of credit) by a customer.  Second, a risk assessment can be based upon the authentication profile of the customer (example: ability to verify identifying information).  I would argue that both approaches have merit, and that a best practice is to merge both into a process that looks at each customer and transaction as unique and therefore worthy of  distinctively defined treatment. In this posting, and in speaking as a provider of consumer and commercial authentication products and services, I want to first define four key elements of a well-balanced risk based authentication tool: data, detailed and granular results, analytics, and decisioning. 1.  Data: Broad-reaching and accurately reported data assets that span multiple sources providing far reaching and comprehensive opportunities to positively verify consumer identities and identity elements. 2.  Detailed and granular results: Authentication summary and detailed-level outcomes that portray the amount of verification achieved across identity elements (such as name, address, Social Security number, date of birth, and phone) deliver a breadth of information and allow positive reconciliation of high-risk fraud and/or compliance conditions.  Specific results can be used in manual or automated decisioning policies as well as scoring models, 3.  Analytics:  Scoring models designed to consistently reflect overall confidence in consumer authentication as well as fraud-risk associated with identity theft, synthetic identities, and first party fraud.  This allows institutions to establish consistent and objective score-driven policies to authenticate consumers and reconcile high-risk conditions.  Use of scores also reduces false positive ratios associated with single or grouped binary rules.  Additionally, scores provide internal and external examiners with a measurable tool for incorporation into both written and operational fraud and compliance programs, 4.  Decisioning: Flexibly defined data and operationally-driven decisioning strategies that can be applied to the gathering, authentication, and level of acceptance or denial of consumer identity information.  This affords institutions an opportunity to employ consistent policies for detecting high-risk conditions, reconcile those terms that can be changed, and ultimately determine the response to consumer authentication results – whether it be acceptance, denial of business or somewhere in between (e.g., further authentication treatments). In my next posting, I’ll talk more specifically about the value propositions of risk-based authentication, and identify some best practices to keep in mind.      

By: Heather Grover In my previous blog, I covered top of mind issues that our clients are challenged with related to their risk based authentication efforts and fraud account management. My goal in this blog is to share many of the specific fraud trends we have seen in recent months, as well as those that you – our clients and the industry as a whole – are experiencing.  Management of risk and strategies to minimize fraud is on your mind. 1. Migration of fraud from Internet to call centers - and back again. Channel specific fraud is nothing new. Criminals prefer non-face-to-face channels because they can preserve anonymity, while increasing their number of attempts. The Internet has been long considered a risky channel, because many organizations have built defenses around transaction velocity checks, IP address matching and other tools. Once fraudsters were unable to pass through this channel, the call center became the new target, and path of least resistance. Not surprisingly, once the industry began to address the call center, fraud began to migrate, yet again. Increasingly we hear that the interception and compromise of online credentials due to keystroke loggers and other malware is on the rise. 2. Small business fraud on the rise. As the industry has built defenses in their consumer business, fraudsters have again migrated -- this time to commercial products. Historically, small business has not been a target for fraud, which is changing. We see and hear that, while similar to consumer fraud in many ways, small business fraud is often more difficult to detect many times due to “shell businesses” that are established. 3. Synthetic ID becoming less of an issue.  As lenders tighten their criteria, not only are they turning down those less likely to pay, but their higher standards are likely affecting Synthetic ID fraud, which many times creates identities with similar characteristics that mirror “thin file” consumers. 4. Family fraud continues. We have seen consumers using the identities of members of their family in an attempt to gain and draw down credit. These occurrences are nothing new, but   sadly this continues in the current economic environment. Desperate parents use their children’s identities to apply for new credit, or other family may use an elderly person’s dormant accounts with a goal of finding a short term lifeline in a bad credit situation. 5. Fraud increasing from specific geographic regions. Some areas are notorious for perpetrating fraud – not too long ago it was Nigeria and Russia. We have seen and are hearing that the new hot spots are Vietnam and other Eastern Europe countries that neighbor Russia. 6. Falsely claiming fraud. There has been an increase of consumers who claim fraud to avoid an account going into delinquency. Given the poor state of many consumers credit status, this pattern is not unexpected. The challenge many clients face is the limited ability to detect this occurrence. As a result, many clients are seeing an increase in fraud rates. This misclassification is masking what should be bad debt.  

In financial crime, fraudsters are always looking for new avenues to exploit. The mortgage industry has traditionally been a primary target for fraudsters. But with the 30-year fixed-mortgage rate average above 7.19% for the month of September, it has caused an inherent slowdown in the volume of home purchases. As a result, criminals are turning to other lucrative opportunities in mortgage transactions. They have evolved their techniques to capitalize on unsuspecting homeowners and lenders by shifting their focus from home purchases to Home Equity Line of Credit (HELOC), as they see it as a more compelling option.  Understanding mortgage fraud  Mortgage fraud occurs when individuals or groups intentionally misrepresent information during the mortgage application process for personal gain. The most common forms of mortgage fraud include income misrepresentation, false identity, property flipping schemes, and inflated property appraisals. Over the years, financial institutions and regulatory bodies have implemented robust measures to combat such fraudulent activities.  As the mortgage industry adapts to counter established forms of fraud, perpetrators are constantly seeking new opportunities to circumvent detection. This has led to a shift in fraud trends, with fraudsters turning their focus to alternative aspects of the mortgage market. One area that has captured recent attention is HELOC fraud, also known as home equity loan fraud.  HELOC fraud: An attractive target for fraudsters  What is a HELOC?  HELOCs are financial products that allow homeowners to borrow against the equity in their homes, often providing flexible access to funds. While HELOCs can be a valuable financial tool for homeowners, they also present an attractive opportunity for fraudsters due to their unique characteristics.  HELOC fraud schemes  An example of a home equity loan fraud scheme is a fraudster misrepresenting himself to deceive a credit union call center employee into changing a member’s address and phone number. Three days later, the fraudster calls back to reset the member’s online banking password, allowing the fraudster to login to the member’s account. Once logged in, the fraudster orders share drafts to be delivered to the new address they now control. The fraudster then forges three share drafts totaling $309,000 and funds them through unauthorized advances against the member’s HELOC through online banking platforms.   Why HELOCs are becoming the next target for mortgage fraud  Rising popularity: HELOCs have gained significant popularity in recent years, enticing fraudsters seeking out opportunities with larger potential payouts.  Vulnerabilities in verification: The verification process for HELOCs might be less rigorous than traditional mortgages. Fraudsters could exploit these vulnerabilities to manipulate property valuations, income statements, or other critical information.  Lack of awareness: Unlike conventional mortgages, there may be a lack of awareness among homeowners and lenders regarding the specific risks associated with HELOCs. This knowledge gap can make it easier for fraudsters to perpetrate their schemes undetected.  Home equity loans do not have the same arduous process that traditional first mortgages do. These loans do not require title insurance, have less arduous underwriting processes, and do not always require the applicant to be physically present at a closing table to gain access to cash. The result is that those looking to defraud banks can apply for multiple HELOC loans simultaneously while escaping detection.  Prevention and safeguards  There are several preventive measures and fraud prevention solutions that can be established to help mitigate the risks associated with HELOCs. These include:  Education and awareness: Homeowners and lenders must stay informed about the evolving landscape of mortgage fraud, including the specific risks posed by HELOCs. Awareness campaigns and educational materials can play a significant role in spreading knowledge and promoting caution.   Enhanced verification protocols: Lenders should implement advanced verification processes and leverage data analytics and modeling thorough property appraisals, income verification, and rigorous background checks. Proper due diligence can significantly reduce the chances of falling victim to HELOC-related fraud.  Collaboration and information sharing: Collaboration between financial institutions, regulators, and law enforcement agencies is essential to combat mortgage fraud effectively. Sharing information, best practices, and intelligence can help identify emerging fraud trends and deploy appropriate countermeasures.  Acting with the right solution  Mortgage fraud is a constant threat that demands ongoing vigilance and adaptability. As fraudsters evolve their tactics, the mortgage industry must stay one step ahead to safeguard homeowners and lenders alike. With concerns over HELOC-related fraud rising, it is vital to raise awareness, strengthen preventive measures, and foster collaboration to protect the integrity of the mortgage market. By staying informed and implementing robust safeguards, we can collectively combat and prevent mortgage fraud from disrupting the financial security of individuals and the industry.  Experian mortgage is powering advanced capabilities across the mortgage lifecycle by gaining market intelligence, enhancing customer experience to remove friction and tapping into industry leading data sources to gain a complete view of borrower behavior.   To learn more about our HELOC fraud prevention solutions, visit us online or request a call.  *This article leverages/includes content created by an AI language model and is intended to provide general information.

The Federal Reserve (Fed) took a big step towards revolutionizing the U.S. payment landscape with the official launch of FedNow, a new instant payment service, on July 20, 2023. While the new payment network offers advantages, there are concerns that fraudsters may be quick to exploit the new real-time technology with fraud schemes like automated push payment (APP) fraud. How is FedNow different from existing payment networks? To keep pace with regions across the globe and accelerate innovation, the U.S. created a alternative to the existing payment network known as The Clearing House (TCH) Real-Time Payment Network (RTP). Fraudsters can use the fact that real-time payments immediately settle to launder the stolen money through multiple channels quickly. The potential for this kind of fraud has led financial regulators to consider measures to better protect against it. While both FedNow and RTP charge a comparable fee of 4.5 cents per originated transaction, the key distinction lies in their governance. RTP is operated by a consortium of large banks, whereas FedNow falls under the jurisdiction of the Federal Reserve Bank. This distinction could give FedNow an edge in the market. One of the advantages of FedNow is its integration with the extensive Federal Reserve network, allowing smaller local banks across the country to access the service. RTP estimates accessibility to institutions holding approximately 90% of U.S. demand deposit accounts (DDAs), but currently only reaches 62% of DDAs due to limited participation from eligible institutions. What are real-time payments? Real-time payments refer to transactions between bank accounts that are initiated, cleared, and settled within seconds, regardless of the time or day. This immediacy enhances transparency and instills confidence in payments, which benefits consumers, banks and businesses.Image sourced from JaredFranklin.com Real-time payments have gained traction globally, with adoptions from over 70 countries on six continents. In 2022 alone, these transactions amounted to a staggering $195 billion, representing a remarkable year-over-year growth of 63%. India leads the pack with its Unified Payments Interface platform, processing a massive $89.5 billion in transaction volume. Other significant markets include Brazil, China, Thailand, and South Korea. The fact that real-time payments cannot be reversed promotes trust and ensures that contracts are upheld. This also encourages the development of new methods to make processes more efficient, like the ability to pay upon receiving the goods or services. These advancements are particularly crucial for small businesses, which disproportionately bear the burden of delayed payments, amounting to a staggering $3 trillion globally at any given time. The launch of FedNow marks a significant milestone in the U.S. financial landscape, propelling the country towards greater efficiency, transparency, and innovation in payments. However, it also brings a fair share of challenges, including the potential for increased fraud. Are real-time payments a catalyst for fraud? As the financial landscape evolves with the introduction of real-time payment systems, fraudsters are quick to exploit new technologies. One particular form of fraud that has gained prominence is authorized push payment (APP) fraud. APP fraud is a type of scam where fraudsters trick individuals or businesses into authorizing the transfer of funds from their bank accounts to accounts controlled by the fraudsters. The fraudster poses as a legitimate entity and deceives the victim into believing that there is an urgent need to transfer money. They gain the victim's trust and provide instructions for the transfer, typically through online or telephone banking channels. The victim willingly performs the payment, thinking it is legitimate, but realizes they have been scammed when communication halts. APP fraud is damaging as victims authorize the payments themselves, making it difficult for banks to recover the funds. To protect against APP fraud, it's important to be cautious, verify the legitimacy of requests independently, and report any suspicious activity promptly. Fraud detection and prevention with real-time payments Advances in fraud detection software, including machine learning and behavioral analytics, make unusual urgent requests and fake invoices easier to spot — in real time — but some governments are considering legislation to ensure more support for victims. For example, in the U.K., frameworks like Confirmation of Payee have rolled out instant account detail checks against the account holder’s name to help prevent cases of authorized push payment fraud. The U.K.’s real-time payments scheme Pay.UK also introduced the Mule Insights Tactical Solution (MITS), which tracks the flow of fraudulent transactions used in money laundering through bank and credit union accounts. It identifies these accounts and stops the proceeds of crimes from moving deeper into the system – and can help victims recover their funds. While fraud levels related to traditional payments have slowly come down, real-time payment-related fraud has recently skyrocketed. India, one of the primary innovators in the space, recorded a 23% rise in fraud related to its real-time payments system in 2022. The same ACI report stated that the U.S., making up only 1.2% of all real-time payment transactions in 2022, had, for now, avoided the effects. However, “there is no reason to assume that without action, the U.S. will not follow the path to crisis levels of APP scams as seen in other markets.” FedNow currently has no specific plans to bake fraud detection into their newly launched technology, meaning the response is left to financial institutions. Fight instant fraud with instant answers Artificial Intelligence (AI) holds tremendous potential in combating the ever-present threat of fraud. With AI technologies, financial institutions can process vast amounts of data points faster and enhance their fraud detection capabilities. This enables them to identify and flag suspicious transactions that deviate from the norm, mitigating identity risk and safeguarding customer accounts. The ability of AI-powered systems to ingest and analyze real-time information empowers institutions to stay one step ahead in the battle against account takeover fraud. This type of fraud, which poses a significant challenge to real-time payment systems, can be better addressed through AI-enabled tools. With ongoing monitoring of account behavior, such as the services provided by FraudNet, financial institutions gain a powerful weapon against APP fraud. In addition to behavioral analysis, location data has emerged as an asset in the fight against fraud. Incorporating location-based information into fraud detection algorithms has proven effective in pinpointing suspicious activities and reducing fraudulent incidents. As the financial industry continues to grapple with the constant evolution of fraud techniques, harnessing the potential of AI, coupled with comprehensive data analysis and innovative technologies, becomes crucial for securing the integrity of financial transactions. Taking your next step in the fight against fraud Ultimately, the effectiveness of fraud prevention measures depends on the implementation and continuous improvement of security protocols by financial institutions, regulators, and technology providers. By staying vigilant and employing appropriate safeguards, fraud risks in real-time payment systems, such as FedNow, can be minimized. To learn more about how Experian can help you leverage fraud prevention solutions, visit us online or request a call.  *This article leverages/includes content created by an AI language model and is intended to provide general information.

    This article was updated on September 11, 2023. According to research, only 15% of American consumers have swapped out their go-to credit card in the past year and spend more money both online and offline with the card they designate as their top-of-wallet card. With over 578 million existing credit card accounts in the U.S., here are four top-of-wallet strategies to keep your card top of mind: Go digital In today’s digital world, the rules of customer engagement are changing – and card issuers must develop their digital capabilities, including identity resolution, to keep pace. Cardholders enjoy (and expect) the convenience of being able to apply for credit, track their purchases, make payments and view their monthly statements on-the-go. Another popular phenomenon? Digital wallets. Also known as e-wallets, these house digital versions of credit or debit cards and are stored in an app or a mobile device. Digital wallets can be used in conjunction with mobile payment systems, allowing customers to store digital coupons and pay for purchases with their smartphones. Financial institutions that digitally transform and adapt to these new dynamics can more efficiently service and retain their customers. Prioritize fraud prevention As customers’ affinity for e-commerce rises and cyberthieves grow smarter and more sophisticated, card issuers must improve their security measures and increase their focus on cutting-edge fraud management solutions. Not only should you be familiar with the many ways that criminals steal customer payment information, but you should ensure customers that you have multiple lines of defense against cyber threats. Many financial institutions have added digital “on/off switches,” allowing customers to remotely turn off their credit or debit card should they have misplaced it or suspect that they’re a victim of identity theft. With credit card fraud being the most prevalent in identity theft cases, failing to properly safeguard your customers impacts not only their experience but also your ability to grow revenue. Create a single customer view A single customer view is a consolidated, consistent and holistic representation of the data known by an organization about its customers. And according to Experian research, 68% of businesses are currently attempting to implement this type of strategy. By achieving a consolidated customer view, you can attain better consumer insight and fully understand your cardmembers’ needs and buying preferences. Careful tracking of all customer interactions enables you to target more accurately and implement effective marketing strategies. Provide incentives According to Experian research, 58% of consumers select credit cards based on rewards. The top incentives when selecting a rewards card include cashback, gas rewards and retail gift cards. Rewarding loyalty with ongoing benefits goes a long way to encourage customers to keep your credit card top of wallet but it’s also important to figure out what works – and what doesn’t. Bonus tip: Optimize credit limit management Managing credit limits is just as important as setting optimal credit limits from the get-go. Consumer credit needs will evolve over time along with their income and ability to pay. The key here is being able to identify qualified customers who can take on higher spending limits and also have a need. Leveraging advanced analytics models and a proactive credit limit management strategy can help you uncover areas of opportunity to increase wallet share and push your card toward that coveted top-of-wallet spot — or remain there. We recommend reviewing your credit limits at a regular cadence, but especially ahead of periods of increased spending such as the holiday season. In today’s competitive marketplace, getting your credit card top of wallet isn’t easy. That’s why we’re here to help. Experian’s comprehensive view of consumer credit data and best-in-class account management solutions help you target higher-spending customers and promote top-of-wallet use. Learn more

Evolution of first-party fraud to third Third-party and first-party schemes are now interchangeable, and traditional fraud detection practices are less effective in fighting these evolving fraud types. Fighting this shifting problem is a challenge, but it isn’t impossible. To start, incorporate new and more robust data into your identity verification program and provide consistent fraud classification and tagging. Learn more>

Part four in our series on Insights from Vision 2016 fraud and identity track It was a true honor to present alongside Experian fraud consultant Chris Danese and Barbara Simcox of Turnkey Risk Solutions in the synthetic and first-party fraud session at Vision 2016. Chris and Barbara, two individuals who have been fighting fraud for more than 25 years, kicked off the session with their definition of first-party versus third-party fraud trends and shared an actual case study of a first-party fraud scheme. The combination of the qualitative case study overlaid with quantitative data mining and link analysis debunked many myths surrounding the identification of first-party fraud and emphasized best practices for confidently differentiating first-party, first-pay-default and synthetic fraud schemes. Following these two passionate fraud fighters was a bit intimidating, but I was excited to discuss the different attributes included in first-party fraud models and how they can be impacted by the types of data going into the specific model. There were two big “takeaways” from this session for me and many others in the room. First, it is essential to use the correct analytical tools to find and manage true first-party fraud risk successfully. Using a credit score to identify true fraud risk categorically underperforms. BustOut ScoreSM or other fraud risk scores have a much higher ability to assess true fraud risk. Second is the need to for a uniform first-party fraud bust-out definition so information can be better shared. By the end of the session, I was struck by how much diversity there is among institutions and their approach to combating fraud. From capturing losses to working cases, the approaches were as unique as the individuals in attendance This session was both educational and inspirational. I am optimistic about the future and look forward to seeing how our clients continue to fight first-party fraud.

What the EMV Shift means for you I recently facilitated a Webinar looking at myths and truths in the market regarding the EMV liability shift and what it means for both merchants and issuers. I found it to be a very beneficial discussion and wanted to take some time to share some highlights from our panel with all of you. Of course, if you prefer to hear it firsthand, you can download the archive recording here. Myth #1: Oct. 1 will change everything Similar to the hype we heard prior to Y2K, Oct. 1, 2015, came and went without too much fanfare. The date was only the first step in our long and gradual path to EMV adoption. This complex, fragmented U.S. migration includes: More than 1 billion payment cards More than 12 million POS terminals Four credit card networks Eighteen debit networks More than 12,000 financial institutions Unlike the shift in the United Kingdom, the U.S. migration does not have government backing and support. This causes additional fragmentation and complexity that we, as the payments industry, are forced to navigate ourselves. Aite Group predicts that by the end of 2015, 70 percent of U.S. credit cards will have EMV capabilities and 40 percent of debit cards will be upgraded. So while Oct. 1 may not have changed everything, it was the start of a long and gradual migration. Myth #2: Subscription revenues will plummet due to reissuances According to Aite, EMV reissuance is less impactful to merchant revenues than database breaches, since many EMV cards are being reissued with the same pan. The impact of EMV on reoccurring transactions is exaggerated in the market, especially when you look at the Update Issuer provided by the transaction networks. There still will be an impact on merchants, coming right at the start of the holiday shopping season. The need for consumer education will fall primarily on merchants, given longer lines at checkout and unfamiliar processes for consumers. Merchants should be prepared for charge-back amounts on their statements, which they aren’t used to seeing. Lastly, with a disparate credit and debit user experience, training is needed not just for consumers, but also for frontline cashiers. We do expect to see some merchants decide to wait until after the first of the year to avoid impacting the customer experience during the critical holiday shopping season, preferring to absorb the fraud in the interest of maximizing consumer throughout. Myth #3: Card fraud will decline dramatically We can look to countries that already have migrated to see that card fraud will not, as a whole, decline dramatically. While EMV is very effective at bringing down counterfeit card fraud, organized crime rings will not sit idly by while their $3 billion business disappears. With the Canadian shift, we saw a decrease in counterfeit card loss but a substantial increase in Card Not Present (CNP) fraud. In Canada and Australia, we also saw a dramatic, threefold increase in fraudulent applications. When criminals can no longer get counterfeit cards, they use synthetic and stolen identities to gain access to new, legitimate cards. In the United States, we should plan for increased account-takeover attacks, i.e., criminals using compromised credentials for fraudulent CNP purchases. For merchants that don’t require CVV2, compromised data from recent breaches can be used easily in an online environment. According to Aite, issuers already are reporting an increase in CNP fraud. Fraudsters did not wait until the Oct. 1 shift to adjust their practices. Myth #4: All liability moves to the issuer EMV won’t help online merchants at all. Fraud will shift to the CNP channel, and merchants will be completely responsible for the fraud that occurs there. We put together a matrix to illustrate where actual liability shifts and where it does not. Payments liability matrix Note: Because of the cost and complexity of replacing POS machines, gas stations are not liable until October 2017. For more information, or if you’d like to hear the full discussion, click here to view the archive recording, which includes a great panel question-and-answer session.