AusPayNet fraud data highlights need for strengthened industry collaboration to embed fraud protection in payments system

MEDIA RELEASE

9 August 2023

AusPayNet fraud data highlights need for strengthened industry collaboration to embed fraud protection in payments system

Data released today by the payments industry self-regulatory body Australian Payments Network (AusPayNet) showed the fraud rate in 2022 was 57.5 cents per $1,000 spent, up slightly from 57.3 cents in 2021.

Fraud on payment card transactions increased by 16.5% on the previous year to $577 million, in line with the increase in total spending on cards, which was up by 16% to $1 trillion over the same period.

The data indicates that the fraud rate has stabilised since the introduction of the industry’s card-not-present (CNP) Fraud Mitigation Framework (CNP Framework) in 2019, with the 2022 fraud rate remaining well below the fraud rate of 75.0 cents per $1,000 spent in 2017.

CNP fraud involves valid card details being stolen and used to make purchases or other payments without the card being present at the point of sale, usually online.

CNP fraud accounted for 90% of all fraud on Australian cards in 2022, increasing by 14.4% from 2021 to $516.8 million, reflecting the sustained and rapid rise in e-commerce, which accelerated during the pandemic.

Figures show a reduction in domestic CNP fraud but an increase in overseas CNP fraud. This is suspected to be linked to transnational organised crime groups targeting Australians in phishing and shopping scams involving overseas merchants. AusPayNet is continuing to work with industry and government to mitigate scams via participating in the National Anti-Scam Centre Advisory Board and via our Economic Crime Forum.

The Report reveals that as Australia has emerged from COVID-19 restrictions, counterfeit/skimming fraud has increased by 30% to $7.1 million, which is likely attributable to the reopening of international borders, enabling the return of overseas travel and the re-entry of transnational organised crime.

Meanwhile, lost and stolen fraud has increased by 44.5% from 2021 to $41.8 million, similar to pre-pandemic levels. Figures for scheme card fraud show the most substantial increase in this type of fraud has occurred in fraud perpetrated overseas.

Cheque fraud decreased by 24% to $2.4 million. As cheque use continues to decline, the value of fraudulent transactions involving cheques will likely follow this trend.

AusPayNet CEO Andy White stressed that industry collaboration was the key to ensuring a resilient, reliable, and safe Australian payments system.

“Industry collaboration continues to affect the incidence of CNP fraud in Australia, so it is vital that all members of the payments ecosystem, including end-users, play a role by remaining alert to potential threats and taking steps to prevent fraudulent activities,” Mr White said.

“Collaboration across stakeholder groups is essential to heightening user awareness of their vulnerability to payment fraud,” he said.

“AusPayNet is committed to continued collaboration with the Australian Government, aligned to its Strategic Plan for Australia’s Payments System, to combat fraudulent activities and increase consumer awareness of their exposure to threats.”

The end of FY23 marked the fourth full year of operation of the industry’s CNP Framework, which requires merchants who consistently exceed agreed fraud threshold targets to strengthen customer authentication and apply other measures. The framework also encourages secure technologies such as real-time monitoring, machine learning and tokenisation.

AusPayNet sponsors the Economic Crime Forum (ECF), which brings together industry, law enforcement and government stakeholders to coordinate joint responses to economic crime, including scams, fraud, financial crime, and banking-related cyber incidents.

AusPayNet is also on the Advisory Board for the Government and ACCC’s National Anti-Scam Centre, which seeks to make Australia a harder target for international scammers.

In response to recent cyberattacks and data breaches, consumers and merchants are reminded of the steps they can take to protect themselves from ID theft, fraud, and scams, including:

• Only providing card details on secure and trusted websites – look for the locked padlock icon and be wary of offers that look too good to be true
• Treating unsolicited emails and text messages from strangers with suspicion – don’t click on the link provided or be tricked into divulging confidential data such as passwords
• Regularly checking statements and immediately reporting any unusual transactions to their financial institution
• Registering for, and using, their financial institution’s online fraud prevention solutions, whenever prompted
• Undertaking checks to ensure the online business with which they’re transacting is legitimate
• Using credit checking and monitoring services
• Always keeping PC security software up-to-date and doing full scans regularly.

It is also suggested that merchants:

• Use tools that help you authenticate your customers: a tool that supports risk-based authentication in the first instance, and strong customer authentication for transactions identified with a higher risk profile, is critical to reducing fraud
• Invest in tokenisation: merchants holding sensitive account holder information can become targets for fraud. Tokenisation replaces this information with a unique digital identifier (a token)
• Regularly speak to your acquirer and gateway providers about what you can do to secure your business.

The figures released today are available on the AusPayNet website. More information on AusPayNet’s CNP Fraud Mitigation Framework can also be found on the AusPayNet website.