New Marqeta research into consumer behavior shows that many consumers in the United States and the United Kingdom are unprepared for an accelerated transition to digital payments. Even as the bottom line cost of fraud to financial institutions declines worldwide, U.S. and U.K. consumers still reported being victimized in growing numbers.
A survey of 4,000 people done by Propeller Insights on Marqeta’s behalf, found that 42% of respondents had experienced a fraudulent transaction, and one in five respondents had experienced a fraudulent transaction in the past 12 months.
These results are higher than a survey conducted last year by the Mercator Advisory Group, which found that 29% of U.S. consumers reported a card lost, stolen, or fraudulent charges in 2019 — and are all the more worrisome given the ready availability of digital wallets and other technologies that minimize fraud.
The rise in the personal experience of fraud in an era of enhanced digital security is leaving a wake of confusion and frustration. Three out of five respondents (63%) said they don’t accept fraud as inevitable.
To a degree, this is good news for the tech industry, which has developed technologies like digital wallets that make it much more difficult for fraudsters to obtain personal payment information. But the survey also revealed the industry’s conundrum — fear of fraud is preventing people from adopting the very solutions that could decrease their risk. Eighty percent of respondents to Marqeta’s survey thought, incorrectly, that a physical card is safer than a mobile wallet. At the same time, over half (54%) said the risk of fraud made them less likely to try newer payment technology, like mobile wallets. A lot of people are turning away from new technology altogether when dealing with fraud: 57% of consumers said they called a customer helpline when dealing with fraud, while just 16% said they used their bank app.
What we have, seemingly, is a failure by the tech industry to educate consumers on technologies like tokenization that lie at the foundation of digital payment security. When a payment card is tokenized and inserted into a digital wallet on a mobile device like a smartphone or smartwatch, it loses its value for fraudsters. The primary account number (PAN) that is the target of counterfeiting or card-skimming schemes is replaced with an algorithmically generated string of data known as a token. When the card is presented for payment, the cardholders’ PAN is not exposed. Instead, two strings of data are transmitted: the token and a dynamically generated cryptogram that functions as the card verification value, or the three-digit security code printed on most payment cards. The PAN is not stored on their device, the merchant’s servers, or the servers controlled by their wallet provider.
This is exactly the payment scenario that the majority of survey respondents said they preferred. When asked by Marqeta, 77% of respondents said they would choose to shop at a merchant who did not store their information in favor of one that did. Indeed, 75% said they would be willing to manually enter their payment information repeatedly rather than have it stored by a merchant, indicating that the extra one-time step of loading a payment card in a digital wallet would not be a hurdle if the security benefits were better known.
It is time for the tech industry to start spreading the word, not only about digital wallets but also about the advanced security mechanisms provided by modern card issuing that are contributing to the emergence of a new ecosystem of trusted payments. For example, features like dynamic spend controls are powering online grocery and meal delivery by enabling companies like DoorDash and Instacart to give payment cards to their employees. Single-use virtual cards are facilitating point-of-sale lending and small business loans.
Modern card issuing platforms like Marqeta record fraud rates that are significantly below the rates of the general payment card industry. All signs point to a future of enhanced payment security, where the consumers themselves are the weakest link.
Marqeta’s survey reinforces this impression. Roughly half of all people affected by fraudulent transactions didn’t know their card was missing when the transaction occurred (52% of U.S. respondents and 46% of U.K. respondents). Less than half of people said they canceled a card immediately after they noticed that it was stolen or missing (48% of U.S. respondents and 36% of U.K. respondents).
But the tendency for people to make themselves an easy target for fraudsters is balanced by a willingness to take responsibility. A slight majority of respondents (51% of U.S. consumers and 57% of U.K. consumers) said they were more responsible than the banks for protecting themselves, and 52% said that they could be better at safeguarding their card information. By arming these consumers with better information, the tech industry can help these consumers help themselves.
We are living in a new era of electronic payments with built-in security and control. Consumers are right: payment fraud does not have to be inevitable. They can do more, and so can the tech industry.