The push by MasterCard, Visa, and other systems to get retailers and consumers to use computer-chip cards instead of the old magnetic-stripe cards has had a classic unintended side effect:
It has forced more holiday-season thieves to abandon credit-card and debit-card fraud in favor of online-shopping fraud.
Radial, the King of Prussia firm whose 20,000-plus seasonal workers help manage online and smartphone sales for retailers like Toys R Us and Dick's Sporting Goods that don't want to concede profits to Amazon.com, has given its store clients a Holiday Fraud Index report warning of peak fraud times, dates, countries, and sectors.
Among Radial's findings: that online fraud attempts using card numbers over phones or internet devices are up 30 percent in the last year.
In a separate report, Tom Byrnes, a senior executive at Oregon-based Vesta Corp., an online-retail adviser that counts eBay and AT&T as clients, said digital fraud is up even more - 44 percent from last year - for merchants whose products are wholly digital, such as software and movie vendors.
"It's crazy," said Michael Graff, risk-analytics manager at Radial. The new computer-chip and personal identification number ("chip and PIN") payment standard "has been forcing fraud to migrate from credit-card sales to online.
More than 1 percent of attempted online and mobile jewelry sales are to buyers using stolen or phony numbers, making it the most fraud-prone sector for retailers. Electronics is almost as bad. Sporting goods and home goods attract the least fraud.
One in six cross-border e-commerce sales to Venezuela is "attacked" by online fraudsters, causing stores to reject the sale. That's the highest rate in the world. Ghana and Nigeria, in English-speaking West Africa, also show high attack rates. So does Russia. Turkey and the United Arab Emirates are among the lowest-fraud countries.
Within the U.S., Delaware and Oregon are particular fraud centers. Both are no-sales-tax states, with plenty of warehousing, close to ports, making them popular among thieves who buy goods with phony cards, pick them up at convenient delivery points, and vanish.
Manipulating digital gift-card accounts to get online sale approval when the cards are no longer attached to actual cash goes up "10 times" the usual level during the holiday-shopping season, and is 25 times more likely than usual in the week before Christmas. By contrast, almost 98 percent of cards presented Christmas Day are legit, the lowest gift-card-fraud day of the year.
Less than 2 percent of international e-commerce sales on Cyber Monday turn out to be from fraudulent buyers, a lower rate than during the rest of the holiday season. "Maybe [thieves] are worried their orders won't fill as quickly" the Monday after Thanksgiving, a day well-known for high sales volumes, Graff volunteered.
Not all systems have yet adopted basic techniques like matching buyers' and user accounts' domain addresses, or online searches to confirm a user's digital presence, he said.
Thieves are constantly figuring out new approaches: "You need a layered defense."