Press Releases

13.1 Million Identity Fraud Victims but Less Stolen in 2015, According to Javelin

EMV Drives Changes in Fraud Types; New Account Fraud Doubles

18% of Fraud on U.S. Consumers' Cards Committed Internationally

Consumers Who Don't Trust their Financial Institutions Significantly Increase their Risk of Fraud

SAN FRANCISCO – The 2016 Identity Fraud Study released today by Javelin Strategy & Research (@JavelinStrategy), revealed that the number of identity fraud victims increased by three percent (13.1 million consumers) in the U.S. last year, but that the amount stolen decreased by six percent to $15 billion. The study found that the rise of EMV has already had a significant impact on fraudsters' behavior and doubled the incidence of new account fraud. The study also found that many consumers who do not trust their financial institutions are engaging in behavior that enables fraudsters to use their information for 75 percent longer.

Fraud Victims Remain Steady, But Losses Decline in 2015

The annual 2016 Identity Fraud Study is a comprehensive analysis of identity fraud trends, independently produced by Javelin and made possible by LifeLock, Inc., a leading provider of proactive identity theft protection services for consumers. Now in its thirteenth consecutive year, it is the nation's longest-running study of identity fraud, with 64,000 respondents surveyed since 2003.

The 2016 Identity Fraud Study found four significant trends:

  • More identity fraud victims, less stolen – The number of identity fraud victims was at its second highest level in six years, but the amount stolen was at its lowest point in the past six years. Identity fraud is a serious issue as fraudsters have stolen $112 billion in the past six years. That equals $35,600 stolen per minute, or enough to pay for four years of college in just four minutes.
  • EMV drives a doubling of new account fraud – In 2015 the U.S. switched to EMV, which is designed to reduce in-person fraud and the profitability of counterfeit card operations. Fraudsters have reacted by moving away from existing card fraud to focus on new account fraud. This drove a 113 percent increase in incidence of new account fraud, which now accounts for 20 percent of all fraud losses.
  • Consumer choices negatively impacting fraud detection – The study found those consumers that do not trust their financial institutions and do not take advantage of the services offered by them are setting the stage for more damage if they become fraud victims. The study found consumers that do not trust their financial institutions are less likely to use transaction monitoring, email alerts, credit freezes and black market monitoring. This results in their information being used for 75 percent longer by fraudsters and incurring a 185 percent greater mean consumer expense than those victims that have high trust in their financial institutions.
  • U.S. consumer data being used for fraud internationally – Identity fraud is a global issue. The study found that 18 percent of the identity fraud using U.S. cards, or $2.4 billion, was conducted outside the U.S. There was an average of $1,585 per incident, although for most consumers there was no out of pocket cost as the major issuers offer $0 liability. Issuers are doing a good job of quickly detecting this type of fraud. They are proactively detecting 69 percent of these cases.

"Fraud is evolving at a frantic pace although the amount of fraud has been relatively flat over the past four years. This just shows that when the industry cracks down on one type of fraud, criminals quickly shift their attack vector and area of operation," said Al Pascual, senior vice president, research director and head of fraud & security, Javelin. "The study this year reinforced that with industry, technology and consumers working in concert, people can best fight back against the fraudsters. The worst thing consumers can do is lose trust in their financial institutions and stop playing an active role in working to detect fraud. Taking a back seat will increase their risk and the damage that occurs if they are fraud victims in the future."

Methodology

Identity fraud is defined as the unauthorized use of another person's personal information to achieve illicit financial gain. Identity fraud can range from simply using a stolen payment card account, to making a fraudulent purchase, to taking control of existing accounts or opening new accounts.

In 2015, Javelin conducted an address-based survey of 5,111 U.S. consumers to assess the impact of fraud, uncover where fraudsters are making progress, explore consumers' actions and behaviors, and identify segments of consumers most affected by fraud.

Seven Safety Tips to Protect Consumers

Javelin recommends that consumers work in partnership with institutions to help minimize their risk and impact of identity fraud. The following is a seven-step approach for consumers to follow:

  1. Secure your mobile device – As consumers transition more of their financial lives to smartphones and tablets, these devices have become high-profile targets for both cybercrooks and thieves alike. To help protect against criminals from getting their hands on valuable personal information, apply software updates (patching known vulnerabilities) as soon as they become available, and take advantage of the security capabilities built into Android and iOS devices, such as protecting the device with a passcode or biometric (such as a fingerprint), and the ability to encrypt and remotely wipe the contents of the device in the event it is stolen.
  2. Exercise good password habits – Passwords have remained the de facto first line of defense for most online accounts, which has motivated criminals to compromise them whenever possible. Using strong, unique, regularly updated passwords helps reduce the value to fraudsters of passwords stolen in a data breach or through malware. Password managers can provide a convenient way to manage good password hygiene without resorting to writing them down, which could also place them at risk of physical compromise.
  3. Place a security freeze – If you are not planning on opening new accounts in the near future, a freeze on your credit report can prevent anyone else from opening one in your name. Credit freezes must be placed with all three credit bureaus and prevents everyone except for existing creditors and certain government agencies from accessing your credit report. While costs vary per state, typically each bureau costs below $20. Should you need to open an account requiring a credit check, the freeze can be lifted through the credit bureaus.
  4. Sign up for account alerts – A variety of financial service providers, including depository institutions, credit card issuers and brokerages, provide their customers with the option to receive notifications of suspicious activity. These notifications can often be received through email or text message, making some notifications immediate, and some go so far as to allow their customers to specify the scenarios under which they want to be notified, so as to reduce false alarms.
  5. Take data breach notifications seriously – One in five data breach victims suffered fraud in 2015, rising notably from one in seven in 2014. While data breaches at retailers are an issue, the number of data breaches at government agencies and healthcare organizations grew dramatically in 2015. As a result, 64 percent more Social Security Numbers were exposed this year, and there was a 110 percent increase in data on medical records made available to fraudsters.
  6. Seek help as soon as fraud is detected – The more immediate a financial institution, credit card issuer, wireless carrier or other service provider are notified that fraud has occurred on an account, the sooner these organizations can act to limit the damage. Early notification can also help limit the liability of a victim in some cases, as well as allow more time for law enforcement to catch the fraudsters in the act.
  7. Be alert for international transactions – Some financial institutions offer alerts for international transactions. Regardless of whether they do so or not, you should always let your financial institution know when you are planning to leave and return to the country if you are crossing borders. This can serve the dual purpose of preventing fraud while remaining home and preventing transactions from being declined while you are overseas.

Additional Consumer Resources

To report incidents of suspected fraud or identity theft, visit the FTC online at:

http://www.ftc.gov/faq/consumer-protection/report-identity-theft

For a video of the 2016 identity fraud trends, visit: https://youtu.be/4MUL82B0Eng

For an infographic of the 2016 identity fraud data, visit: https://www.slideshare.net/JavelinMktg/identity-fraud-in-2015-131m-fraud-victims-but-less-stolen

About Javelin Strategy & Research
www.javelinstrategy.com
Javelin Strategy & Research (@JavelinStrategy), a Greenwich Associates LLC company, provides strategic insights into customer transactions, increasing sustainable profits for financial institutions, government, payments companies, merchants and other technology providers. Javelin’s independent insights result from a uniquely rigorous three-dimensional research process that assesses customers, providers, and the transactions ecosystem.

###

All trademarks are the property of their respective owners.