For the first time in recent years, credit card fraud -- which remains the highest fraud type for online retailers -- has dropped from 59 percent of total fraud found in the 2016 holiday week to 42 percent of total fraud found in 2017 the holiday week. This represents a 29 percent decrease from last year’s four-day holiday weekend and demonstrates that online retailers are making strides in their ability to identify and prevent card-not-present (CNP) fraud which has been on the rise since brick and mortar retailers have increased their adoption of EMV card technologies.

Data from iovation also showed that consumers are doing more of their holiday shopping online in general, with transactions occurring solely on Black Friday and Cyber Monday falling over the past several years. This is the result of a shift in sales strategy from online retailers, who are now extending promotional deals beyond the holiday shopping weekend. iovation’s data shows that 62 percent of consumer’s online retail transactions from Black Friday to Cyber Monday originated from mobile phones/tablets, compared to 55 percent from last year’s holiday season, continuing an increase in m-commerce during the holidays and year-over-year.

“We can infer a number of trends through the analysis of billions of e-commerce transactions processed through our FraudForce platform. Most notable among these is that online retailers who leverage device intelligence are making significant inroads when it comes to proactively preventing card-not-present fraud,” said Greg Pierson, CEO and co-founder for iovation. “This type of fraud not only cuts into their bottom line results, it can cause irreparable harm to their brand so this is a meaningful improvement.

iovation also conducted a survey of more than 1,000 consumers across four generations to better determine how knowledge of fraud affects online behavior. While 83 percent of respondents understand how to protect themselves online - using a credit card rather than a debit card for online purchases, monitoring credit scores regularly and shopping at well-known retailers - consumers across all demographic groups continue to exercise poor password hygiene.

On the topic of consumer behaviors, Pierson said, “attitudes towards online shopping shows that consumers are becoming better educated about how to protect themselves online. However, they remain largely complacent as it relates to their password hygiene, which is why we are seeing a steady rise in identity theft and account takeovers.”

While currently serving as consumers’ primary means of authentication, passwords frequently fail when it comes to both user experience and security. And despite these shortcomings, vulnerable passwords are firmly ensconced in today’s online experience. Of those surveyed, 60 percent of consumers say they are not changing their passwords regularly (less than every 6 - 12 months) and of greater concern, close to 70 percent of consumers say they use the same password across multiple sites, meaning that a hacker can easily take over multiple consumer accounts with just a single compromised credential.

A shift from static, password-based authentication to frictionless, multi-factor authentication is crucial to combat today’s escalating threat environment. Multi-factor authentication combines the best of user experience and heightened security for businesses, using context to determine how trustworthy the user is, and as a result, the appropriate level of authentication required. Simply, dynamic authentication makes the right things easy and the wrong things more difficult, providing additional or less layers of authentication when needed.