As the retail world’s center of gravity shifts to the cloud, payment card fraud has followed suit. According to Verizon’s retail vulnerabilities study, attacks against e-commerce applications are by far the leading cause of retail data breaches. This trend mirrors similar outcomes in other industries, like food service. A complimentary Verizon study finds remote attacks against food service operators on the rise, as well.
In both industries, the swing to card-not-present (CNP) fraud has been sudden and swift. Verizon’s data shows an utter collapse in retail point-of-sale (POS) attacks as a share of total breaches in the past six years — from roughly 80% in 2014 to less than 10% in 2019. Web application attacks have filled the void, rising from less than 10% in 2014 to about 50% in 2019. In food service, point-of-sale attacks declined from a roughly 90% share to a sub-20% share.
Customers’ expectations haven’t kept up. According to a survey by Money Crashers, a personal finance publication, 52% of consumers aren’t concerned with the security of the payment apps they use every day. Just 30% have held off on downloading a payment app over security concerns.