Fraud costs UK SMBs £18bn year
Study finds UK consumers prioritise security, but companies must do more to protect themselves and safeguard revenue
- Average cost of fraud for small to medium-sized business is £3,450 annually
- 32% don’t spend any money at all on fraud prevention
- 55% of consumers say security is their highest payments priority
SMBs are losing £18bn every year to fraudulent transactions. According to a study by Sage Pay, more than a third (35%) of businesses have experienced fraudulent activity in the past year, with each losing an average of £3,450.
Despite 55% of consumers citing security as their top priority when it comes to payments, almost a third (32%) of businesses don’t spend any money on fraud prevention. This is all the more surprising given that the research also revealed the average investment on fraud prevention - £1,881 annually - is actually half the average cost of fraud.
Even some of the tools and checks that come as standard with payment gateways aren’t actually being used, with less than a quarter (22%) using CV2. Meanwhile 21% of businesses use in-house experts to tackle fraud.
The findings have been released as part of Sage Pay’s 2015 Payments Landscape Report, an in-depth study looking at trends in the payments industry.
While the UK is a world leader when it comes to e-commerce, fraud is still a growing and ever changing problem.
In general, the rise of tokenisation and contactless is reducing the possibility of skimming, merchant server attacks and use of counterfeit cards. However, as total card and online spending rises, scams and computer attacks are driving an increase in fraud. The latest figures from Financial Fraud Action UK show that fraud losses on UK cards totalled £450.4 million in 2013, a 16% increase on 2012. This represents 7.4p for every £100 spent.
“This study shows that fraud continues to be a major issue not just for the UK’s small businesses, but a big concern for consumers too,” said Sean Wilson, Managing Director of Sage Pay UK. “Ignoring it not only puts your business at risk, it can also drive away customers who are already sceptical about shopping online due to security concerns.”
“There seems to be a misconception about the value of investing in the tools and systems that will allow businesses to protect themselves against fraudulent activity, but our research makes it clear that it is very much worth the initial cost when you consider the potential savings. It’s also concerning that many businesses aren’t even using some of the free tools available to them – the industry needs to do more to educate SMBs on the risks.If businesses use secure systems and are more proactive in combating crime, they can attract more customers and ultimately safeguard their revenues.”
Sage Pay encourages businesses to take the following five key steps to reduce online stolen card and identity fraud:
- Analyse customer information and purchasing behaviour to assess a customer’s profile, order and delivery details before accepting a transaction
- Beware of orders that are placed late at night or early in the morning, and orders of high quantity or value, particularly if the product is easily resalable
- Always check that the delivery address is valid. You could use the banking industry’s Address Verification Service, which compares the delivery address provided for the order with the billing address details for the payment card held by the card issuer
- Invest in geo-location technology to find the shopper’s exact location, and help identify whether the order is coming from a high risk country. You can create rulebases which auto-block orders from these countries
- Maintain a fraud database to track breaches and help you close loopholes – criminals will continue to target a business until the window of opportunity is closed. Use tokenisation to avoid storing payment data that could be compromised by criminals
Sean Wilson adds: “These measures will go a long way to protecting merchants against online fraud via stolen cards and identity theft. The other key area to combat fraud relates to the security of websites in terms of cyber-attacks and data breaches to obtain customer card numbers.”
Find out more and download the report here www.paymentslandscape.com
Notes to editors
Sage Pay surveyed 1,000 UK business decision makers and 1,000 UK shoppers.
The interviews were conducted online by Redshift Research in January 2015 using an email invitation and an online survey. Quotas were set to ensure reliable and accurate representation of the total populations aged 18 and older. Results of any sample are subject to sampling variation.
About Sage Pay
Sage Pay is the UKI’s leading independent payment service provider (PSP) and is one of the most trusted payment brands. Every year Sage Pay processes billions of pounds worth of secure payments for its 50,000+ customers and makes the process of accepting payments online, over the phone, or in person simpler, faster, safer and more profitable for businesses.
Sage Pay is a subsidiary of FTSE 100 business management software and services company The Sage Group plc. For further information please visit: www.sagepay.com