Rainstar | E+ | Getty Images
It’s a scenario most people have encountered: you try to make a big or unexpected purchase on your credit card, and, at the moment you need it the most, the card gets declined.
Sometimes, it’s as simple as confirming the purchase via text message, and you can quickly complete the transaction. Other times, it’s a days-long process that involves confirmation codes, mailed letters and waiting on hold with the card company to validate that it was indeed you who wanted to buy the product.
The rate of fraud alerts is “absolutely” going up, according to Deloitte U.S. risk & financial advisory principal Satish Lalchand.
It can’t be ignored, because many of the alerts are not false alarms.
About 60% of credit card holders in 2023 experienced some sort of attempted fraud, according to Experian.
“Fraud in general across all channels, whether it’s check fraud, credit card fraud payments, the peer-to-peer payments, everything, is significantly increasing at a very rapid pace,” Lalchand said.
Global card losses attributed to fraud reached $33 billion in 2022, according to payments industry research company Nilson Report, with the U.S. market representing roughly 40% of losses. It has forecast a persistent threat that could reach nearly $400 billion in card fraud in the decade to 2032.
AI is part of the problem, but it is also part of the solution at companies including Visa.
“What’s driving a lot of this type of fraud, is the fraudsters themselves are using AI in general,” Lalchand said. “So, they are able to now move much faster.”
In the past, cybercriminals could open five to ten accounts a day. Now, it’s hundreds, if not thousands of accounts, thanks to advancements in artificial intelligence.
But at the same time AI is helping to detect potentially problematic transactions, with the downside of many cases turning out to be false alarms.
“When we come down to credit cards, financial institutions are investing more in the concept of fraud and fraud modernization, replacing older technology and having better fraud detection capabilities, and retuning their alerts,” Lalchand said. “That’s also causing a lot more on the detection side to go up.”
More personal data is being stolen
Michael Bruemmer, Experian vice president and head of its global data breach resolution and consumer protection division, says a lot more fraud is being done in other ways than stealing your credit card number, using other portions of your financial background, identity background, social security number.
Just in the past five months, there have been four major data breaches including Ticketmaster, Change Healthcare, AT&T and National Public Data. More data breaches can lead to more scrutiny and more preemptive alert protocols, although they are often not the main reason for alerts, according to Experian.
There is some good news. Overall, the rate of false purchases on credit cards is actually decreasing, according to Experian. There have been 416,582 cases of credit card fraud that have been perpetrated in 2024. It’s down 5.4% versus 2023.
AI’s ability to detect patterns based on previous behavior has helped. While you may still get credit card blocks on purchases that seem out of the ordinary, technology has improved fraud alerts in other ways. MasterCard said it’s observed on average a 20% increase in its ability to detect fraud thanks to AI, and up to 300% increase in its ability to detect fraud without more false alerts. Mastercard declined to provide statistics on the absolute level of fraud and overall accuracy of fraud detection.
On Thursday, Mastercard announced the acquisition of payment fraud company Recorded Future, which it already partners with to help identify cards that have been compromised.
“We’ve come such a long way to actually reduce the friction out there,” said Johan Gerber, Mastercard executive vice president and head of security solutions.
Take for example, travel plans and making purchases in a foreign country. Before, people would have to call the credit card company. Now, card companies automatically note vacations and travel patterns based on past purchase behavior. Technology has also made it faster to identify and clear flagged fraud alerts if it is indeed a false alarm. Instead of having to call and wait on hold, in many cases verification can be done in a matter of minutes through authorized related accounts or through information only the individual cardholder would know.
Tips to cut down on unnecessary alerts
Today, some scenarios will raise concerns within current security parameters. Experian notes that while data breaches may turn up the dial on fraud alerts, it’s actually changes in shopping patterns that are guaranteed to set off red flags. If you’re buying something at a new store or purchasing a big ticket item that you don’t usually buy, that’s typically something that will be noted. MasterCard also said trying multiple transactions quickly in a row will always alert their systems. So, you can expect these will usually garner some sort of temporary block.
“It’s a balance,” Gerber said. “Do I want to be inconvenienced? Do you potentially want a transaction that [MasterCard] may get wrong because [we] declined you? Or do I want to sit on the other side of the loss of trust in that [we] actually did let a transaction through and you should have known it’s not me.”
Other things you can do to ensure that you get mostly accurate fraud alerts is to sign up for monitoring services and personally set limit alerts on your accounts. Most institutions will let you place monetary limits on when you can get notified about big transactions. Freezing your credit file, using a password manager and using two-factor authentication for your financial accounts with a biometric passcode can also be beneficial.
“Try to shop on regular, reputable shopping sites, and if you’re going to use a credit card, have a low-level limit credit card that’s only used for those shopping sites,” Bruemmer said. “I would also recommend using a tap-to-pay or a mobile app and then make sure you’re not shopping on a public Wi-Fi network.”
And, even if the alerts may be annoying, never ignore them. Even though it may seem like you get notice of a data breach every day, it doesn’t mean you won’t eventually be affected.
“Consumers should pay attention to all of this, because it’s just a matter of time … they will be impacted,” Lachland said.