Digitization has transformed the PoS functionality by recording and aggregating transactional data. However, PoS is also a major target for fraud, affecting in-store retail to e-commerce vulnerabilities. These include:Loyalty program fraud is endemic, particularly in emerging markets — for example, in Asia, where most purchases are by cash on delivery or by mobile applications, rather than a credit card.
Loyalty apps record a customer’s entire transactions, including cash transactions, and collect rich customer data for retailers regarding customer choices and behaviors, including bank account and location information. This valuable data attracts hackers.
Loyalty programs are also targeted by insider fraud, including abuse of points, offers and promotions. The employees involved do not pass on promotions to customers, or award themselves, friends or family extra points, with or without a purchase, in exchange for goods or cash.
Risk management functions need to consider that while risks associated with transactions are broadly similar, the scenario differs between regions, depending on cultural norms, shopping habits and levels of technology adoption. Safeguards and solutions must reflect this.
For example, developed economies are experimenting with facial recognition as part of the payment authorization. However, in emerging Asian economies, which are experiencing the highest growth in e-commerce, payments are mostly completed by cash on delivery, smartphone apps and prepaid cards. These are all transferable, not linked to bank accounts and do not require a credit reference.
Supply chain vulnerabilities
Inventory management and control systems that track and locate warehouse items and integrate with back-office systems (accounting or enterprise resource planning) — and often with PoS and asset management software — monitor stock levels and movements. However, CPR organizations are reporting incidents of fraud that are exposing loopholes in secondary and tertiary sales systems.