The British Retail Consortium (BRC) has estimated that e-crime cost the UK retail sector £205.4m in 2011-12. What can retailers do about it?

Why are we talking about this now?

The BRC has today revealed a report estimating that online fraud cost the UK retail sector £205.4m in 2011-12. A large proportion of this - £111.6m – was due to legitimate business being rejected by e-crime prevention software. Internet sales represented around 10% of all retail spending in 2010-11 and were worth around £25bn in 2011. With online sales continuing to grow, tackling the problem is becoming increasingly more important.

What methods are criminals using?

The most common fraud experienced by retailers in 2011-12 was card-not-present fraud, where fraudsters get hold of the victim’s details and use them to buy goods without needing to have the card in their hand. Nearly 80% of UK retailers questioned in the BRC’s survey suffered from it regularly. The most costly problem to fix was ‘distributed denial of service attacks’ which involves cybercriminals overwhelming sites with high levels of traffic in order to crash them. The majority of fraud is domestic with around 86% of attacks originating in the UK.

What can retailers do about it?

Retailers already spend £16.5m a year on security provision, and half of those asked are contemplating trying new technologies to deal with e-crime. Third party screening, where technology firms are paid to screen purchases and prevent fraud, continue to be the most common and most expensive option at around 7p per transaction.

What is the Government doing?

Retailers have a number of concerns around the policing of e-crime, with few respondents to the report satisfied with the overall police response. They said few police forces regard e-crime as a priority and that national units such as the National Fraud Intelligence Bureau and the Police Central e-Crime Unit don’t have enough resources.

This leads to retailers often not reporting the crime. Respondents also said government doesn’t take the issue seriously enough and needs to provide more advice on the topic.

What else can be done?

The BRC advises retailers should share knowledge on e-crime, so a bank of evidence can be built up and problem areas highlighted. It says a common framework that identifies key threats would enable the continuing cost and impact to be measured, and suggests government should issue more advice and develop a centralised method for reporting and investigating e-crime.