Securing China's e-commerce growth
BETWEEN June 2011 and 2012, China's Internet population reached 538 million, of which some 194 million had shopped online. Online retail sales in China have soared in recent years and are expected to hit $360 billion by 2015 - up from about $121 billion in 2011 - according to The Boston Consulting Group.
Impressive as the numbers are, there's another set of statistics that's even more striking: Nearly onethird of the online shoppers in China fell prey to fraudulent websites during that period, costing them $4.7 billion, according to the China Electronic Association.
The tricks deceptive online sellers use to swindle unsuspecting customers are many. But cyber-crime spans many more fraudulent activities than just deceptive sellers. Without safeguards against the peddling of counterfeit goods, bogus websites, stolen payment card data and other tricks of the trade, cybercrime can erode consumer confidence and stifle legitimate online business. The good news is that both the will and the means to deal with the problem exist.
The Ministry of Commerce recently announced it would introduce more specifications to better guide the development of e-commerce in the country. And the pub-
Commerce lic and private sectors are exploring ways to further build trust, integrity and security in the burgeoning industry.
At the World Economic Forum in Tianjin, a multi-stakeholder group called Partnership for Cyber Resilience Initiative shared its best practices on cyber risk and security with members of the government and business. In July, the Payment and Clearing Association of China hosted a symposium that was supported by the People's Bank of China and co-sponsored by Visa and China Union Pay on how to secure payment systems, with ecommerce featuring prominently.
Another initiative, the China eCommerce Protection Task Force, is taking shape. Industry stakehold- ers, including banks, payment service providers, payment systems and brand owners will share information on emerging threats in intellectual property infringements and payment fraud. They will coordinate efforts between the owners of brands, whose products are being counterfeited, and the payments industry to mitigate illegal activities.
As technology and the Internet broaden our reach into other markets and segments of society, they also broaden the opportunity for criminals to act. Cyber-criminals are becoming increasingly sophisticated and can launch an attack from anywhere. According to security firm Symantec, 90 percent of online breaches involve organized crime targeting corporate information.
What's most worrying about online fraud is that it is becoming harder for merchants to detect, according to my colleague, Michael Bradley, who is the Asia-Pacific managing director of CyberSource. A Visa company, CyberSource is one of the world's largest providers of e-commerce payment management solutions with some of the best-in-class fraud management services for merchants. The CyberSource 2012 Online Fraud Report indicates that about 50 percent of online merchants say that fraud today is "cleaner", meaning that fraudulent orders look like valid orders.
The consequences of cybercrime can be especially damaging for emerging e-commerce markets, where maintaining trust in the system is needed to underpin the growth of the industry. That's why an increasing number of banks, merchants, and payment service providers in China are investing in security and fraud management systems. According to Barclays Capital, e-commerce in China grew by 66 percent from 2010 to 2011, and the growth will continue. But a growing e-commerce market also causes a sharp increase in cyber-crime. China will have to cooperate on a global level to tackle issues specific to its market that have global ramifications and global threats that have local implications.
Protection needs to be in place for everyone, starting with con- sumers, if China's e-commerce industry is to grow as it can and should. Partnerships such as the China eCommerce Task Force will be instrumental, as will be the individual solutions of each constituent. Payment service providers interested in joining the group should contact Visa. The data flowing through merchants should be protected so that, if it is compromised it cannot be reused to commit fraud. "Tokenization" and hosted payment acceptance services are two excellent ways to limit the data at risk and remove both merchants and consumers out of harm's way.