Fraud, Bots and CAPTCHAs Put a Damper on Holiday Shopping
SAN MATEO, Calif., December 15, 2021 – PerimeterX, the leading provider of solutions that detect and stop the abuse of identity and account information on the web, conducted a comprehensive survey in November of 2,000 U.S. adult consumers to gauge public awareness of threats to online shopping, including e-gift card fraud, bots and CAPTCHAs.
Key findings included:
- 50% of respondents have had unauthorized transactions on their debit or credit card
- 51% of respondents who know what a bot is have used one to purchase a limited-edition item
- 36% of respondents who shop online have abandoned an online purchase after being hit with a CAPTCHA to prove they’re a human
“The accelerated digital transformation of merchants and other service providers has created a parallel increase in automated fraud,” cautions Brian Uffelman, vice president and security evangelist at PerimeterX. “While it starts with an individual transaction, at PerimeterX we advocate comprehensive account protection — the ability to secure consumers throughout the lifecycle of potential attacks by detecting and stopping the theft, validation and fraudulent use of their identity and account information on websites and mobile apps.”
Following is a detailed breakdown of survey results by topic.
E-gift Card and Automated Fraud on the Rise
Industry statistics estimate that 60% of all e-gift card transactions are fraudulent, yet consumer sentiment remains mixed on the topic. According to the PerimeterX survey, 63% of respondents were shocked by this statistic, yet only 45% said their fear of e-gift card fraud stops them from purchasing e-gift cards.
- 50% of those surveyed have had unauthorized transactions on their debit or credit card
- 35% were notified that their username and password may have been stolen
- 69% have had to change online account passwords as a result of a data breach, and 40% have done this multiple times
- 24% had an online account stolen, abused or taken over
- 24% had money stolen from them as a result of a data breach
Interestingly, only 31% of consumers surveyed said they lose sleep over identity theft.
“With credit card providers, financial institutions and other online service providers limiting consumers’ liability by assuming responsibility for fraudulent purchases and transactions, it’s really not surprising that consumers are taking identity theft in stride. This protection is a welcome and valuable benefit for consumers, and our survey results should be a clear reminder to those companies and brands with consumer-facing websites that their customers are relying on them to protect their identities and accounts — and there is more work to be done,” explained Uffelman.
Scalping Bots Come of Age
Almost half — 45% — of the survey respondents said they have tried to buy a limited inventory high-demand product, service or experience online and have been unsuccessful. These items include video game consoles, collectibles, concert tickets, campsite reservations and golfing tee-time slots.
Awareness and usage of bots is growing, evidenced by these findings:
- 53% said they know what a bot is
- 51% of respondents who know what a bot is said they have used one to purchase a limited-edition item, and 21% of those have done so multiple times
- 43% of those who have used bots used them to purchase hot new consumer items
- 39% of those who have used bots made restaurant reservations
Every consumer has at some point struggled with CAPTCHAs, which are used by web applications to confirm that they are a human and not a bot. When asked about their experiences:
- 36% of respondents said that being hit with a CAPTCHA would stop them from using a specific website
- 19% have stopped using websites because of this in the past
- 36% have abandoned an online purchase after being hit with a CAPTCHA to prove they’re a human and 23% have done so multiple times
These threats are increasingly significant, as reported in the recent study, Quantifying the Impact of Bad Bots on E-commerce Merchant Profitability, in which Aberdeen Strategy & Research found that up to 80% of an e-commerce retailer’s operational costs are negatively impacted by malicious bot activity. More details on scalping bots can also be found at Cyber 5: Return of the Bots.
PerimeterX is the leading provider of solutions that detect and stop the abuse of identity and account information on the web. Its cloud-native solutions detect risks to your web applications and proactively manage them, freeing you to focus on growth and innovation. The world’s largest and most reputable websites and mobile applications count on PerimeterX to safeguard their consumers’ digital experience while disrupting the lifecycle of web attacks. PerimeterX is headquartered in San Mateo, California, and at www.perimeterx.com.