Share
In a little over a year, North America will play host to the 2026 FIFA World Cup. And, with concerns already mounting around the logistical red tape that comes with 5.5 million soccer fans expected to descend on 11 U.S. cities, banks have been warned they should beef up their fraud protection ahead of the hundreds of millions of additional transactions leading up to and during the tournament.
The FIFA World Cup (the most watched sporting event in the world) will take place from June 11 to July 19, 2026, across 16 cities in three North American countries, with the majority of matches taking place in the United States.
Businesses are gearing up to handle the significant increase in activity before, during and after the tournament. But it’s not just the volume of transactions that will increase. Banks, payment processors and merchants must ensure they are adequately prepared for the influx of international payments as well as the inevitable increase in fraud attempts that come with these mega events.
Questions must be asked about how to identify fraudulent activity while still allowing legitimate payments to be rapidly processed. Allowing visitors to endure a poor experience with declined transactions is not acceptable. But neither is asking your merchants to accept the costs that come with inadequate fraud protection.
Lessons from Qatar
Mega events, like the FIFA World Cup, are a prime target for fraudsters and cybercriminals. During the 2022 FIFA World Cup in Qatar the volume of malicious emails with the aim of financial fraud doubled across the Gulf countries.
Despite Qatar’s investment of $1.1 billion in cybersecurity, hackers were still able to set up fraudulent websites for hotel bookings and other services, diverting funds from legitimate local businesses and leaving visitors stranded without their intended accommodations.
Fraudulent transactions in the form of “carding”— in which stolen credit card details are sold on dark web marketplaces — also soared. These stolen card credentials, which may also be collected from fake, FIFA-themed websites, were used to make unauthorized transactions and book flight tickets and hotel accommodations. The syndicates were so sophisticated they even provided services to cash out money from the stolen cards, using prepaid gift cards to cover their tracks.
U.S. banks lag other markets with 3-D Secure and more
One of the major hurdles to preventing crime spikes will be the current state of e-commerce fraud detection systems. In particular, the adoption of 3-D Secure (3DS) authentication has been slower in the U.S., leaving banks with limited data on card transactions to identify potential card-not-present (CNP) fraud. This could allow fraud to go undetected, leaving merchants vulnerable to costly chargebacks and lost sales due to false declines.
What’s more, in many regions, including Europe and parts of Asia, 3DS is mandatory, and consumers are accustomed to its protection. When a foreign cardholder from a region where 3DS is mandated tries to make a purchase at a non-participating U.S. merchant, their issuing bank may have a higher likelihood of declining when there is no authentication code included with the authorization request, leading to frustration for both the customer and the merchant.
The lack of consistent payment experience could lead to visitors mistrusting the process and even distrusting the merchants. Additional queries on false declines could also flood bank call centers with frustrated cardholder queries, all of which will put a real dent on what should be a business bonanza.
Biometrics, FIDO and in-app alerts create secure, frictionless payments
To mitigate these challenges, U.S. banks, payment processors and merchants must take proactive steps to ensure a smooth and secure payment experience for both domestic and international customers. One way to achieve this is by adopting frictionless authentication systems that seamlessly verify the cardholder’s identity while reducing the customer’s involvement in the process.
Innovative technologies such as browser ID, and extensive risk data can provide secure authentication without the need for additional actions from customers. By utilizing real-time, context-aware authentication, banks can assess the risk of a transaction based on factors like location, device, and historical behavior.
Personalized authentication experiences that tailor the most appropriate authentication method to each customer (while taking into consideration risk levels and customer-preferred authentication methods), will help ensure that transactions are processed securely while minimizing the friction often associated with traditional authentication methods.
U.S. banks should also urgently consider adopting more secure methods than traditional one-time passcodes (OTPs), which are increasingly vulnerable to social engineering attacks. Biometrics, FIDO passkeys, and in-app notifications with transaction details are becoming the gold standard for secure authentication. By investing in these technologies, banks can significantly reduce fraud risks while enhancing the overall user experience for cardholders.
Collaboration will be key
While there is not much time before the world descends on U.S. businesses, there is still time to take action. Merchants should, at the very least, take advantage of 3DS, which will access more advanced risk insights from the bank’s data and move the liability for fraud from themselves to banks.
Issuing banks, meanwhile, should be taking advantage of advanced risk-based authentication solutions that draw on data insights from global consortia with billions of transactions, providing insights into transactions, devices and cardholders.
The 2026 FIFA World Cup presents a unique opportunity for the U.S. financial sector to demonstrate its readiness and ability to safeguard payments during one of the largest global events. By embracing advanced fraud detection technologies and adopting secure payment practices, banks can ensure that the millions of international visitors experience a seamless and secure payment journey. Now is the time to ensure that The Beautiful Game isn’t marred by an explosion of fraud, lost revenue and frustrated visitors that could have been prevented.
Frank Moreno is Chief Marketing Officer at Entersekt.
Join our community to unlock exclusive content, connect with industry experts, and gain access to valuable resources that will help you stay ahead.
