Lynch said that banks and merchants will eventually need to move to more secure online payments that include multi-factor authentication, not just passwords.
Increases in online fraud "are going to raise the bar for authentication, and you'll see biometric techniques being used as the fraudsters evolve," Lynch said. "The companies that want to stop fraud know that they can't be the weak link."
InAuth works with four of the five largest U.S. banks, as well as many large retailers, to provide payment security products.
Among the biometric practices used for e-commerce payments is fingerprint authentication, which is available on some smartphones through the apps provided by major banks.
To protect online purchases made on laptops and desktops, many merchants rely on a one-time security code sent to a customer's smartphone, either by email or text. The user then types in the code when making a card purchase online.
But hackers have developed techniques to intercept those codes over text or email, "and it's not always the most secure," Lynch said.
InAuth has developed software that uses an encrypted channel to send a one-time code to a customer's phone.
Even with such products and enhanced biometric authentication, online card "fraud will never stop completely, but it should eventually reach a peak as companies put the right security in place," Lynch said. "But fraud never goes away."