A new type of payment fraud is emerging that targets bank customers online.
Authorized push payment fraud — where fraudsters trick people into voluntarily transferring money or providing credit card or other payment information over the phone or via digital channels — is accelerating globally.
In the U.K., APP fraud losses increased 5% to $675 million in 2020, with cases increasing by 22%. Typical scams include fraudsters pretending to raise funds for charity; fraudsters pretending to call from a bank or government agency; fraudsters posing as customer support and asking for personal information or for customers to download screen sharing apps; phishing scams via text or email that appear to be sent from legitimate companies; social engineering scams that advertise fake products or services that never arrive
These are just a few examples, but the tactics are ever-evolving. Often the fraud doesn’t stop with the initial transaction. Once a fraudster has your personal information, they can use it to initiate account takeovers and cause further downstream damage.
The COVID-19 pandemic was a catalyst for APP fraud, as millions turned to digital channels for commerce. Meanwhile, increased use of peer-to-peer payment apps like PayPal, Venmo and Zelle makes completing digital transactions easy and instantaneous, and financial institutions often lack the data and insights to detect new fraud patterns associated with these apps.
While educating consumers about the risk of APP fraud can help, it only goes so far. Fraudsters have many tricks up their sleeves, such as bots and other AI-powered techniques that bypass reactive, rule-based fraud solutions. And because digital payment methods occur and settle rapidly without human intervention, machine-learning algorithms based on limited, historical data miss new fraud patterns, leaving threats undetected until it’s too late.
Real-time detection is essential to stop these attacks before damage occurs. The first step is to gather, correlate and analyze data across all channels, and apply advanced, proactive machine-learning techniques that don’t require the use of historical data or labels. Another way to reduce latency and accelerate decision-making is to incorporate edge computing, which enables data to be processed locally, reducing traffic loads at scale for rapid detection of suspicious patterns and activity.
Finally, incorporating device intelligence into machine-learning models helps to create a digital fingerprint that provides clues about a user’s network origins, helping to determine whether a transaction is occurring on a device emulator or hijacked device. Device intelligence also helps assess the level of risk at a login or attempted transaction. Together, these capabilities improve the speed and accuracy of fraud detection, without impacting customer experience.
As digital payment methods become increasingly commonplace, even less tech-savvy consumers will learn to be more careful about transferring money upon request — but fraudsters will find new ways to do their dirty work. Fortunately, the technologies that help financial institutions protect customers against APP fraud will also prove effective for preventing new and emerging fraud vectors, making it more and more difficult for fraudsters to cash in.