Surge in Digital Payments: Are Fraud Threats Reaching New Heights? - riskCanvas
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Surge in Digital Payments: Are Fraud Threats Reaching New Heights? WHITE PAPER The global pandemic has been a catalyst for digital transformation. While this presents an opportunity for innovation, the rapid adoption of digital payments presents an increased risk for consumers due to the rise in fraud for these emerging payments.
2 Surge in Digital Payments: Are Fraud Threats Reaching New Heights?
Table of Contents
01 Fraud Management in Digital Payments
02 What’s New in Digital Payment Fraud
What to Consider When Building a
03 Digital Payment Fraud Solution
White Paper 3 Fraud Management in Digital Payments The past 12 months have seen rapid growth in the digital-first economy. This growth has been fueled both by the global pandemic and by resulting changes in the pay- ment landscape. Digital payments – in which there is no physical exchange of mon- ey – have been adopted at an equally rapid pace. Recent research found that 64 percent of millennial consumers had made payments through digital wallets in the preceding three months, and 60 percent of consumers said they prefer merchants that offer digital payment options. Digital payment methods are not new to the market, and payment capability has matured during several years of increasing innovation, development, and adoption. While the global pandemic has undoubtedly provided an unexpected tailwind for adoption, additional related forces were already building to push institutions to adopt digital payments. These forces, including the following, will continue in a post-pan- demic environment: • Consumer trends, including increased demand for a frictionless, real-time, pay- ment experience and the ubiquity of personal devices such as smartphones and wearables • Business drivers, including the need for operational efficiency by moving to digital and the competitive benefit of gathering more customer data • Standard and regulations, including regulations that require more security and payment authentication The technology involved in digital payments, specifically digital wallets and Peer to Peer (P2P) payments, is inherently secure. The tokenization and biometric authentication features built into these payment mechanisms are meeting the challenge of large-scale hacking. Unlike typical credit cards, which are restricted in many ways by their physical form, digital payments are designed to utilize the latest security technology and can also be easily upgraded to keep pace with security innovations. Deterred by the security of digital payment technology, fraudsters are instead targeting other areas of the digital payment chain, in particular the account holders themselves and the institutions providing the technology platform.
4 Surge in Digital Payments: Are Fraud Threats Reaching New Heights?
As a result, the most prevalent products offered to consumers.
fraud trends associated Prospective digital payment
with digital payments are providers, wanting to repeat
not technology-driven and the success of services such
are better classified as low- as PayPal, Venmo, Google
technology fraud methods. Pay, and Apple Pay, are rapidly
There is little technology can releasing new products for
do to prevent the surge in niche or underserved areas
phishing, identity theft, and of the market. To avoid fraud,
merchant identity theft attacks, institutions must be agile
all of which target consumers’ and proactive in adapting to
these new fraud management
64%
digital payments. In one recent
incident,for example,a fraudster developments; otherwise,
installed a mobile banking they are likely to be extremely
of millennial app on their smartphone susceptible to fraud. History has
consumers had made using security codes obtained shown that fraudsters target
payments through through phishing. Instead, the early adoption of digital
digital wallets in the institutions need to ensure payments products or channels
preceding three that their onboarding, payment to probe and detect any gaps
months origination, and verification or flaws in an institution’s fraud
processes and policies are management processes. For
robust enough to protect example, when Apple Pay first
consumers. launched, some institutions
chose not to require additional
As previously noted, the rapid verification when loading
adoption of digital payment payment cards. Fraudsters
methods is likely to continue, took advantage of this lapse to
and financial institutions will be load stolen payment cards onto
challenged to keep pace and legitimate Apple Pay accounts,
adapt to the plethora of new effectively circumventing the
digital payment options and robust Apple Pay payment
White Paper 5
authentication mechanism. Merchants are also currently
Digital payment capability reporting that the additional
isApple
changing data available to issuing banks
Pay first the launched,consumersome experiencing economic hardship,
landscape, but not it to is require
also from digital wallets makes it
institutions chose but it indicates that consumers
rapidly
additional changing the market
verification when more
are usingdifficult to challenge
the streamlined digital
dynamics
loading paymentfor merchants
cards. Fraudsters and chargeback claims for
payment experience to more services
took advantage
issuing institutionsof thisregarding
lapse to such
readilyas
andApple
easily Pay
claimor Google
fraudulent
load stolen
fraud payment cards
management. Adopting onto Pay.
chargebacks.
legitimatewallet
digital Apple Pay accounts,
technologies Merchants arefriendly
Eventually, also currently
fraud
effectively
results in fewercircumventing
chargebacks the reporting
chargeback that the additional
losses data
will
robust Apple Pay
from fraudulent activity such payment available to issuing banks
decrease as issuers build more from
authentication mechanism. digital wallets makes it more
60%
as card skimming. However, complete digital profiles of
Digital payment capability difficult to challenge chargeback
digital payments
is changing the consumer
present their cardholders. Issuers will
claims for services such as Apple
new challenges
landscape, but it is foralsopayment
rapidly be
Pay able to challenge
or Google Pay. friendly
disputes and chargeback
changing the market dynamics for fraud claims friendly
Eventually, using detailed fraud of consumers
activity.
merchants Research
and issuing shows that,
institutions authentication
chargeback and
losses customer will said they prefer
inregarding
the past fraud12 months, nearly
management. payment profile
decrease as issuers build more history. merchants that offer
40% of merchants
Adopting digitalexperiencedwallet Likewise, as digital
complete digital payments
profiles of their digital payment
an increase inresults
technologies friendly in fraud
fewer become
cardholders.even morewillcommon,
Issuers be able options
chargebacks
chargebacks from in fraudulent
which financial institutions will beclaims
to challenge friendly fraud able
activity such as card
customers filed chargebacks skimming. using detailed authentication
to use larger sets of payment and
However,
instead ofdigital
first payments
trying to present
obtain customer
and payment profile history.
non-monetary event
new challenges for
merchant refunds. This trend is payment Likewise, as digital payments
information to more proactively
disputes
not unprecedented and during chargeback
a time become and
advise eventriage
morecustomers
common,
activity. Research shows that, financial institutions will be able
when many are experiencing when they are targeted by low-
in the past 12 months, nearly to use larger sets of payment and
economic hardship, but it
40% of merchants experienced
technology fraud attempts. The
non-monetary event information
indicates
an increasethat in friendlyconsumers fraud success of these efforts
to more proactively advise canand
are using the
chargebacks in which customersstreamlined already be seen in the increased
triage customers when they are
digital payment experience
filed chargebacks instead of first to use of beneficiary
targeted risk analysis
by low-technology fraud
more
trying readily
to obtainand easilyrefunds.
merchant claim and consortium
attempts. data. of these
The success
fraudulent
This trend chargebacks.
is not unprecedented efforts can already be seen in the
during a time when many are increased use of beneficiary risk6 Surge in Digital Payments: Are Fraud Threats Reaching New Heights?
What’s New in
Digital Payment Fraud
Digital payment volume increased growing dramatically in the wake of the
dramatically during the COVID-19 pandemic; at the same time, fraudsters
pandemic as more companies sold their have also shifted their tactics to the digital
products and services through digital payment space to take advantage of this
channels and more consumers purchased trend of increased digital payments.
products and services through mobile apps Digital payment providers must adopt
and digital wallets such as Google Pay, Apple and scale their digital payment capability
Pay, and Samsung Pay. Digital payments to match the growth in demand. It is also
have expanded to many industries, critical for providers to stay on top of the
including grocery delivery, vacation rental, fraud trend in the digital payment space to
automotive sales and repair, and so forth. effectively detect and prevent fraud and
The number of digital payment customers reduce losses while minimizing customer
and transactions is expected to continue friction.
M
P2P Payment Fraud is Rising
ore and more people (especially millennials and Generation Z) using P2P
payment apps such as Venmo, Zelle, and Cash App to pay each other di-
rectly when splitting meals and paying for rent, services, and other items. As
a result, digital payment transactions have increased 733% since 2016. The
COVID-19 pandemic is further accelerating this process as people look for contactless
payment methods to maintain social distance. Zelle recorded 1.2 billion transactions in
2020, a 58% increase from 2019. Venmo also showed approximately 60% transaction
volume growth over the same period.
P2P payment fraud frequently occurs in the form of social engineering and scams (such
as fake merchandise and fake charity donations) and Account Takeovers (ATOs) (with
customer information obtained through the dark web or malicious bots). As the pandemic
continues, fraudsters are also targeting P2P payments more frequently. Since funds are
exchanged immediately once transferred, mobile app providers should develop real-time
fraud detection strategies to mitigate these threats.White Paper 7
Digital World is at Greater Risk of Cyber
Fraud
T
he increase in digital and mobile transactions has re-
sulted in more and more personal information being
stored digitally. Employees working remotely through
unsecured networks further increases security con-
cerns. These two factors result in a greater risk of cyber fraud
through data breaches. Cyber-attacks have increased 400%
globally since the pandemic and are becoming one of the most
significant fraud risk challenges. Companies must invest more
to enhance data and information security.
Rise of Authorized Push Payment (APP)
Fraud as Consumer Scams Continue to
Increase
A
PP fraud, one of the fastest-growing fraud types, oc-
curs when scammers posing as legitimate businesses
or government officials trick victims into transferring
funds to them through real-time digital payments.
Digital payments are still relatively new compared to traditional
payment methods, and many consumers are just now switch-
ing to digital payment to maintain social distancing during the
pandemic. Many of these new users are not yet familiar with the
details and functionalities of the mobile app and digital wallets,
which increases their vulnerability to APP fraud.
Regulations Are Shifting to Protect Scam
T
Victims
raditionally, consumers were held liable for any loss-
es incurred as the result of a scam, but in recent years
regulators have moved to protect scammed consum-
ers from losing money. The UK introduced a voluntary
code of conduct in 2020, and 18 banks have signed up to re-
imburse consumers who are scam victims. Similar moves are
expected in the US soon.8 Surge in Digital Payments: Are Fraud Threats Reaching New Heights?
C
Friendly Fraud is on the Rise
OVID-19 expedited the use of digital purchases and con-
tactless product delivery, and the rise in friendly fraud
in 2020 is expected to continue going forward. Friendly
fraud occurs when a user disputes a valid transaction,
or when a user’s mobile apps and logins are used without permis-
sion by friends and family. A provider’s security features cannot
stop this type of fraud, and merchants often don’t have enough
information to track and validate the transaction, so chargebacks
typically go through successfully and merchants bear the cost of
refunding money to consumers.
Application Fraud is Increasing
A
s data breaches and cyber attacks continue, identity
theft and synthetic identity fraud continue to increase.
As a result, application fraud for digital payment will also
increase as fraudsters use stolen identity information to
apply for new P2P and digital wallet accounts and then use those
accounts to purchases goods and services. Digital payments cre-
ate a new payment channel for fraudsters to load stolen credit
card data during the application process, such as when fraudsters
loaded stolen Capital One and JP Morgan credit cards purchased
from the dark web to Apple Pay accounts and other digital wallets.
Digital Payment Customer Verification
and Fraud Risk Assessment Are More
Challenging
D
igital payments provide convenient, real-time payment
methods for consumers, and they also provide un-
banked and underbanked consumers the opportunity
to access financial products they were unable to access
previously. This population of “thin-file” customers doesn’t have
much credit history, so it is harder to conduct verification and as-
sess fraud risk. Providers should leverage all dimensions of data,
such as social media or device fingerprints, to assess risk and de-
tect fraud, and to monitor new accounts closely for the first 60-
180 days.White Paper 9
What to Consider when Building a
Digital Payment Fraud Solution
As digital payment volume escalates, fraud attempts are also increasing significantly. Dig-
ital payment providers must stay ahead of fraudsters, keep up to date on all emerging
threats, and invest in people, processes, and technology to better detect and mitigate fraud
threats. Providers should consider several key things when designing a fraud solution:
Design a fraud solution that examines the entire customer lifecycle. This solution
1
should gather centralized data intelligence holistically at each customer touchpoint,
from application to transactions to account updates and from device data to
behavioral data. Real-time data intelligence from customer interactions can help
quickly identify evolving fraud patterns.
Depend less on passwords and use secured, frictionless methods for intelligent
customer verification and authentication. Customers appreciate the convenience
of digital payments, and one key capability requirement is fast payment without
2
friction. Digital payment providers normally collect minimal information and
require minimal verification, which makes them potentially more vulnerable to
fraud attacks. It is critical for digital payment providers to embrace the future of
modern-day fraud verification and authentication by leveraging digital tools such
as artificial intelligence, machine learning, and biometrics (fingerprint, facial,
and voice recognition) and by using dynamic data for customer verification and
authentication.
3
Invest heavily in a cloud platform to enable robust data ingestion and enrich data
from multiple sources. A broader spectrum of real-time data enables faster analysis,
real-time fraud detection, and more accurate fraud decision.
Find the right balance between fraud loss and customer experience. As the digital
payment industry expands, there will be more and more competition. One key
4
success factor in building a customer base and reducing attrition is for digital
payment providers to ensure a positive customer experience. Customers can quickly
switch to other digital payment providers if they experience slow transactions or
feel their current process is too complicated. Building a seamless digital payment
fraud detection process that is invisible to customers requires optimal prioritization
between growth (such as approval rate) and fraud/fraud rate.FINANCIAL CRIME INNOVATION LAB
When it comes to FinTech and financial crimes risk management solu-
tions, one size does not fit all. To tackle FinTech challenges such as a
changing, ambiguous regulatory landscape, managing compliance at
unpredictable scale, effectively measuring and foreseeing risks and
threats in a changing world and controlling compliance costs with growth,
we created the Financial Crime Innovation Lab, risk and compliance solu-
tions for FinTechs.
• We use insights-led operations to understand why FinTech volumes vary and predict
future occurrences.
• We bring a diverse set of advisory services including our live threat inventory, ThreatX.
We will use ThreatX to make recommendations on Chime’s unique FCRM threats in
order to maintain compliance and keep retention thriving.
• We created a global operations model whereby teams remain agile and flexible, to meet
demands in volume often experienced with FinTech.
• We tap into benchmarking from multiple prior and ongoing FinTech engagements in
order to chime in on industry standards best practices.
• Our team of advisory experts are experienced and knowledgeable about the regulatory
landscape for FinTech, and keep an eye out for changes.
• We have a tech-savvy team focused on bringing supporting, robust technology, reducing
member disruption and accelerating overall processes that allow more time better spent
in other areas such as growth, innovations and member support.
ABOUT riskCANVAS, A GENPACT COMPANY
riskCanvas™ is the future of financial crime compliance technology and leverages the
most cutting-edge big data, automation, and machine learning technologies to deliver
compliance, efficiency, and automation to its clients.
LEADERSHIP AND AUTHORS
Joseph Gillespie Quinten Hout Lijia Gong
Founder / President Head of Global FCRM Advisory Fraud Practice Lead - Advisory
Author
info@riskCanvas.com www.riskCanvas.comYou can also read
