The changing face of payments fraud

Payments fraud is the top concern for professionals in the finance industry, according to a recent report by TD Bank. The issue has moved into first place – 44% of executives polled said it was their number one risk – up 12 percentage points in just one year.

Online payment fraud losses are set to more than double over the next five years to reach an annual figure of $48 billion, according to Juniper Research. The analyst’s latest report, Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2018-2023, covers e-commerce, airline ticketing, money transfer and banking services.

It claimed that the growth in fraud will be fuelled by a continued epidemic of data breaches. With that in mind, do you know what to do to protect your business from payment fraud? It’s something you should at the very least be looking into.

In the eight months since GDPR came into force, there have been more than 59,000 personal data breaches notified to regulators across Europe, according to the law firm DLA Piper. These range from minor breaches, such as errant emails sent to the wrong recipient, to major cyberhacks affecting millions of individuals and making front-page headlines. The Netherlands, Germany and the UK had the most data breaches notified to supervisory authorities, with around 15,400, 12,600 and 10,600 respectively.

More mobile

“More mobile devices means more mobile fraud,” says the analyst Lexis Nexis in a recent report, Online payment fraud trends. By the end of the year, mobile attack rates will surpass desktop rates for the first time as consumers, and therefore fraudsters, increasingly pivot to the mobile channel for a growing array of daily activities, it says.

Already, 48% of all phishing attacks target mobile users, and 4,000 new mobile phishing sites are created each day. “But the associated fake or hijacked apps and malware infiltrations that these, and other, malicious activities may unleash won’t all come via smartphones anymore,” it says. “The mass adoption of web-connected watches, other wearables, and other devices mean the mobile attack surface is growing fast.”

The use of advanced, AI-driven chatbots for online customer onboarding, payments assistance, and 24/7 customer support is likely to intensify and diversify cyberattacks. It predicts that at least one high-profile attack involving self-learning chatbots will target a major brand’s website “to draw out payment details and other sensitive information from the online customers who engage with them”.

Cross border

Its third prediction is that while today 64% of US-based online merchants only sell to US consumers, the growth of Amazon’s share of the ecommerce market will increase the percentage of retailers embracing cross-border payments.

“Thanks to the growth of online merchant activity and risk from stolen identities and payment credentials, cross-border payments are up to 69% more likely to be rejected as fraudulent than domestic transactions,” says the report. “To open transactions up to new geographies securely, look for providers and merchants gravitating toward modern, digital identity-based user verification and assessment solutions, enabling them to get an accurate read on the risk associated with the people they transact with, anywhere in the world.”

The cost of fraud prevention is likely to increase. But, according toMark Flamme, managing director, AlixPartners, Fintech innovators are increasing investment in developing solutions using such things as biometrics, acoustic analysis, geolocation, and behavioural traits (swiping patterns on smartphone). “These innovations could not only provide improved fraud prevention in customer authentication but also improve the customer experience over traditional easily forgotten passwords,” he said.

Given the fact that QR code-based transactions dominate the Chinese urban payments landscape, he predicts that the plastic card’s days could be numbered for payments in such jurisdictions.

  • About Enterprise Risk Magazine

    Enterprise Risk Magazine is the leading quarterly title for risk managers and enterprise risk, with a print circulation of over 5,500.

    Enterprise Risk is published on behalf of the Institute of Risk Management (IRM). The majority of IRM members receive their copy of Enterprise Risk at their home address, meaning the title... Read more
  • Categories

  • Tags