The State Of Fraud In Payments

By Author: sifip
Total Articles: 686
Comment this article

Payment fraud is evolving as bad actors become more sophisticated and agile. Discover how banks and Fintechs are dealing with new threats and what is on the horizon.

As online payment gateway technology evolves and improves, the financial services industry faces an onslaught of fraud threats. While this may appear to be counterintuitive, the fact is that many of the same technologies that help to streamline payments also help criminals and bad actors who want to attack payment systems. In a highly regulated industry, speed is critical. Unfortunately, banks and financial service providers that rely on legacy systems and time-consuming workflows face an uphill battle in combating nimble fraudsters.

While much has changed in payments, one thing has not: fraud is a real, costly threat that necessitates end-to-end detection, prevention, and analysis systems and tools.

What Fraud Really Costs
Fraud not only costs merchants; every dollar of fraud costs the bank $3.6 billion. Data breaches targeting credit card companies, banks, and credit unions increased by more than 13% last year in the financial sector. ...
... The average cost of these breaches is $4.24 million.

Account Takeover Fraud is still the most common method used by shady characters. Card and non-card fraud, as well as card-not-present (CNP) fraud, are all on the rise. Banks face numerous challenges in combating these types of fraud, as well as competing priorities that must be balanced alongside the disruption that banks face in the new Fintech era.
Specifically, banks' top priorities continue to be reducing fraud impact and detecting fraudulent accounts, with each commanding the top spot on the priority list of banks, stating that these are their most important fraud goals. The main challenge is also minimizing customer impact, though far fewer people report this as their top fraud goal.

Account Takeover Still a Key Issue
Account takeover fraud continues to be a major concern for financial institutions. The focus on this type of fraud is justified; account takeovers increased by 307% between 2019 and 2021. As bank account information becomes more accessible than credit card information, bad actors will continue to concentrate their efforts in this area. Stolen credentials can be easily sold on the dark web, lowering the entry barrier for even inexperienced hackers. The prevalence of stolen data on the dark web has also facilitated large-scale account takeovers.
Account fraud is the most serious concern, followed by debit card fraud. The problem is exacerbated by numerous payment-related vulnerabilities that have yet to be addressed.

Real-Time Payments Could Mean Real-Time Fraud
Many bankers have shifted to or adopted real-time payment systems (RTP). Bad actors are particularly drawn to new payment types, which may not yet have fraud prevention systems that are up to date with emerging threats.
Banks and others in the financial services industry must strengthen fraud prevention mechanisms as payment systems evolve and new best online payment gateway technologies emerge. In the payments industry, fraud and risk management are a way of life. Most organizations have a plethora of tools and systems in place to prevent and detect fraud, resolve fraud, and analyze fraud cases. The latter is equally important as the others. As new bad actors and cyber threats emerge, banks and financial institutions must stay one step ahead. The key is to consider which fraud controls may need to be adjusted, which are ineffective, and the cost/user experience tradeoff when fraud controls must be increased.
Real-time fraud engines are essential in an RTP world. Account takeover fraud, which frequently occurs through phishing or malware schemes, is also a major issue. As a result, malware detection and strong authentication are required.

Final Thoughts
Fraud is a significant issue for financial institutions and FfinTech. Payments fraud will only become more sophisticated as financial institutions leverage emerging technologies throughout the payments value chain. Indeed, as the payments ecosystem becomes more digitalized, financial institutions will be forced to balance digital transformation initiatives with fraud prevention initiatives. In an era of disruption, the trade-offs between security, customer experience, and growth must be carefully considered. Data breaches are also on the rise, putting financial institutions under pressure to better protect personally identifiable information. RTP will also necessitate the use of real-time fraud prevention and detection measures by banks and Fintechs in order to stay one step ahead of agile, sophisticated bad actors.