Faster Payments, Faster Fraud

Jun. 2, 2017 | by BioCatch

Faster payments is quickly becoming the accepted norm in countries all over the world.  While the convenience this provides users is great, the opportunity this provides fraudsters is great too.

Last week BioCatch’s Head of Cyber Strategy, Uri Rivner, joined PYMNTS’ Data Drivers series, and looked deep into some stunning data points from the UK’s adoption of faster payments to gain an understanding of how other markets can be affected by the same trend.

Data Point #1: 300%

The rate of fraud documented in the UK between 2008 and 2010 (after the adoption of faster payments in the UK) grew by more than 300%. Why did this happen? Why would fraud triple after the adoption of faster payments?

Before faster payments, there was a lag between the time of the transaction and when funds reached the target account. This gap may have been technological, but it served as a buffer to allow time to discover anomalies and manage other risk indicators.  Faster payments provided a great convenience to merchants and others conducting transactions and needed immediate access to funds, however, it removed a safety net that helped protect against fraud.

With the transfer of money happening almost instantaneously, faster payments became a heyday for fraudsters, who were able to not only move funds from legitimate users to themselves quickly, but in turn to divert them just as fast so they were virtually untraceable by the time anyone noticed.  

Data Point #2: 100%

Since strong authentication was introduced in 2007, 100% of the fraud has comes from authenticated sessions. This includes traditional two-factor authentication, like SMS codes, but also smart card readers, tokens and other forms of verification. Besides adding great amount of friction and disruption to each transaction, they also did not do enough to thwart the fraudsters.  Via malware, browser attacks, and social engineering, they figured out how to circumvent it.  This trend continues today.

Data Point #3: 24%

Twenty-four (24) percent is how much fraud declined for the UK banks who introduced behavioral biometrics.  This is a direct return on investment, both in terms of preventing actual fraud and in cost savings related to managing fraud and escalations associated with false alarms, and as a result behavioral biometrics are now a must-have tool in the arsenal of fraud teams, digital transformation teams and risk prevention teams at the banks.

Behavioral biometrics analyzes human-device interactions to protect users and data, looking at hundreds of parameters to detect anomalies inside authenticated sessions. Behavioral biometrics systems continuously analyze patterns inside authenticated sessions, such as how people scroll, type, toggle between fields, regardless of what device was used to log on to the session, from which IP address or with the proper authentication protocols.

Learn From the Past

While other countries (such as the US) are enabling faster payments, they can expect to see the same fraud issues that the UK experienced. Learning from the UK experience in where the fraud came from, and the trends in addressing this, can guide others in how to deal with it in their markets.

Click here to access the full program.

*Percentages cited in this blog are from Financial Fraud Action UK. Their most recent Year-End Fraud Update can be found here.

Topics: Fraud, Payments