Indeed, the region has taken the lead in mobile payments with Japan, South Korea and China all-embracing mobile wallet and payment technology. In China itself, many university graduates skip credit cards completely and jump straight into the virtual realm of digital wallets and instant payments. Online banking in Asia is also growing rapidly: according to McKinsey, the region had 670 million online banking customers in 2012 and will reach 1.7 billion by 2020.
New ways of interacting with banks introduce new opportunities for criminals. Some attempt to hack into systems to access customer data, which has lately gained notoriety with data breaches in a number of US companies and accusations of Chinese hackers accessing systems globally. Although there is a chance of success, many more criminals resort to simple social engineering or card fraud to profit. Indeed, China credit card fraud is among the highest in the world. Almost 42% of regional respondents in a recent ACI survey encountered card fraud in the last five years.
Japan’s National Policy Agency reported that financial damages caused by online banking fraud spiked between April and June 2014. Individual and corporate clients in Japan incurred losses of USD 3.83 million and USD 1.91 million, respectively. In Hong Kong, in one particular instance of online fraud, criminals used a phishing email to target accounts that contained more than USD 1.32 million in total deposits. The emails guided victims to websites looking identical to the banks’ websites and required input of usernames, log-in passwords and passwords generated by personal security devices. According to the South China Morning Post, only USD 0.36 million was transferred to overseas accounts, as many of the transactions were cancelled by users who realized it was a scam.
In that situation, user education obviously helped. Regulators, governments and financial institutions realize this and are working to grow user awareness and education of potential fraud. In addition to education, regulations are driving physical technologies to combat fraud.
EMV (Europay, Mastercard and Visa) is a global standard that is being promoted globally to move toward physical chip and pin payment card security to combat fraud. Limited in the US, but almost ubiquitous in Europe, EMV adoption in Asia is mixed. Penetration is very high in developed markets like Japan and South Korea; it is catching up elsewhere in the region, aided by decisive policies and regulations in certain countries like China where regulators set a deadline on EMV card issuance where all new cards issued from 2015 onward need to be EMV-enabled. New EMV cards are considered to be safer than the older standard and have already reduced card fraud rates in markets like the UK, where overall card fraud was reduced by a third after the implementation of EMV in 2004, according to the UK Cards Association.
Although EMV is a proven standard to help and control fraud, and customer education is also helping, many banks are working to proactively combat fraud. Payment card risk systems are common and adopted in most financial institutions, yet increasingly, banks are looking for more sophisticated fraud detection and monitoring systems. This is especially important in markets like China where credit cards are still relatively new and not heavily used, so therefore it can be difficult to rely on existing information or customer habits to identify potential fraud.
If customer data has already been compromised and the fraudster has already found a way to start the transaction, systems that detect potential fraudulent patterns in spending or usage are often the last line of defense. If we take the Hong Kong example above, the scam could have been prevented, at least partially, by banks leveraging fraud prevention solutions, for example those that remember users’ normal behaviors and send alerts once a transaction stands out from the normal pattern. In addition, if a financial institution works together with a third-party system provider or expert, they can take advantage of up-to-date industry practices and rules, which can often be more robust than a bank’s internal fraud processes and rules detection rules. Working with a third party also helps financial institutions focus on their core business and yet still stay ahead in the never-ending fight against fraud.
Mobile and online payments and banking are here to stay. As Asian customers increasingly demand anytime and anywhere access to their accounts, banks face opportunities and challenges. On one hand, banks have an entirely new set of channels to interact with customers to provide more robust financial products and solutions. On the other, the channels are completely new ways for fraudsters and criminals to attempt fraudulent activities. While Asian markets vary significantly and each country is unique in terms of the fraud problems and challenges, the solutions are the same: customer education is key, and so are the systems to accurately detect and prevent fraudulent transactions themselves.