If the last couple of years have taught us anything, we should be ready for change at the drop of a hat. And this learning should by no means go ignored in the world of fraud. With constantly shifting consumer demands and behaviors when it comes to the way we pay, there is a new world of opportunity for fraudsters.
As fraud detection systems have become more sophisticated, fraudsters have turned their eyes to a more vulnerable and unprotected part of the financial services chain – bank customers themselves. Fraudsters are opportunistic and seek to capitalize on consumer vulnerabilities to execute scams.
Scams manifest in many shapes and forms. We can differentiate scams in three different ways:
- The channel (authorized push payments (APP) fraud versus card transactions)
- The merchant category (investment scam, romance scam, overcharging “free trials” merchant scam, diet pills scam and others)
- The penetration method (remote access scam, mobile phone wallets, payment scams or even merchants misrepresenting themselves)
Scams are on the rise globally
This is a global problem. We have seen more than USD$2 billion lost to scams in 2021 in Australia alone. And this trend is not exclusive “down under” – our research shows that one in ten U.K. consumers were a victim of a scams in 2021. In addition to this, U.K. Finance members reported 195,996 incidents of APP fraud in 2021 with gross losses of £583.2 million, compared with £420.7 million in 2020. In India, the world’s leader in real-time payments (according to our 2022 Prime Time for Real-Time report) from 2020 to 2021, the percentage of fraud victims who fell prey to confidence tricks almost doubled from 8 to 13 percent, with skimming of card details steadily declining year on year.
What is the main challenge facing banks and financial institutions?
To tackle the scourge of scams, a radical rethink around collaboration is necessary, encouraging financial institutions to work alongside other players in the ecosystem who are better equipped to assist firms with their defenses.
The main challenge for financial institutions when stopping scams on the consumer side is the social engineering element. Fraudsters are skilled in making consumers feel that sharing their personal information or digital footprint is safe. This can lead to consumers having a hand in a fraudulent transaction by providing fraudsters with one-time passwords, internet banking login details or phone access. This enables fraudsters to bypass fraud detection and card controls, often undetected.
On the other side, it is becoming increasingly difficult to stop subsequent scam spending as scammers frequently will coerce their victims to verify transactions with bank representatives, which results in even further losses. Banks have to fight scams on both fronts, repeatedly winning customers’ trust over scammers, while helping them protect their money.
Stopping scams from all angles
All these obstacles in scam detection have created a high demand for a new type of technology that is highly customizable, resilient against bypassing and easily integrable into existing fraud ecosystems. The flexibility of solutions such as ACI Fraud Management for Banking helps to build scam detection systems by profiling scams on all levels (including customers, fraudsters, merchants and merchant types, acquirers, countries, currencies). This “learned” knowledge can be used to build machine learning algorithms for informed risk-based authentication within a single enterprise-wide platform.
The additional integration of two-way communication provides the required support and necessary automation that enable users to detect and decline scam merchants in real time without creating additional alerts for the fraud operations team, but notifying and educating customers, thus getting one step ahead of fraudsters.
There isn’t currently a silver bullet for stopping the growing problem of scams. Fortunately, financial institutions have the ability to integrate solutions from advanced technology providers that can be tailored to meet the specific requirements of their security framework.