Only smart, AI-driven software that monitors transactions in real time can hope to deliver the level of protection required to stop fraudsters exploiting the opportunity instant payments afford them, writes Roy Belchamber.
Just as consumers and corporates like instant payments for their speed and irrevocability, so do fraudsters. They know funds transferred to them are available instantly and that they’re hard to get back once the fraud has been spotted.
Vulnerability of faster payment schemes
Around the world, banks wanting to offer instant payments but keep costs down have been joining domestic faster payment schemes to share instant payment infrastructure. First seen in Japan in the 1970s, these networks really took off from 2000 onwards, particularly after 2010, and today there are at least 50 schemes worldwide, with more launched every year.
Their success is undeniable. Volumes carried by the UK Faster Payments scheme, for example, were doubling every three years until recently. Even growing at today’s slower rate, the value of transactions has reached astonishingly high levels – totaling a record £2.1 trillion in 2020.
But these schemes are open to fraudsters. Authorized push payment (APP) scams over UK Faster Payments grew 77 percent by volume between 2018 and 2020. By 2020, they accounted for 38 percent of all UK fraud losses. The trend shows a rise of 5 percent in APP fraud losses year-on-year, while card-fraud losses, by comparison, are down 7 percent year-on-year.
Recent history has also shown that while schemes might start with relatively low limits on transactions, over time those limits are raised – the UK scheme started at £10,000 and has subsequently risen to £250,000. In the Netherlands, there is no limit. While higher limits are good for those using the schemes, particularly corporates that might want to move large sums regularly, they put high-value transactions at risk and fraudsters can very quickly net huge amounts.
Mitigation and education are not enough
Stopping financial crime, including fraud across these instant payment networks, is one of the biggest challenges facing their members. The speed of settlement is manna from heaven for the fraudster and, as seen in the figures above, is exploited ruthlessly and with high levels of sophistication. Where fraud and risk assessment teams previously had hours, or even days, to make their checks, now these must be made in under a second.
Most schemes demand fraud-prevention controls as a prerequisite for joining. These might be strong customer authentication (SCA) – passwords and secondary screening with unique one-use codes and/or card readers – as well as transaction monitoring controls such as checking that the payee’s name matches that of the destination bank account holder. Many banks supplement these with customer education programs – adverts in newspapers and on television warning about phone callers claiming to need urgent payments. But given the subject is instant payments, their efforts must be fast, effective and result in as little friction as possible. Every falsely blocked payment not only raises operating costs, but also chips away at the customer experience and confidence. Adverts warning about the threat of fraud may fall on deaf ears, particularly if a bank has promised to reimburse customers when an incident occurs by signing up to the UK’s voluntary authorized push payment scam code, for example.
An effective real-time solution
Ultimately, banks need to consider real-time transaction monitoring as well. Indeed, many if not most schemes demand this. But for it to work, intervention must be in real time, too. Here, efficiency and effectiveness are key. Stop too many genuine payments and the customer becomes annoyed; stop too few and the fraudsters win. Nirvana is being able to spot and block only fraudulent payments. To do this the monitoring has to work independently of any particular characteristics of the fraud involved. In this way, a bank has a layer of protection that is proactive rather than reactive to known frauds and is able to spot new fraud types immediately.
NetGuardians uses behavioral profiling and AI technology to do this, stopping more fraud faster and with fewer false alerts. It uses pre-defined artificial intelligence (AI) models to screen all transactions, including ebanking and mbanking, in real-time for anomalies, giving each a risk score. Banks set their own risk limits that trigger an alert to block payment. A dashboard identifies exactly what has triggered the alert, making investigation easy. When used by banks, it reduces false alerts by up to 83 percent and spots more fraud – nearly a fifth more – than rules-based monitoring alone, cutting operational costs and fraud losses.
Instant payments are here to stay and will only become more prevalent. If they are to be safe from fraudsters and slick for customers to use, real-time monitoring – looking at customer behavior rather than known fraud types – is paramount. It’s time banks that are already members of instant payment schemes and those looking to join them signed up to AI-driven software.
Watch the recording:
The Latest Trends on Faster Payments & Real-Time Fraud Detection: How can AI technology help?