The financial services industry faces an onslaught of fraud threats, especially as payment technology evolves and improves. While that seems counterintuitive, the fact is that many of the same technologies that streamline payments are also serving criminals and bad actors looking to attack payment systems. In a heavily regulated industry, speed is paramount. Unfortunately, banks and financial service providers that rely on legacy systems and burdensome workflows face an uphill battle in fighting fraudsters who are extremely nimble.
While much has changed in payments, one thing has remained the same: fraud is a real, expensive threat that requires end-to-end systems and tools for detection, prevention, and analysis.
What Fraud Really Costs
Fraud doesn’t just cost merchants. Last year, the financial sector saw over a 13% increase in data breaches targeting credit card companies, banks, and credit unions. Those breaches cost, on average, $4.24 million.
Account Takeover Fraud remains the most popular method for nefarious characters. Existing card and non-card fraud and card-not-present (CNP) fraud are also on the rise. Banks face many issues in combating these fraud types, as well as competing priorities that must be balanced alongside the disruption that banks are facing in the new era of Fintech.
Namely, reducing fraud impact and detecting fraudulent accounts remain banks’ top priorities, each commanding the top spot on the priority list of banks, saying those are their most important fraud goals. Minimizing customer impact is also the main challenge, though far fewer report this as the number one fraud goal.
Account Takeover Still a Key Issue
Account takeover fraud remains a key concern for financial institutions. The attention paid to this brand of fraud is merited; account takeovers increased by 307% between 2019 and 2021. As bank account data becomes easier to access than credit card details, bad actors continue to focus their efforts in this realm. Stolen credentials can easily be sold on the dark web, lowering the barrier to entry for even novice hackers. The proliferation of stolen data on the dark web has facilitated large-scale account takeovers as well.
Account fraud is the number one concern, second only to debit card fraud. The problem is exacerbated by numerous vulnerabilities on the payments front that have yet to be addressed.
Real-Time Payments Could Mean Real-Time Fraud
Many bankers have moved toward or adopted real-time payment systems (RTP), such as Zelle. Bad actors are particularly attracted to new payment types, whose fraud prevention systems may not have yet adapted to emerging threats.
As payment systems evolve and new payment technologies emerge, banks and others in the financial services industry must ratchet up fraud prevention mechanisms. Fraud and risk management are a way of life in the payments space. Most organizations have a slew of tools and systems for preventing and detecting fraud, resolving fraud, and analyzing cases of fraud. The latter is just as essential as the others. As new bad actors emerge and new cyber threats come about, banks and financial institutions must remain one step ahead. The key lies in looking at which fraud controls may need to be adjusted, which are not effective, and the tradeoff in costs and user experience when fraud controls need to be turned up.
In a world of RTP, real-time fraud engines are imperative. Account takeover fraud remains a top challenge as well, which often occurs via phishing or malware schemes. As a result, malware detection and strong authentication measures must be present.
Final Thoughts
Fraud is a real problem for financial institutions and FinTech. Payments fraud will only grow more sophisticated as FIs leverage emerging technologies within the payments value chain. In fact, as the payments ecosystem trends toward a more digitized experience, financial institutions will be forced to balance digital transformation initiatives with fraud prevention initiatives. The tradeoffs between security, customer experience, and growth in an era of disruption will have to be carefully measured. Data breaches also show no signs of slowing, which will force FI’s hands to better protect PII information. RTP will also mean banks and Fintechs will have to employ real-time fraud prevention and detection measures to stay one step ahead of agile, sophisticated bad actors.
Talk to our team and know how you can safeguard your payment systems.
