How to outwit fraudsters

By Greg Brown

Stealing a person’s hard-earned money is nothing new. However, in today’s world of almost instant payments, the methods used by fraudsters for payment fraud have evolved. While the digitization of payments has made making financial transactions more convenient for consumers and financial institutions (FIs), it has also made detecting fraudulent transactions increasingly difficult. After all, instead of days, transactions worth millions can now be completed in a matter of mere seconds.

On average, 12 million transactions are conducted via debit card in Canada each day, stated the Canadian Bankers Association. This makes Canadians among the highest users of debit cards and hence puts the group at high risk for payment fraud. Most Canadian banks offer zero liability fraud policies.

In 2017, retailers lost a total of $31 billion due to chargebacks alone. The industry is now losing 1.8 per cent of all revenue to fraudsters and related fees, according to Chargebacks911®. Thus, the need for fighting payment fraud is very apparent.

Common payment fraud types
With payments turning digital, fraudsters no longer need to be in the same geographical vicinity to steal a person’s money. Identity theft is the most common form of payment fraud. Given the ease with which information about a person is available on social media platforms, criminals can easily impersonate an individual and hack into their bank accounts.

Once they have access to the individual’s card details, they can use it for card-not-present (CNP) transactions on online platforms. Other common types of payment fraud include false invoicing, which relies on individuals not paying adequate attention to invoice details, scam e-mails and phone calls. According to a report released by Emerging Payments Association, up to two-thirds of all payment frauds involve deceiving individuals into disclosing their security details.

Fighting fraud
As the payment industry evolves and the digital economy facilitates faster transactions between individuals, businesses and FIs, fighting payment fraud has become a priority. Existing security measures such as chip-based cards have already significantly reduced the extent of card-present fraud. FIs like banks and credit unions also advise consumers to follow simple strategies such as:

• Informing suppliers after invoices have been paid;
• Verifying requests for changes to supplier’s account details;
• Removing personal information from social media platforms that could be used to hack into your account; and
• Not divulging account and security details to anyone.

Here are several other key steps and tools to take to fight fraud.

1. Two-step authentication. In many cases, thieves can conduct fraudulent transactions by hacking into smart devices. Introducing two-step authentication makes conducting these transactions more difficult as long as the second step of authentication is through a different mode. One-time passwords sent to mobile numbers or e-mail addresses are the most common form of two-step authentication.
2. Biometric authentication. Biometric authentication uses an individual’s unique physical characteristics to verify their identity as an additional security layer. Fingerprints, voice recognition, iris recognition and face recognition are the most common biometrics used. Biometric systems are difficult to fool and are easily accessible. Embedding biometrics in payment systems ensures that transactions are being made by the person holding the account and not by an imposter.
3. Stringent Know Your Customer (KYC) procedures. These include electronic Identity Verification (eIDV), which is a tailorable process that helps secure financial transactions without compromising on convenience. Real-time authentication provides a quick solution to KYC by matching names to addresses. It ensures fast onboarding or e-commerce checkout while protecting against fraud and money laundering without having to spend a ton of money.
   Additional levels of authentication can be added on depending on a company’s specific sign-up process and risk management requirements. EIDV can check national ID and age, match against international watch lists and perform Politically Exposed Persons (PEP) screening.
   For this to be enabled, organizations must have access to reliable data that can be verified across multiple sources. This is known as 2×2 verification. Once completed, KYC procedures must also be constantly updated. Accurate customer identification not only protects the consumers, but it also protects FIs from transactions involved in money laundering, thus protecting their reputations.
4. Machine learning and behavioural analytics. Machine learning uses historical data associated with an account and complex data analysis to understand patterns of legitimate payment transactions. Combining this with human insight, it can help identify and prevent potentially suspicious or unusual transactions that may be fraudulent. Neural networks and artificial intelligence (AI) can also be used to spot suspicious or erratic card usage.

The bottom line
When companies truly know their customers, they greatly reduce the risk of fraud and chargebacks, save time, money and resources and are able to provide more efficient customer service. As FIs and criminals strive to outwit each other, the combination of technology and human expertise will play a crucial role. Above this, it is also important for governments, law enforcement agencies and industry players to collaborate and work together to win the war on payment fraud.

Greg Brown is vice president of global marketing, Melissa (www.melissa.com). Greg powers Melissa’s brand management, business-to-business, Internet and e-mail marketing strategies. He is an ANA-certified Marketing Professional and having worked for more than 15 years on both the client and the agency side, he brings a unique perspective to developing creative, results-oriented marketing programs to acquire and retain customers.