How American Banks, Processors, and Fintechs can Outsmart the Criminals
Recent findings from Featurespace’s The State of Fraud and Financial Crime in the U.S. 2022 showed that, as expected, fraud attacks are on the rise. This is nothing new, but what was perhaps news to some U.S. financial institutions (FIs) was the current levels of authorized fraud or scams. There has been a misconception that scams are limited to Person to Person (P2P) apps, but the self-reported fraud rates and losses for authorized fraud show that scams are a very current and growing threat for FIs in the U.S.
Authorized versus Unauthorized Fraud
The Federal Reserve FraudClassifier Model sorts U.S. fraud into two major categories: authorized and unauthorized.
Authorized: the transaction was initiated by the customer. This includes scams categorized as Products & Services Fraud, and Relationship & Trust Fraud.
Unauthorized: the transaction was initiated by the fraudster.
According to our recent research, authorized fraud including Authorized Push Payments (APP) and scams represent a larger volume of fraud than traditional typologies such as compromised credentials and counterfeiting.
One of the reasons for this representation is the huge investment that financial institutions have put in place to protect against traditional third-party fraud. A lot of the technologies that have been put in place have made it harder for fraudsters to be successful with their historic attack vectors. They have made it harder for criminals to commit those types of frauds, pushing them to new avenues to be able to get a better return on their investment (ROI) when they are perpetrating that fraud.
Now criminal networks are beginning to attack the weakest link in the chain, which unfortunately is us, so they are perpetrating scams which focus on manipulating the victim into initiating and authorizing a fraudulent transaction. Fraudsters see this as generating a better ROI for their criminal enterprises, and so it has become the attack of choice for many.
Identifying and preventing scams
To be able to prevent the impacts from scams, there is a range of strategies that need to be put in place. The first is around customer education, so they are more aware of the risks that they have when making payments, especially to new payees.
The second strategy is to introduce the right technology. Scammers are professionals, and often part of a large network with resources to invest in optimizing their attacks. That means the burden cannot be on the individual customer to be able to know when they are being scammed. The right technology protects the customer, even when they are unable to protect themselves.
Effective anti-scams technology monitors the customer activity through every interaction point that they have with the FI, and then identifies unusual behaviors and transactions which could be a key indicator that the customer is being scammed. It is important to have two-way communication with the customer that allows them to retain an element of autonomy and control in their financial decisions. FIs must inform the customer that there’s potentially elevated risk with the transaction that they are looking to undertake and build trust in the protective expertise of the FI.
Machine learning, in particular the self-learning algorithms that Featurespace provides, learns what genuine customer behavior looks like, and to use that to identify unusual and suspicious transactions, which can be a key indicator to the customer potentially being at risk or under the attack of a scam. This flag of suspicious unusual transactions that may be scams can be achieved without large rip and replace projects, instead integrating Featurespace’s self-learning model scores from our cloud offering into an FI’s existing fraud technology ecosystem.
Evolving U.S. scams
The types of scams that are on the rise in the US are principally around investment scams often related to cryptocurrencies, where the opportunity is portrayed to the victim as a way to get rich quick. The scams are often targeting some of the newer, faster payments infrastructure that provides an irrevocable method in terms of when the money is moved from a customer account into the scammers’ account.
What’s clear from the report, is that FIs can get ahead of the scams that are sweeping the US now. Financial institutions can implement quickly by adding new anti-scams solutions to complement their existing systems, and then continue to grow new platforms to be able to provide better fraud attacks against unknown threats in the future.
This focus on protecting against the unknown is crucial, as I expect that fraud trends will continue to evolve around scams. It seems to be the principal and fastest growing method in which fraudsters are attacking genuine customers to quickly extract money from their victims.
In the coming year, I expect fraud trends to continue to evolve around the increase in scams that we have started to see over the last 12 months. The uncertain economic environment that we are potentially moving into will create more fear and anxiety amongst customers, increasing the ways in which fraudsters can look to exploit this and perpetrate new types of scams.
Also, the increased push and availability of instant payments, will create a new vector in terms of which fraudsters can continue to innovate in their scam techniques.
In sum, those that act and embrace the latest technology can mitigate the majority of threats, protect themselves and their customers, and ultimately make the world a safer place to transact.