In March 2022, New York Times reporters Stacy Cowley and Lananh Nguyen had a story about the prevalence of payment fraud in the United States, which has risen sharply in recent years.
Cowley and Nguyen spoke to one fraud victim who had his phone stolen while he was hospitalized with COVID-19. The thief used the payment details on the stolen phone to make purchases, withdraw money from a cash machine and authorize push payments. All told, the victim had more than $2500 stolen, most of which the bank later returned.
The New York Times story underscores one of the fundamental weaknesses in our world’s infrastructure of consumer payments: Payment fraud losses are often just a stolen phone or scam phone call away.
Featurespace Subject Matter Expert, Paul Evans, explores what financial institutions can do to detect this kind of fraud, what they can do to prevent future occurrences of payment fraud, and what role payment gateways play in safeguarding consumer payments.
What is payment fraud?
Payment fraud is when someone makes an unauthorized purchase, initiates a false payment, or tricks a customer into making purchases or payments for them. Usually, they do this by accessing a victim’s card or account information that’s stored digitally (e.g., on the victim’s phone) or by calling or messaging the victim to trick information or authorization from them.
This kind of fraud was rising steadily year over year in the 2010s. When the pandemic arrived and changed so many consumers’ shopping habits, online payment fraud exploded.
In just the United States in 2021, consumers reported about 2.8 million instances of fraud, with total losses amounting to approximately $5.8 billion. That’s a 70 percent increase compared to total fraud losses reported in 2020 and includes imposter scams nearly doubling to $2.3 billion.
The challenge now, for financial institutions and merchants alike, is to detect payment fraud early so they can stop it in its tracks.
How to detect payment fraud
There are a number of manual steps you can take when a payment seems suspicious:
- Authenticate the customer’s identity.
- Verify the device used to make the purchase.
- Check the customer data, such as address or phone number.
- Contact the customer directly.
Let’s take each of those one by one.
This includes protocols such as 3-D Secure and two-factor authentication (2FA). With any such step, the payer is prompted to confirm their identity or their payment details by inputting passwords, codes or biometrics such as fingerprint readers.
This is another common layer of online payment security. Each device has its own unique digital fingerprint, and it’s relatively easy to connect a device with its rightful owner. Therefore, confirming a device from which a payment originates can help confirm the legitimacy of a payment.
Check customer data
Sometimes, spotting a fraudulent purchase can be as simple as looking up where the person has listed in their shipping information and how far is it from their billing address. Other checks are available for addresses, phone numbers and emails that can assess the risk of them being associated with fraud.
Contact the customer directly
Whether customers are new or existing, in most cases they can be contacted to verify the legitimacy of a payment. Verification may take the form of further identity checks or may be to check the customer understands why they are making a payment to ensure it isn’t part of a scam.
How to prevent and stop online payment fraud
Preventing online payment fraud is something that must be done proactively and routinely. It encompasses all of the habits, protocols and processes your business adopts to keep safe. Payment fraud prevention techniques can include:
- Understanding trends in fraud.
- Working with a verified payment processor.
- Following digital security best practices.
- Having a platform that can detect and flag suspicious transactions.
Follow digital security best practices
This includes ensuring your website uses the HTTPS protocol so that customer data is encrypted, training employees on how to handle sensitive data, and deploying tools that can continuously monitor for cybercriminal activity.
Understand trends in fraud
Scams and scammers evolve as new technologies emerge and new opportunities arise. Organizations such as the International Association of Financial Crimes Investigators (IAFCI) and the Society of Citizens Against Relationship Scams do great reporting on this front, as does the team at Card Not Present. Follow their reporting to keep up to date with trends in payment fraud and make your customers aware of the trends so they can protect themselves.
Work with a verified payment processor
Verified, secure payment processors will encrypt payment data, tokenize payment data and have several methods of customer authentication processes in place to verify the legitimacy of payments.
Have a platform that can flag suspicious transactions
Automated fraud detection is an important layer in payments, especially for payment processors, merchant acquirers and any other financial institution on the back end of the payment value chain. A platform that can flag suspicious payment behaviors in real time can help ensure fraud gets stopped before money leaves a victim’s account.
Our payment fraud prevention platform
Note how the processes and the tools outlined above create various checks along the payment chain. Most of those are seamless, and a customer can make payments without knowing what kind of anti-fraud activity is going on behind the scenes.
Still, payment fraud prevention tools can certainly introduce friction in the customer experience. A poorly integrated customer authentication layer, for example, could frustrate people during the process if it stalls or generates errors. Likewise, a fraud prevention tool that generates false positives can frustrate everyone involved.
That’s why we built ARIC™ Risk Hub to understand customer behaviors on a more fundamental level. Our Automated Deep Behavioral Networks have been developed specifically for the payments sector to improve the detection of all types of fraud while reducing customer friction and false positives.
These recurrent neural networks achieve this by learning from customer behaviors, and they quickly understand what behaviors are normal for each individual customer and which behaviors are anomalous.
With that knowledge, ARIC Risk Hub can more accurately assess the likelihood of fraud at the transaction level. It does this in real time, too, so that payment fraud attacks often can be stopped before money changes hands.
Stop payment fraud with deep learning
NatWest, one of the largest retail banks in the UK, began working with Featurespace in late 2019 to improve the bank’s transaction monitoring and fraud detection capabilities.
Within 24 hours of ARIC Risk Hub’s deployment, NatWest saw a rise in the value and number of scams detected and a drop in the number of false positives.