Cash, checks, credit, debit, and prepaid cards remain staples of the payments industry. And, though consumers have embraced ACH and wire transfers as essential ways to pay and move money, digital tools, such as Apple Pay and Google Pay wallets, Venmo and Cash App, and other digital convenience offerings have increasingly become popular payment methods for consumers due to their convenience and speed. There is no doubt that the pandemic accelerated a focus on various payment methods for making purchases and payments as well. And as consumers’ interest and adoption of these new tools have grown, so have their expectations.
Financial institutions (FIs) are expected to deliver dependable, secure, and frictionless payment services that are also convenient, span all personal devices, and encompass multilayered strategies that center on validating the identity of their users and ensuring the integrity of their devices. As growing numbers of consumers migrate to digital transactions, the new ease and speed of digital payments decreases the likelihood of online shopping cart abandonment, serving up a win for both businesses and banks. But along with this convenience comes new opportunities for fraudsters and new challenges for mitigating fraud.
Sophisticated criminals are stalking the dark web and lying-in-wait to steal valuable personal and business-related information. So, it’s imperative that community banks are aware of these potential threats and are prepared to defend against them. Let’s examine four prevalent challenges facing today’s digital payments space:
- Spoofing – This type of attack has led to some recently discovered data breaches, computer and network takeovers, and consumer fraud loss. Over time, Spoofing has taken on various forms, but when paired with technology, hackers can utilize computers and devices to disguise calls as coming from legitimate sources to gain access to personal identifiable information (PII) to sell on the dark web.
- SIM Swapping – Hackers steal a mobile phone or claim that a phone is lost or damaged to persuade a carrier to activate and transfer information to a SIM card held by the fraudster. Criminals can then take control, receiving all incoming calls, text messages, and multi-factor authentication codes, and make outgoing calls impersonating the legitimate account owner.
- Digital Account Opening (DAO) Fraud – This scheme has increased in popularity, as consumers opt to open accounts online or via mobile device rather than in-person or by phone. Often a consequence of Synthetic Identity Fraud, the anonymity of the DAO channel makes it prime for application fraud. Banks may find that they are processing applications for non-existent people or even their own customers.
- Digital Wallet Fraud – Merchants have increasingly identified the digital wallet as the primary vehicle for use of stolen cards. Even with blocked wallets, fraudsters can quickly move a stolen card to another wallet if they have the proper PII and payment information. This shuffle of the digital wallet and mobile payments fraud is one of the most commonly used scams in the digital payments space, according to merchants. While the wallet still provides a safer and more frictionless cardholder experience, criminals are finding useful opportunities as well.
Fraudsters are proving to be nimbler in the digital payments space, making the bank’s best line of defense informed customers and employees. Staying knowledgeable about fraud trends and collaborating with peers can help combat fraud and quickly identify existing and emerging threats.
Alan Nevels is ICBA Bancard’s senior vice president of card risk and merchant services.