There are any number of forums where the topic of payments fraud is discussed, and that naturally drifts towards the more specific subject of ‘faster payments, faster fraud.’
As real-time payments systems multiply across the globe, greater attention is being given to loopholes that fraudsters will inevitably seek to exploit. This piece appears in PaymentsSource and follows that theme:
‘The phrase “real-time payment” generally means an execution of a few seconds, which is a small window for banks and payment networks to catch suspicious behavior. The threat of real-time payments crime is new enough that the Federal Reserve is still working on defining and classifying real-time payments security…..“It’s a bit of a debate as to when the clock starts ticking. And it’s a bit different from consumers to corporations, since the dollar values are higher in the corporate space, and there are more approvals or authentications,” said Elena Whisler, head of enterprise product management for FIS.’
We recently released a member report on the subject of trends and growth prospects of B2B faster payments in which this very topic is addressed.
We also cover the topic of payments fraud specifically on a regular basis, and of course are often asked about the particular challenges associated with real-time environments. One must remember that real-time payments in the U.S. have existed in the form Fedwire and CHIPS for decades, although the operating windows remain limited to business hours.
The operational downtimes allow for further analysis of payment initiation requests, and this prevents fraud payments. However, there is no such downtime with the new real-time rails, so the irrevocability and speed of transactions is both a highly desirable feature for legitimate counterparties as well as a toxic enticement for bad guys.
That is surely one of the reasons that single transaction limits have been $25,000 to date, but soon to increase to $100,000 for greater B2B adoption.
‘The obvious risk is there’s less time to catch a bad transaction before it processes. Chargeback 911 COO Monica-Eaton Cardone highlighted the risk in PaymentsSource on Friday, writing: “These payments will occur in a matter of seconds…fraudsters who identify methods of abusing the system could easily commit and attack, then vanish long before anyone even notices the incident.” ‘
The piece goes on to discuss the various approaches to minimizing risks associated with new rails that will be ubiquitous within several years.
Some of the methods mentioned are better up front authentication, learning from other ‘real-time’ systems (e.g.; cards-based), mobile security and advanced analytics. The already existing faster and real-time systems are here to stay and more are on the way, which is the natural progression of technology.
‘FIS is navigating the varied international approaches to real-time payments, since not all nations are the same. Even in the U.S., there are two general initiatives, the pending Federal Reserve system, FedNow, and the Clearing House’s Real-Time Payments initiative. Whisler expressed general support for both efforts.’
Overview by Steve Murphy, Director, Commercial and Enterprise Payments Advisory Service at Mercator Advisory Group