Real time payments are in their infancy here in the U.S., which is a great time to look at the fraud experiences in other countries with real time payments platforms that are more mature. A recent study that FICO conducted in Asia Pacific found some rather sobering facts:
The proliferation of real-time payments platforms, including person-to-person (P2P) transfers and mobile payment platforms across Asia Pacific, has increased fraud losses for the majority of banks. Silicon Valley analytics firm FICO recently conducted a survey with banks in the region and found that 4 out of 5 (78 percent) have seen their fraud losses increase.
Further to this, almost a quarter (22 percent) say that fraud will rise significantly in the next 12 months, with an additional 58 percent saying they expect a moderate rise in fraud.
“While the convenience of real-time payments is great news for customers, increasingly, banks have zero time to clear a transaction or payment. AI can’t slow down the clock, but it can help create systems that are radically quicker to recognize a transaction that smells likely to be fraudulent,” said Dan McConaghy, president of FICO in Asia Pacific. “Banks will need to move beyond passwords and OTPs and add biometrics, device telemetry and customer behavior analytics to keep up with the changing payments landscape.”
Banks in this APAC survey found that social engineering, followed by account takeovers were the greatest culprits.
As Mercator discussed in a recent faster payment fraud report, a concerted focus on identity and authentication solutions is needed. Solutions are available in the market place with new biometrics and multifactor options that can help. In the U.S., most are waiting for volume to justify the investment. FICO’s survey found the following approaches are being used in APAC:
…the majority of APAC banks have a strategy of multifactor authentication (84 percent). They increasingly use a wide range of authentication methods including: biometrics (64 percent), normal passwords (62 percent) and in last place behavioral authentication (38 percent). Interestingly, nearly half of the respondents (46 percent) are currently only using 1 or 2 of these strategies, potentially leaving them more exposed to attack vectors such as identity theft, account takeovers, cyberattacks.
Overview by Sarah Grotta, Director, Debit and Alternative Products Advisory Service at Mercator Advisory Group