Cybersecurity Europe Fintech Latest News Regtech

Bank scams – SMS  verification has become the global default solution

In spite of regulators making banks implement additional levels of authentication such as two-factor authentication (2FA), UK Finance’s latest set of data reveals that bank transfer scams (APP fraud) is on the rise and cost Brits £456m in 2019.

In an attempt to curb the issue banks are implementing SMS  verification, because it is relatively easy to implement and install the necessary software to deliver it. As a result, banks are relying on this method above all to authenticate their customers. 

However, according to Chris Stephens, head of fraud and security analytics at  Callsign, the fact that SMS is being used as a stopgap is a huge problem:

SMS  verification has become the global default solution for banksHowever, as the criminals are aware that banks are now relying on SMS for 2FA transactions, they continue to abuse and weaken the systems in place and exploit these methods for their own advantageFraudsters typically practise SIM swap fraud, they pilfer personal information about the victim before ultimately contacting the target’s provider to claim that their phone has been lost or stolen.

“There are also unforeseen costs that could stack up for banks as a result of SMS verification. For example, where hiccups occur in the authentication journey, such as  SMS  texts not being received, banks need to be prepared for a significant increase in incoming calls to the customer service helplines, which can be expensive.

 “Furthermore,  SMS  is not a universal solution. For instance, those living in remote or low-service locations may find it difficult to receive  SMS alerts.  SMS  verification is not accessible to everyone and ultimately is not very customer-friendly and filled with friction.  Plus, it relies on having up-to-date phone numbers for all customers, which isn’t an easy feat. For these reasons the European Banking Authority (EBA) are also recommending banks look to alternate options.

“To balance out the high costs of  SMS  and offer an enhanced customer experience, banks should look towards using intelligent authentication, powered by a decision engine to provide a range of more secure, dynamic, and bespoke journeys for customers. They could also opt for passive forms of authentication, which leverage GPS, biometric, and behavioural data to verify a customer is really who they say they are.”

Author

  • Editorial Director of the The Fintech Times

Related posts

Orichal Partners: The Multi-Strategy Crypto Private Capital

Manisha Patel

Culture and Startups in the Land of the Rising Sun

Mark Walker

Organisations Must Not Ignore Threat of Coin Mining Malware

Manisha Patel