If there has been one main trend this year, it has been the digital transformation of services. Particularly when it comes to payments, the uptake of digital wallets and other payment methods has increased tenfold. However, unfortunately with this increase in online services also comes an increase in potential fraud opportunities.
Someone who knows all about this is Yinglain Xie, CEO of Datavisor, fraud detection company with solutions powered by AI technology. Having previously worked at Microsoft, Yinglain has over 10 years of experience in security, specialising in fighting large-scale attacks with AI and Big Data technologies.
Here she shares her views on digital payment options, the downfall of cheques and what this means for potential fraud.
Digital wallets. Peer-to-peer cash apps. ACH and debit cards. In just decades, these digital payment options have risen in popularity because of their convenience and the speed at which they enable money transfers. In 2020, Covid-19 and the urgent need to reduce the spread of infection have accelerated the adoption of digital payment methods. A casualty of this trend? Paper cheques.
The number of paper cheques has dropped roughly 1.8 billion a year, and at this pace, they’re likely to disappear completely. Not only do paperless transactions reduce waste and processing time, they eliminate the risk of cheque fraud, which has risen 65% since 2015. According to the FTC, individual losses from cheque fraud are 6X higher than losses from all other types of fraud, and in 2019, Americans reported more than 27,000 fake cheque scams with associated losses exceeding $28 million.
But as paper cheques are replaced by digital payment methods, new challenges emerge. Digital fraud associated with cash apps, card-not-present (CNP) transactions and wireless transfers is also on the rise — and increasingly hard to fight.
With change come challenges
People used to write paper cheques for many reasons — for example, to pay their gardener, piano teacher or other service providers. But social distancing orders deter face-to-face interactions, and today it’s much more common for service providers to request money digitally. Similarly, digital payments are a new standard for B2B organisations, as they look for ways to automate processes and reduce administrative overhead. Electronic invoice payments cost 60% less than paper-based payments — and they’re much faster, improving the recipient’s experience with the organisation.
The total transaction value of digital payments is expected to reach nearly $4.8 trillion, and in fewer than five years, half the world’s population will be armed with a digital wallet. This rapid shift in the payment industry has put financial institutions at risk, because they lack experience and understanding about the methods fraudsters use to launch attacks through these new platforms.
Legacy fraud solutions must have access to historical data, in order to train their detection models to recognise suspicious activity. These solutions rely on rules and trained labels. Since many of the payment options people use are so new, historical data or trained labels just don’t yet exist. Fraudsters constantly change their attack methods, and reactive solutions such as pure rules-based systems can’t keep up.
What does digital payment fraud look like? It comes in myriad forms. A fraudster may use online marketplaces to collect money for non-existent goods via cash apps like PayPal or Velle, use stolen credentials to create fake Peer-to-Peer (P2P) accounts for making purchases. If a fraudster has someone’s account credentials, they can easily send a money request, and most people will trust that it’s legitimate. Fraudsters may take over bank accounts and issue ACH payments to their created accounts — which is hard to do with physical cheques but easy now that everything’s digital.
Compounding the problem, new payment options are being introduced to market in rapid succession. For example, in the digital wallet market, PayPal and Venmo were two of the earliest players, followed by Google Pay in 2011, Apple Pay in 2014, Samsung Pay in 2015 and Zelle in 2017. Now a plethora of apps are available: GrabPay, Touch n Go, vcash and more. Reactive methods of fraud detection can’t keep pace with the rapid innovation occurring in this space — and this leaves users and their financial institutions extremely susceptible to fraud.
Digital payments are vulnerable, but they also enable better insights
With a paper cheques, transactions are local, and often involve face-to-face contact that makes fraud difficult or impossible, for example, when you hand a check to your gardener. Digital transactions lack those safeguards. However, it’s not all negative. Whereas the digital payment format might make it easier for bad actors to commit fraud, it can also make it easier to catch them in the act.
In paper-based processes, data collection happens in siloes. For example, people accepting account applications don’t exchange information with those collecting cheques, and data can’t be correlated to reveal patterns. On digital channels, it’s much easier to close that gap.
The proactive approach should be taken, which differs significantly from how legacy rules-based fraud detection works. Rather than learning everything about a past threat or certain fraud type and creating rules and labels based on what’s happened in the past, it is time for us to adopt a proactive approach that analyses all data holistically and applies predictive analytics to treat the root cause of the problem at the account level before a specific attack is successful.
In addition, advanced algorithms that learn and adapt in an unsupervised manner can be used to flag suspicious activity, even if the patterns are unknown. So-called unsupervised machine learning (UML) algorithms will be especially critical as innovation in the payment industry continues to accelerate. All together, by centralising intelligence from every customer interaction — account applications, payment transactions, device intelligence, user behaviour and more — you can leverage advanced machine learning techniques to identify unknown, fast-evolving patterns of fraudulent activity in real-time.
Get a Step Ahead of Payment Fraud
As cheques disappear and new digital apps emerge, fraudsters will continue to find ways to exploit them. But with a proactive approach, organisations can protect themselves from unforeseen attacks. Rather than waiting to find out what fraudsters have up their sleeves, use the unique characteristics of the digital payment format to gain actionable insights and cut fraudsters off at the pass.