Payment Networks Innovate (And So Do Fraudsters)
/Online fraud is often described as an arms race, and for good reason.
Payments networks like Mastercard and Visa deploy the latest technology, and merchants find that fraudsters are not far behind (or perhaps ahead) in using tools like artificial intelligence. (The WSJ AI Daily reported fraudsters used AI to imitate the voice of a German executive and direct that €220,000 be sent to a Hungarian firm within an hour.)
Trio of Concerns
In a report prepared for Visa, Forrester found the top three fraud concerns were identity verification, data privacy/data theft management, and transaction monitoring.
“One downside of this advancement in payment technologies is that as payments get more innovative, so do fraudsters,” the research firm noted.
On the positive side, Forrester found that frequency of fraud tied to digital payments was lower than other fraud types, but payments fraud was found to have larger business impacts.
Fighting the Fraudsters
Beyond authenticating users, firms need to monitor transactions and watch for anomalies to guard against money laundering and payment fraud.
As consumers make greater use of mobile payments and P2P, they expose their accounts to greater risk; fraudsters can steal passwords and gain access to the entire account, not just a single transaction.
Firms should move beyond simple two-factor authentication to more sophisticated versions such as time-based one-time passcodes, biometrics, and tokenization to protect user identity, suggests the report.
Forrester urges companies to adapt a holistic approach to fraud management, including feedback loops for continuous improvement. The benefits, in addition to reduced fraud losses, are increased customer satisfaction and reputation protection.
Sophisticated fraud management can also feed into business intelligence and marketing, it added.
“Forrester expects that mobile and P2P payments will proliferate very quickly in the next 18 to 24 months. This mandates that firms 1) use tokenization to protect cardholder data in the event of a breach, 2) ingest as much data around these payments (e.g., IP and geolocation, device attributes, etc.) as possible, and 3) look to vendors that offer out-of-the-box, productized fraud management models for mobile and new P2P payments.”
Using a single vendor with a comprehensive fraud management solution can provide a 360-degree view of a customer and improve accuracy while reducing friction, the report added.