By Andrew Davies, VP, Global Market Strategy, Financial Crime Risk Management, Fiserv
Real-time payments are no longer the future—they are here today. More than 17 countries worldwide have real-time payment infrastructures, with initiatives underway in another five. In 2015, banks were predicted to have handled more than $400 trillion non-cash payments globally. Bank revenue from non-cash transactions was expected to exceed $350 billion, including $140 billion in North America, $120 billion in EMEA (Europe, Middle East, Africa), $80 billion in AsPac (Asia-Pacific) and $20 billion in Latin America.
For today’s consumers and businesses, payments require speed, security and convenience, no matter what channel they are using. In order to successfully implement and support real-time payments, financial institutions (FIs) must now think differently, offering a more customer-centric service while also investing in the right technology that allows customers to bank the way they want, when they want. The FI must protect the safety and security of its transactions and customer information at the same speed.
With this revolution well underway, what does an FI need to remain competitive and provide customers with the service and security they demand and deserve?
New payments bring about new methods of fraud
As domestic and international payment markets evolve and payment channels progress, FIs face a growing variation of fraud techniques across multiple channels. New real-time payment-settlement systems offer businesses and consumers speed and convenience, by allowing them to initiate and make payments instantly with their mobile devices or through contactless payments. However, with real-time settlement comes a greater fraud threat, increasing banks’ and bank customers’ fraud exposure.
According to Accenture, the number one concern of customers inhibiting adoption of innovative payment products is a concern about security. Payments fraud is becoming more sophisticated and widespread, with criminals frequently using multiple channels and payment methods to attack customer accounts. For example, when Faster Payments was implemented in the UK in 2008, banks saw a 132-percent increase in online banking fraud compared to 2007.
As a result, traditional methods of identifying suspicious activity are no longer adequately protecting institutions and their customers. To effectively combat real-time payments fraud, a holistic approach to fraud management must be in place, which includes following a number of steps to create a robust defence.
Utilise real-time fraud rules and scorecards
Real-time scoring, case management and industry-level predictive models solve problems presented by false positives. These tools can enable FIs to decline the most suspicious transactions before loss is incurred by accurately scoring transactions for fraud risk across a full range of electronic and mobile-payment channels.
Setting up rules and custom scorecards helps institutions better detect and prevent fraudulent transactions in the most cost-effective way. By looking at different risk indicators, such as sudden changes in payment types or channels used by customers or unexpected international transactions, banks can create a series of fraud rules and generate an overall score for each.
This approach is critical to expose and prevent “flash fraud” threats, in which criminals detect an unknown weakness in a fraud system and initiate as many transactions as possible before this loophole is closed. Robust fraud-prevention systems with customised rules and scorecards help banks rapidly respond to vulnerabilities, fine-tune their logic for “decline, hold or approve” strategies, and define and implement rules that can restrict the offending activity in real-time.
Participate in data and predictive consortiums
Data is an extremely effective tool when looking to combat payment fraud, particularly when working in real-time. Customer data is vital when it comes to detecting fraud patterns, including the frequency of transactions, time of day, velocity and size of the payments typically made, as well as through which channels. If a particular transaction falls outside what is deemed a normal behaviour pattern, alerts can be generated and forwarded to fraud analysts in real-time for further investigation.
Data analytics also apply in a predictive consortium to deliver the most advanced protection and can be particularly useful for pattern-recognition modelling. This approach requires banks to pool data on legitimate and fraudulent electronic-payment transactions, to help determine fraud patterns and flag potentially fraudulent transactions based on similar characteristics. Leveraging high-level fraud-pattern data analysis, banks can implement real-time scoring of payment transactions, where high- risk payments can be flagged immediately wherever they are initiated.
By implementing real-time automated responses, suspicious transactions can be suspended before losses are incurred, allowing FIs to act quickly and stop fraud losses before transactions leave the bank. The result is banks can continue to provide the best experience and security for customers and also ensure that they can take advantage of more convenient payment services.
Ensure simple, yet multichannel, integration
To overcome traditional fraud-detection systems, criminals are increasingly coordinating attacks using multiple interaction channels. Denial of service (DoS) and other attacks are often used to mask payment fraud on a network, requiring a more tightly integrated and holistic view of payment activity.
FIs must have visibility into customer activity across all payment and interaction channels, and ensure they are closely integrated with their core payment platforms for the process to work seamlessly. This approach will help to ensure multichannel coverage is achieved and will enable FIs to capture payments from all channels, applying the same sophisticated fraud-prevention logic across the business. Payment-fraud systems need to integrate with a range of other fraud- prevention systems and models, enhancing their capabilities in order to optimise fraud-prevention strategies and ensure that all cases of fraud are effectively managed and resolved.
In order to be ready and to take advantage of the benefits of real-time payments, a holistic, data-driven approach to fraud protection is required to offer the most robust defence. FIs can then detect the necessary suspicious transactions and fraud indicators to ensure risks are prevented, and genuine transactions can be settled quickly and securely for the optimum customer experience. Today’s banking customers expect a different kind of banking, one that provides services in real-time and protects them from fraud. Institutions must adapt their approaches to ensure they can meet the demands of their customers, providing them with fast, safe and reliable banking services that fit with the pace of their lives.