Account takeover represents more than half of all fraud cases for its customers in India, revealed a report by BioCatch, a digital fraud detection firm powered by behavioural biometric intelligence. “Accounting for 55 per cent of all fraud in India, third-party account takeover fraud still represents a bigger slice of the fraud pie than the social engineering scams BioCatch sees exploding elsewhere on the planet,” it said. The findings come on the heels of a recommendation by the Reserve Bank of India (RBI) that financial institutions abandon text-based one-time-passcodes as a method of secure authentication.
“The existing OTP-based authentication doesn’t protect customers against new-age frauds, including customer-initiated fraudulent transactions,” counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank, Charanjeet S Bhatia said in response to the RBI recommendation. “With the right technology and implementations, banks can do a lot more than what they are currently doing to protect customers.”
BioCatch’s 2024 Digital Banking Fraud Trends in India report offers an in-depth look at the latest fraud risks and prevention strategies for banks in the country as they rapidly employ digital transformation strategies. The report also notes a concerning bump in mule accounts in India, in line with what BioCatch data shows as a growing global threat. At one partner bank in the country, BioCatch found nine out of every 10 mule accounts went undetected. It said that while 86 per cent of the first session of documented mule account activity came from within India, after a month that number fell to just 20 per cent and 16 per cent of those sessions used a VPN.
BioCatch customers saw more mule activity (14 per cent of the total) in Bhubaneswar than anywhere else in the country. While Lucknow and Navi Mumbai accounted for 3.4 per cent of recorded mule activity, two cities in West Bengal – Bhagabatipur and Gobindapur at 1.7 per cent and 2.6 per cent respectively, Mumbai at 2.2 per cent, Bengaluru at 1.8 per cent, and Cuttack recorded mile activity at 1.6 per cent.
“The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space. The mule accounts banks succeed in identifying almost certainly represent just the tip of the iceberg. Indian financial institutions must employ more robust security measures to both detect and then shut down these sprawling mule networks,” said BioCatch Director of Global Fraud Intelligence Tom Peacock said.
The report underscored the urgency with which Indian banks must bolster their fraud defenses. “The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region,” BioCatch’s APAC Vice President of Sales Richard Booth said. “All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day. To combat this onslaught of fraud and financial crime, BioCatch continues to believe that banking and financial institutions need as much intelligence on the criminals, their tactics, and their fraud arsenals as possible. Our India report provides much-needed intel, and hopefully spurs these banks to rapidly adopt advanced defenses to stay ahead of a ceaselessly innovating group of fraudsters and criminals operating domestically and around the globe.”