By Vaibhav Todankar
With businesses digitizing across their value chains at breakneck speed, multiple payment platform options have sprung up for the customer. Online payments are the most popular form of transaction in the world today. Be it cards, UPI, mobile wallets, internet banking, PoS terminal or mobile banking – India is driving the global digital economy and has clocked about 70 billion digital payment transactions in 2022—the highest in the world, as per data collection portal Statista. This is in sharp contrast to the corresponding figure of 44 billion in 2021.
Also, according to a Nasdaq estimate by the year 2040, 95 percent of all purchases will be through e-commerce. Consumers are relying on mobile channels for shopping more than ever, and in the years to come, preference for online payments via mobile devices is only expected to grow. With digital-native startups entering the ecosystem and work-from-home models becoming a norm in the pandemic era, organisations have become more susceptible to payment data leaks. Since open remote access has now become easier outside the firewalled confines of an organisation, the scope of exploiting digital payment systems to carry out malicious activities has widened for fraudsters.
As consumers engage more online; banks, payment providers, merchants, and other players in the payments space are deploying advanced cybersecurity technologies like biometrics, artificial intelligence (AI), and machine learning (ML). Given the sharp rise in fraudulent activities, an effective fraud management system has become a necessity for financial institutions. Henceforth, this year’s Union Budget, not only received special incentives for AI and ML technologies and platforms but also keen attention to cyber security initiatives. The Ministry of Electronics and Information Technology (MeitY) has been allocated a sum of Rs 400 crore under Cyber Security projects and Rs 225 crore for Indian Computer Emergency Response Team (CERT-In). Also, the National Data Governance policy, declared by the Finance Minister will create a secure channel to access anonymized data. This puts the focus on strengthening the digital infrastructure against types of cyber fraud.
What is payment fraud?
Payment fraud occurs when someone steals another person’s payment information and uses it to make unauthorized transactions or purchases. Online payment fraud is the top concern for the payment ecosystem comprising banks, networks, payment gateways, sellers, merchants, customers, and buyers who interact with each other. According to PwC’s report titled: ‘Global Economic Crime and Fraud Survey 2022’, 45 percent Indian firms reported cybercrime as the second biggest fraud after customer frauds (47 percent) involving mortgage, credit cards, claims and cheques to name a few. As many as 52 percent Indian organizations had experienced fraud or economic crime in the last 2 years as per the report.
But how do people commit fraud in the first place? Typically, they use payment channels that are most vulnerable to fraud. Let’s take a closer look at some of the most common tactics fraudsters use on these payment channels:
- Identity theft
Identity theft occurs when a criminal impersonates someone for the purpose of committing fraud, using the person’s private information such as a social security number or banking information. There have been several incidents involving banks and fintechs where fraudsters have used personal information like PAN/Aadhar or social media to gain access and initiate online payments.
- Account takeover
Account takeover fraud (ATO) is a top threat to financial institutions. It is the theft of the victim’s login credentials to steal funds or information. Fraudsters gain access by digitally breaking into a financial bank account or a digital wallet and affect the transfer of funds. Fraudsters often resort to phishing, wishing or malware for duping unsuspecting customers.
- Phishing
Phishing is a type of cyber-attack that happens when fraudsters pose as customer service executives or send fraudulent communications that appear to come from a credible source. The goal of these impostors is to steal credit cars, login information or install malware on the victim’s phone. They could also convince unsuspecting customers to update their KYC online, obtain confidential data, and then perform illegal transactions.
Why fraud management solutions are important
Fraud is not just about financial cost- it also impacts customer loyalty, leads to loss of reputation, and brings huge liabilities for financial institutions. This is why it is crucial to develop risk mitigation measures that eliminate the need to review transaction alerts and reduce operational costs like chargeback fees, merchandise distribution, fraud investigation, legal prosecution and software security. As Covid-induced consequences continue to play out, developing the right solutions deliver a range of benefits right from driving down costs and risks, improving customer satisfaction, and enhancing small business resiliency, to the recovery of the overall economy.
Reshaping the payment ecosystem with ML and data analytics
In the face of the increasing pace and volume of fraud threats, businesses can leverage technological tools like machine learning and data analytics to help detect, mitigate, and customize fraud solutions based on their needs. Here’s how some of them are implementing fraud mitigation plans:
Fraud Analytics
Detection and prevention of fraud need work. The only way to minimize the risk of fraud is by detecting irregularities at all stages of a transaction. New technologies and tools must be leveraged to support constant monitoring and surveillance by companies, banks and fintechs. As per a report by the Association of Certified Fraud Examiners (ACFE), a typical fraud can cause a median loss of $117,000 per case and lasts about 12 months before being detected. However, the proliferation of data-science-backed technology and fraud analytics tools can drastically reduce detection time, mitigate risks and minimize losses.
A combination of various quantitative sciences such as Business Intelligence (BI), data mining, Machine Learning (ML), and Artificial Intelligence (AI)- fraud analytics delivers solutions that help detect, understand, predict, and prevent fraud. Fraud analytics tools can also analyze large volumes of Know Your Customer (KYC) and payment transaction data to trace fraudulent activities and spot anomalies or behavior that does not align with regular transaction patterns. These smart tools are especially important for the payments industry helping banks, NBFCs, fintech and insurance companies to identify and prevent fraud, as well as manage anti-money laundering activities.
In fact, state-run banks may soon move towards more data-driven decision-making by having specialised verticals for big data and analytics in place. This will speed up the detection and mitigation of frauds, as well as the tracking of stressed borrowers who may default on payments. With fraudsters getting more and more tech-savvy, investing in data analytics technology go a long way in combatting all forms of fraud – payment cards, online transactions, friendly fraud and even first-party (customer) fraud.
Machine learning
Today’s machine learning-based fraud systems can point to emerging vulnerabilities and adapt to changing behaviors using automated model building. Machine learning evaluates how many customers are using a particular IP address, their countries of origin, and those that are known for incidents of fraud as well as device fingerprints. Applying machine learning can detect fraud in scenarios like document forgery, form jacking credit card details, fake applications, payment frauds and mimicking buyer behavior.
Enhancing payment security: The road ahead
The wide adoption of new-age payment instruments will continue to pose security risks in the future. Given the fraud trends over the years, financial institutions must adopt a dynamic fraud risk management framework that can be embedded into overall customer engagement, instilling consumer confidence in digital payments. Banks and digital payment providers in the ecosystem must form strategic partnerships with fintechs and invest in next-level technology, biometric authentication, real-time monitoring of frauds and blockchain to create major transformational disruptions in the digital payment fraud prevention space.
(Vaibhav Todankar is CEO – Retail Business at In-Solutions Global Ltd. Views expressed are author’s own.)