Payment fraud types and how to prevent them

PPRO had the chance to attend the Fleming Fraud Management in the Finance Industry Forum this year and I’d like to share some payment fraud related information of the event with you. The event targets risk and compliance managers from banks, payment schemes, acquirers but also from other businesses outside of the payments area. This year’s topic was “Shine light on fraud issues of experienced today & expected tomorrow”.

A significant part of the speeches was about a problem we also face in our business: payment fraud. Major banks as well as payment scheme operators suffer from payment fraud related issues. This includes typically the following types of payment fraud.

Phishing: a growing number of professionals focused on obtaining the secret online banking details of bank consumers such as their user names and passwords on one hand but also their security confirmation codes such as TANs. These types of fraud patterns are usually driven by malware on the victims’ cell phone or computer but also by “clever” phone calls to victims (so called “social engineering”). This type of fraud is highly developed and organised these days.
Access abuse: this means that persons (either in companies or privately) who are not entitled to know the bank details of another person or the company get access and use them in fraudulent ways. This could be children using the online banking or credit card details of their parents for shopping online or employees using corporate bank accounts for gambling.
Friendly fraud: in a limited number of fraud cases it turned out that the owner of a bank account made a payment himself and then tried to get refunded by reporting fraud because he was, i.e. not satisfied with a delivered good.
The last point represents only a small portion of payment fraud and is something the banks need to manage between them and their consumers. The merchants however can avoid such cases by offering refund solutions and having a competent consumer support in place. If consumers have the option to speak to the merchants directly, friendly fraud attempts will decrease.

For the other two activities which stand for the majority of payment fraud attempts there is one general measure for prevention: education of consumers, no matter whether employees of big corporates or just you and me. If everybody was aware of the risks of fraud and kept their online banking details secure this would make fraudsters’ lives much harder. Check out, i.e. Nordea’s (a financial services group for the Nordics and Baltics) educational video

http://www.nordea.com/Our+services/Policies+and+support/Safe+online+banking/Online+threats/1681782.html.

I feel this is a very good example of education and want to encourage everybody to keep in mind: banks can only protect in technical ways, such as secure websites, TANs etc. But it’s up to consumers to treat their banking details carefully!

More on: http://finance.flemingeurope.com/fraud-management-forum