Consumers love the convenience of real-time payments, but detecting real-time fraud takes hyper-vigilance —and collaboration.
This article was written by JKrishanu De and Manan Gauba. The original article was published by Cognizant. You can find the article here.
Consumers love the convenience of real-time payments, but detecting real-time fraud takes hyper-vigilance —and collaboration.
Consumers have flocked to the speed and convenience of instant payments. However, there’s a flipside: instant payment fraud. And it’s a topic that’s not getting nearly enough attention.
At a recent fintech conference, an executive from The Bank of New York Mellon encouraged attendees to proactively tackle instant payment fraud, emphasizing the importance of data and information sharing.
We agree—and have collected several additional considerations for how banks can securely manage instant payments across the multiple networks emerging to support these real-time transactions.
Real-time payments (RTPs) have skyrocketed. The US’s 2023 rollout of FedNow joins the growing roster of RTP networks already implemented by approximately 80 countries.
That’s good news for banks and payment service providers: As RTP networks multiply, it expands these businesses’ reach—that is, they gain more opportunities to transact with counterparties, which invariably attracts a larger customer base.
Equally important, the RTP trend now extends to corporate and institutional clients, and the promise of international RTP is getting closer.
But juggling multiple RTP systems incurs not only complexity and cost but also introduces the possibility of real-time payment fraud. In parallel with RTP’s rapid adoption has been a global wave of scams, including authorized push payment (APP) fraud. Financial crime and fraud are projected to cost banks and financial institutions $40.6 billion annually by 2027 globally.
Network and counterparty collaboration is critical to make this happen. For example, sharing the data characteristics of fraudulent transactions through payment market infrastructures—the systems owned by central banks that allow for safe open payments—will help banks and payment service providers combat counterparty fraud and better protect end customers.
Here are four actions to take for securing RTP transactions across multi-network ecosystems.
Now, customized real-time machine-learning techniques are helping to boost detection by enabling features that confirm a sender’s identity and intentions. Techniques such as specialized behavior-sorted lists, or B-lists, can determine the probability that the debit party is the payment’s authentic originator. B-lists also monitor key attributes of the originator’s payment history and isolate patterns, learning to identify typical behaviors and, conversely, suspicious ones.
First, the right interdiction support must be baked into the payment flow for all RTP clearing and settlement mechanisms. Second, because it’s difficult for any risk scoring engine to classify fraudulent transactions against a pre-defined taxonomy for each RTP network, payment market infrastructures must be able to separate authorized transactions from APPs so the appropriate rule set can be applied.
Another issue is that the classification rules—as defined by the payment market infrastructures—evolve over time. That means fraud detection and command action software needs to be easily customizable to support rule updates.
For banks and payment service providers that process a large volume of RTP transactions, it’s critical to set up a dedicated RTP command center that employs automated responses based on the appropriate scenario-driven rule sets.
One area of collaboration is categorizing and sharing the data per agreed classification models. Another is allowing API access to third-party providers, making data source modification easier. In addition, integration with credit bureaus is crucial for sourcing details such as credit history, eligibility scores and credit types. So is access to payment market infrastructure data, including fraudulent transaction history, watchlists and compliance metadata.
Keeping up with fraudsters takes increasingly dynamic prevention strategies. For example, we are working with a telecom provider to add location data to its security layer, giving it an up-to-the-minute touchpoint to enhance screening. Real-time sharing of data requires carefully designed APIs and cross-industry collaboration, but the dynamic details can help detect anomalies in new fraud tactics like SIM swap attacks or one-time password scams.
Network-level limits are typically defined by the payment infrastructure provider, while banks and payment service providers set participant-level limits. While internal tools like transactional fraud models have been effective in fighting account takeovers and card-not-present fraud, RTP fraud requires more sophisticated tools to detect scams that often appear to be authentic transactions.
Again, collaboration is key: The best approach to tackling this problem is a consortium-based model that’s fed by data sources and detects anomalies in consumer behavior.
Securely managing instant payments across multiple networks takes hypervigilance and collaboration. But in an increasingly real-time world, it’s a must-do for banks and payment service providers.
Tailored B2B information solutions. We collect and integrate vital intelligence, empowering your growth strategies and competitive edge. Accelerate your pathway to success.
© 2024 Calleo Solutions (Pty) Ltd. All Rights Reserved.
© 2024 Calleo Solutions (Pty) Ltd. All Rights Reserved.