How payments fraud can be fought with trusted collaboration

Be the first to comment

How payments fraud can be fought with trusted collaboration

Contributed

This content is contributed or sourced from third parties but has been subject to Finextra editorial review.

Fraud remains a mainstay issue across the globe, with financial institutions (FIs) required to adapt to continually evolving tactics to evade detection systems and processes. In the case of payments, the cost of fraud is predicted to hit US$40.62 billion by 2027.

With the payments landscape undergoing a radical shift as digital, real-time transactions become the norm, being positioned to mitigate fraud while also meeting client expectations for speed and convenience is paramount. This means providing solutions that are robust, accurate and efficient – optimising straight-through processing (STP) without compromising on effectiveness in order to cater to the demands of businesses looking for real-time capabilities.

Like fraud techniques themselves, fraud prevention strategies are becoming more sophisticated in line with the emergence of innovative, technology-driven risk mitigation capabilities. In particular, enriched data has the potential to be a gamechanger in helping FIs to identify fraudulent transactions.

However, resource constraints and data protection and privacy controls can make accessing the type and breadth of reliable data needed challenging to say the least.  One promising answer is collaboration with trusted, shared data networks allowing users to view information and leverage insights through sophisticated cooperation.

The state of play: verification and variable data services

Currently, there are two key strategies that many banks are utilising to spot fraudulent payments and stop them in their tracks.

The first is data verification using a set of pre-determined questions. For example, does the account exist? Who owns the account? Is the account flagged as blocked, or related to previous fraudulent activity? These are all questions that can be validated by data verification systems. By providing answers to these questions, usually in the form of a binary yes or no, this style of verification is a first line of defense, prior to a client sending the payment.

Verification systems have existed for several years. One such example is the Automated Clearing House (ACH) prenote. By sending a zero-dollar payment, the ACH prenote can ensure that an account is open before validating the actual payment, allowing it to verify an account for fraudulent purposes, and also reduce the cost of a returned transaction. However, this method is far from perfect, with the ACH prenote often taking several days to process.

A growing number of banks and fintechs are building more advanced account validation capabilities, suited to modern day expectations. These solutions, for instance, allow account ownership to be validated, rather than just the status – and in real-time. With a deeper understanding of the account to which the payment is being sent, more informed decisions can be made, quickly and efficiently.

The next key point at which fraud can be prevented, and where the second set of controls are applied, is after the FI has received the request for payment, but before it disburses the payment to the beneficiary. This is achieved by defining a set of rules that reflect a company’s typical business activity. By applying and collecting a variety of inputs, variable data services can then formulate a score-style judgement, which in turn flags anomalies and determines confidence levels in payment authenticity.

If a transaction is found to be anomalous against the pre-set parameters, manual intervention is required. The company making the payment will be alerted and asked to either authorise or reject it. Data-driven services such as this can significantly reduce the number of false positives, which create unnecessary work for banks and their clients.

Collaborating to unlock the full potential of data

In applying these controls, FIs typically rely on two sources of information. The first is proprietary data gathered from within its own organisation or its correspondent banking network; the second is wider industry data, which can be gleaned from third party sources, such as Early Warning Systems.

Yet, for data driven fraud detection to be as effective as possible and truly optimised, greater collaboration is needed to ensure industry data is available to all. Shared data networks enable industry data to be gathered and used in a manner that facilitates cooperation and collaboration across borders and sectors to tackle shared challenges effectively and efficiently.

Some collaborative efforts have already begun. For instance, leveraging artificial intelligence (AI) and machine learning (ML) models has allowed SWIFT, working together with  banks to explore new technologies and strategies for predicting and preventing fraud. As with many AI/ML models, the accuracy and reliability of the technology is expected to grow with time, so benefits can be reaped for years to come.

There are also some publicly available capabilities helping to improve accessibility for smaller banks and financial institutions. The Federal Reserve has developed a Fraud Classifier Model. Should a fraudulent payment slip through the cracks, the model helps to define the type of fraud that has occurred. This is with a view to inform data models and better identify it in the future.

Facilitating the inclusion of smaller institutions in data sharing networks is also important in further augmenting the quality of the data, levelling the playing field across the industry in terms of access, and creating a more robust fraud prevention ecosystem. Investments of larger banks in building networks will help to drive the industry forward on this front.

Maintaining privacy

There is a growing belief that collaborating to share data is the future of fighting fraud. But is sharing data somewhat at odds with data privacy regulations? Efforts to address such issues are underway. Already, the White House has announced a partnership with the UK to develop new Privacy Enhancing Technologies (PETs), which allow intelligence to be gleaned from multiple sources, which can also be owned by multiple parties. New innovations mean that PETs could allow insights to be derived from this data, without it leaving its current residence.

There are several other approaches available already that could potentially balance data sharing and privacy concerns. Double-blind machine learning, masking the source of data, and decentralised data-sharing networks using distributed ledger technology (DLT) are all other potential mechanisms through which networks can be built while considering data privacy issues.

The fight of the future

Although concerns about data privacy persist, it is hard to picture a future where collaboration is not involved in the fight against fraud. With increasing standardisation and more developed interoperability, cross-industry vulnerabilities can be minimised – meaning there are less opportunities available for fraudsters to exploit.

Collaboration, particularly for smaller institutions, will ultimately be central to enhancing fraud prevention efforts, by levelling the playing field and sealing off gaps that fraudsters may slip through. Large banks can lead the charge on advancing this collaboration with efforts like building networks with SWIFT and the Federal Reserve.

Channels

Comments: (0)

/security Long Reads

Robert Marsh

Robert Marsh QA Tester at Metia

Edge Browser

/security

Hamish Monk

Hamish Monk Reporter at Finextra

How to recover from a data breach

/security

Scott Hamilton

Scott Hamilton Contributing Editor at Finextra Research

Why don’t Canadians trust data providers?

/security

Contributed

This content is contributed or sourced from third parties but has been subject to Finextra editorial review.