Story image

Immediate payments: The fraud threats and solutions

11 Sep 2017

The losses faced by the financial services industry as a result of fraudulent activity are too often seen as just another cost of doing business. With immediate payments coming to Australia later this year, local banks and credit lenders need to be increasingly aware of the heightened risks they are introducing their customers to.

Immediate payments, expected to roll out in this half of the year, will allow customers of different banks to make digital payments in real time, rather than taking the usual two to three days. The technology behind the new system comes in form of the National Payments Platform (NPP) – a joint project between the banks, managed by the Reserve Bank.

To date, Australian banks and credit providers have had the advantage of 24 hours or more to stop fraudulent transactions before they clear, however with inter-bank transactions removing this buffer, a reactive approach to cyber threats will no longer suffice.  

Fraud cases rise in countries where immediate payments rollout

Due to the global nature of fraud, there are incredibly valuable lessons to take from countries including the UK, Singapore, Mexico and Japan, already operating real-time payment systems.

The UK was the first country to transition to an immediate payment environment in 2008 and following the launch, online banking fraud increased from £22.6m to £52.5m in 2008 (around 132 per cent) according to a 2016 research paper Risks in Faster Payments, by Julius Weyman from the Federal Reserve Bank of Atlanta. Online bank fraud increased a further 14 per cent in 2009 to £59.7m.

If we assume a similar increase in online fraud to occur here in Australia, CNP fraud could rise from a total of $378m to approximately $869.4m in 2017 (based on the APCA data). So what are the countermeasures that Australian banks and credit providers can put in place to keep Australians’ bank accounts protected from cyber criminals?

Keeping a step ahead with adaptive anti-fraud solutions

With learnings from the rollout of real-time payment systems in other countries, Australian banks and credit providers are in a position where they can pre-empt potential news threats. Moreover, Australia is in the beneficial position of being able to utilise anti-fraud technologies that have had time to evolve and adapt.

There are several new technologies now available, from machine learning to device authentication and behaviour biometrics that banks can utilise to better protect their customers.

 Smart and autonomous fraud prevention solutions that utilise detection and prevention technologies are ensuring fewer fraudsters are slipping through the net, however in order to ensure genuine customer experience is not hindered, banks need to adopt a holistic approach.

Experian learned this first-hand when working with major players in the UK and South Africa during the implementation of faster payment systems. The biggest issue was that the criminals were adapting faster than the banks; a limiting factor being that many banks’ fraud strategies did not allow for the trial and deployment of new fraud technologies.

By blending any disparate anti-fraud product or service through a single program, banks and credit providers can build a tailored fraud defence. With cyber threats continually evolving – the platform’s strategy design capabilities enable fraud and compliance teams to quickly address new vulnerabilities.

Australian banks face big challenges in the year ahead, and it will take a new level of proactivity – in alignment with a suite of watertight fraud defences – to ensure minimal risk for themselves and their clients.

Article by Suzanne Steel, managing director, Experian A/NZ.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.