SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Immediate payments: The fraud threats and solutions
Mon, 11th Sep 2017
FYI, this story is more than a year old

The losses faced by the financial services industry as a result of fraudulent activity are too often seen as just another cost of doing business. With immediate payments coming to Australia later this year, local banks and credit lenders need to be increasingly aware of the heightened risks they are introducing their customers to.

Immediate payments, expected to roll out in this half of the year, will allow customers of different banks to make digital payments in real time, rather than taking the usual two to three days. The technology behind the new system comes in form of the National Payments Platform (NPP) – a joint project between the banks, managed by the Reserve Bank.

To date, Australian banks and credit providers have had the advantage of 24 hours or more to stop fraudulent transactions before they clear, however with inter-bank transactions removing this buffer, a reactive approach to cyber threats will no longer suffice.

Fraud cases rise in countries where immediate payments rollout

Due to the global nature of fraud, there are incredibly valuable lessons to take from countries including the UK, Singapore, Mexico and Japan, already operating real-time payment systems.

The UK was the first country to transition to an immediate payment environment in 2008 and following the launch, online banking fraud increased from £22.6m to £52.5m in 2008 (around 132 per cent) according to a 2016 research paper Risks in Faster Payments, by Julius Weyman from the Federal Reserve Bank of Atlanta. Online bank fraud increased a further 14 per cent in 2009 to £59.7m.

If we assume a similar increase in online fraud to occur here in Australia, CNP fraud could rise from a total of $378m to approximately $869.4m in 2017 (based on the APCA data). So what are the countermeasures that Australian banks and credit providers can put in place to keep Australians' bank accounts protected from cyber criminals?

Keeping a step ahead with adaptive anti-fraud solutions

With learnings from the rollout of real-time payment systems in other countries, Australian banks and credit providers are in a position where they can pre-empt potential news threats. Moreover, Australia is in the beneficial position of being able to utilise anti-fraud technologies that have had time to evolve and adapt.

There are several new technologies now available, from machine learning to device authentication and behaviour biometrics that banks can utilise to better protect their customers.

 Smart and autonomous fraud prevention solutions that utilise detection and prevention technologies are ensuring fewer fraudsters are slipping through the net, however in order to ensure genuine customer experience is not hindered, banks need to adopt a holistic approach.

Experian learned this first-hand when working with major players in the UK and South Africa during the implementation of faster payment systems. The biggest issue was that the criminals were adapting faster than the banks; a limiting factor being that many banks' fraud strategies did not allow for the trial and deployment of new fraud technologies.

By blending any disparate anti-fraud product or service through a single program, banks and credit providers can build a tailored fraud defence. With cyber threats continually evolving – the platform's strategy design capabilities enable fraud and compliance teams to quickly address new vulnerabilities.

Australian banks face big challenges in the year ahead, and it will take a new level of proactivity – in alignment with a suite of watertight fraud defences – to ensure minimal risk for themselves and their clients.