Financial institutions that offer person-to-person payments face two challenges. One is the very occurrence of fraud and scams. Fraud and scams hurt consumers — and, by reputation, the institutions — and the industry can take steps to protect consumers from both. The other challenge concerns perception. It is not unusual for fraud and scams to be conflated. But they are not the same, and the solutions are different.
It’s important to differentiate between “fraud” and “scam” as used in the digital payments arena:
• When a bad operator infiltrates and uses a trusted payment system to steal funds, that’s fraud.
• When a mark unwittingly gives funds to a bad operator, that’s a scam.
You could say that the first requires knowing technology and the second demands knowing people. Both are for bad ends.
Looking at the Challenge of Fraud in P2P Payments
There’s little disagreement that, legally and morally, digital payment service providers should protect users’ funds from fraud and make good when it occurs.
To be sure, industry participants typically do everything they can to prevent fraud. The result is something of a never-ending arms race: the more secure digital payment systems become, the more fraudsters work to outfox them. Back and forth it goes, an ongoing commitment on both sides.
“P2P fraud is not as vast as headlines might lead one to believe.”
P2P fraud is not as vast as headlines might lead one to believe. For instance, throughout the history of the Zelle service, more than 99.9% of payments have been sent without any report of fraud or scams. Since its 2017 launch, barely one-half of one percent of Zelle service transactions have been disputed.
Even as P2P use continues trending up, fraud claims have continued trending down. Much of that is due to the implementation of best practices, such as the following measures that any financial institution looking to better secure real-time payments can implement:
• Deploying controls including login controls, a password reset and new account opening protocols. Risk management begins before a payment is even made.
• Utilizing real-time transaction scoring and flexible machine learning models, bringing in specialized vendors if this expertise does not exist in house.
• Monitoring fraud reports and blocking access to fraudsters and mules when identified. Minimizing the number of false positives without impairing the user experience is critical.
Read more of our payments coverage:
- ‘Real-Time Payments’ Expert Pivots to ‘Chuck,’ a P2P Platform for Community Banks
- P2P Payment Scams Posing New Brand & Reputational Risks for Banks
- Is CFPB’s Mobile Payments Salvo at Apple & Google Good for the Industry?
Looking at the Challenge of Scams in P2P Payments
Whereas digital payments fraud requires a good deal of high-tech expertise, perpetuating a scam requires finding and duping trusting or naive consumers.
Scams are numerous and ever-changing: Nigerian money scams, nonexistent product scams, work-from-home scams, advance fee scams, charity scams, inheritance scams, “I need someone I can trust” scams, found-money scams, suspended or canceled service scams, romance scams, invoice scams, and, as direct marketers so often put it, much, much more.
The wide range of scams is designed to entrap different types of consumers by taking advantage of the range of personal situations in which they might find themselves. Scams can be quite sophisticated. They are often well-researched, often using information obtained from such sources as social media.
“No matter the type of scam, it is ultimately the account holder who must take action to send the scammer funds.”
No matter the type of scam, it is ultimately the account holder who must take action to send the scammer funds. This is as true for P2P payments as it is for cash transactions. And this is why education is so essential. The better able someone is to recognize a scam the better able they are to protect themselves.
Digital payments providers can play a role in helping to curb scamming through education, including:
• Educating users on security best practices and scam awareness. Education and communication empower consumers to protect themselves.
• Training employees to identify scam victims and perpetrators. One of the most effective ways to protect against fraud is to teach employees to recognize signs of scams so they can help consumers avoid falling prey to them, and raise a red flag if they come across a scam in action.
Organizations can take an active stance against scams in additional ways. This can include, for instance, flagging known bad actors and suspicious-looking email addresses (like, say, [email protected]).
In-product messaging can be made unmistakable and intentionally interruptive so that it stands a better chance of being seen and prompting a user to reconsider a transaction. This goes beyond satisfying a “reasonable effort” standard to help customers better protect themselves. Features such as popup warnings that flag first-time recipients of funds and questionable details that should be verified before payment is finalized.
About the author:
Matt Wilcox is president of digital payments and data aggregation at Fiserv.