Increasing payment speed and infrastructure complexity is leading to rising payment fraud rates. When it comes to the risk assessment and authentication of real-time payments transactions, the time window for analysis has shrunken to pretty much zero. Some of the challenges banks and credit unions are dealing with today include:
Significant change and complexity added to existing payment infrastructures – This includes new payment rails such as TCH’s RTP® rail and the FedNow rail planned for launch in 2023. We have also seen an explosion of new settlement methods that range from contactless payments, mobile wallets, P2P payments, push-to-card and API payments. In addition, financial institutions are contending with correlation between legacy systems and new protocols built for advanced data leveraging, such as remittance data, fueled by ISO20022.
A time settlement gap – While payment transfers made using real-time payments systems are instant, clearing by pre-existing payment systems is not. In fact, some ACH transfers can take up to three days to settle, while card payments could take weeks.
With faster, irrevocable payments services also comes faster fraudsters – Most financial institutions do not have the real-time decision tools for payments being sent, making it impossible to catch and prevent a fraudulent payment between the times a transaction is initiated and completed. Common attacks we are seeing on the rise include account takeovers, malware attacks, money mules, fake accounts, application fraud, authorized push payment fraud and business email compromise scams.
The result of these challenges? More real-time payments fraud, mounting financial losses and new questions surfacing over who is liable for the recouping of funds.
Taking a preemptive approach towards real-time payments fraud requires us to start thinking real-time. A hybrid approach made up of real-time data acquisition, event monitoring, configurable rules-based alerts, and continuously updated supervised and unsupervised machine learning models is the key to:
- Continuously screening for known fraud patterns and spotting suspicious transaction activity, account takeovers, money mules and push payment fraud in milliseconds
- Picking up on new fraud patterns that may relate to malware attacks, internal fraud attacks or malicious code inserted into a transaction message field
- Improving the precision of risk scoring and accuracy of transaction blocking to stop real-time payments fraud from happening at all
Thinking real-time means that risk scores are derived from machine learning models that continuously rebuild individual customer models every time an event occurs. It also means continuously screening for behavioral patterns and real-time payments anomalies such as:
By adopting a real-time approach to real-time payments fraud, risk advice and action can be assigned in milliseconds, with the option to set up blocking of these transactions at the firewall or application layer. The result is speedier detection and prevention, more approved transactions and increased customer trust and safety.