The Big Picture
While real-time payments are driving speed and innovation and consumers are taking advantage of enhanced ease of use, immediate funds transfers, and frictionless experiences – so are fraudsters.
With real-time payments comes real-time fraud and the need for real-time fraud detection, prevention, mitigation, and data analytics – including the AI and machine learning (ML) that make these protections possible.
Compounding the speed of fraud is the sheer number of fraudsters attacking.
The influx of fraudsters that emerged over the course of the pandemic is here to stay – creating long-term consequences for financial institutions, such as rising attack volumes, consumer-targeted scams, and zero-day threats that render traditional, rules-based fraud-control methods inadequate.
These challenges contribute to the need for enhanced security, fraud protection, and mitigation – all top tech spending priorities for banks and credit unions in 2023.
- CEOs are most concerned about spear phishing attacks (70%), followed by real-time payments fraud (54%) and data breaches (49%).
- A real concern exists across the board for fraud and security in general, as both financial institutions and fintechs have experienced historically high rates of fraud over the last 12 months – with insider fraud barely registering (4%).
- Phishing attacks and data breaches are considered the top fraud and security threats by all financial institutions over the next two years, with credit unions (69%) more concerned about real-time payments fraud while banks (60%) remain vigilant about ransomware.
What’s Next
Authorized push payment (APP) fraud will continue to rise.[1] APP is a form of fraud in which victims are manipulated into making real-time payments to fraudsters, typically by social engineering attacks involving impersonation.
For fraudsters, this method is easy and the rewards are immediate.
Combatting APP fraud will remain a priority for financial institutions as losses grow. You can also expect the CFPB to clarify questions surrounding APP fraud liability – especially in and around P2P services like Zelle and Venmo. The United Kingdom’s contingent reimbursement model (CRM) may be used as a guidepost for future CFPB action.
As consumer attacks persist, commercial entities will also be targeted with data breaches accelerating. Data harvested from these breaches will be used to wage ransomware attacks against smaller businesses with less sophisticated cybersecurity infrastructures.
Given financial institutions’ renewed focus on serving more SMBs in 2023, authentication and security for digital business banking – as well as the communication between financial institutions and SMBs – must be robust.
What to Do
Mature open-banking rails and growing volumes of financial data exchange broaden the attack surface for a growing array of cybersecurity and fraud threats.
However, financial data exchange is also a powerful new tool for authenticating identity, verifying authorizations, and validating information. Being able to use financial data exchange tools in real-time is key.
With the right systems and data in place, you can communicate in real-time to identify anomalies and malicious patterns across digital behaviors and transactions.
What’s more? Given the most advanced AI/ML and effective security algorithms are now exclusive to the best public-cloud providers, you can continue to migrate applications, data, and tech stacks to zero-trust, cloud-native environments in 2023 and beyond.
Contact a Jack Henry technology expert to help you better mitigate fraud.
[1] Colin Parsons. Fraud Trends and Technology 2023, Verafin, accessed January 2023.
.svg)
