Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space.
In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.
The ever-growing risk of online fraud is a major concern today, for both online merchants and their customers, though retailers have taken increased precautions to heighten security. This is particularly true for the financial-services industry, which will face unique challenges in 2016. According to the latest KPMG Cybercrime Survey Report, nearly 72 per cent of Indian companies faced cyber-attacks in 2015. Emphasizing the current cybercrime scenario in India, the report shows that 74 per cent respondents believe that the banking and financial services sector is a top target for cybercrime, with about 63 per cent indicating that these crimes more often than not amount to gross financial loss.
As technology advances, so has its capability to detect online fraud and cybercrimes before they actually occur. Technology will continue to change the battlefield for fraud in 2016, creating brand new challenges, but also providing companies with new opportunities to combat fraud and be customer champions while doing so.
Below are five predictions on what will shape the fraud landscape, and the fight to prevent and detect fraud in 2016.
#1: Social networks will help fraudsters get more sophisticated
Fraudsters are constantly deploying advanced tactics to attain personal information online. A 2014 Deloitte India study found that 80 per cent of users were concerned about privacy issues on social networking sites, yet almost 60 per cent of them were unaware of what their own account’s privacy settings were. According to the latest Internet Security Threat Report (ISTR) by Symantec, India is ranked No.2 globally in social media scams, just behind the United States.
In 2016, as major social networks become more easily accessible, fraudsters will take full advantage of these capabilities to reach their victims. By closely examining an individual’s status, photos, friends, check-ins and location data – all of which can be easily searched anonymously today- it’s getting easier for fraudsters to create more sophisticated social engineering attacks that trick people into revealing additional information.
The coming year is sure to see a level of automation and scale to these attacks that will continue to surprise us all. For consumers, avoiding these attacks means following simple consumer safety tips: Make your social profiles visible to only friends and family; use strong passwords, change them often; and report phishing attempts.
#2: More fraud will move to mobile
Fraudsters follow the money. The Indian e-commerce industry is likely to be worth USD 38 billion by 2016, according to industry body ASSOCHAM, ASSOCHAM also revealed, that roughly 60-65 per cent of the total e-commerce sales in India are being generated by mobile devices and tablets. As mobile shopping continues to gain popularity with consumers, fraudsters will be sure to up their mobile targets in 2016.
Success in fighting fraud on the mobile platform will depend on how we make innovative use of the unique data and capabilities that the mobile platform creates – from location information to unique IDs. There is opportunity to not only fight fraud well on mobile, but also enable user experiences that are intuitive and easy. For instance, the use of fingerprint sensors in mobile devices is making it easier and more secure for people to authenticate. There will be increased need to focus on innovation and invest in next-gen infrastructure and payment platforms and services.
#3: Financial companies need to do more with less
2015 witnessed a huge transformation in the payments and personal finance space due to the massive growth of financial technology (FinTech) companies in India. Continuous changes in technology will force companies to do more, but with less data. Today, customers can walk into a store with a mobile phone, and tap it to buy an item. Frequently (especially with NFC-equipped devices), the transaction is tokenized, meaning the merchant doesn’t receive any financial or personal information. So instead of knowing customers, merchants find themselves selling to anonymous “guests.” As a result, financial companies will need to find unique ways to do more to verify a customers’ identity with less information about them.
#4: Advanced machine learning combined with human detectives is the need of the hour
According to a joint report by ASSOCHAM and PwC, around 65 per cent of the total fraud cases reported by banks were technology-related. Just as fraudsters take advantage of new technology, the most important tools we’ll see used in 2016 to fight fraud are improvements in technology. However, human intelligence and understanding how your customers interact with your services will remain key to leverage the technology.
In the report “Top 10 Strategic Technology Trends for 2016,” Gartner identified Advanced Machine Learning as one technology that will impact organizations’ long-term plans, programs and initiatives. According to Gartner, “the explosion of data sources and complexity of information makes manual classification and analysis infeasible and uneconomic.” Analytical tools such as advanced machine learning will become even more crucial in predicting and preventing fraud. Even with all this technology, humans are integral in stopping fraud. Techniques like machine learning depend on analyzing the right data with the right parameters, and only humans can make those determinations.
#5: Data and advanced analytics will play a larger role in regulatory and compliance efforts
As today’s digital economy grows, threats and costs are increasing in tandem with various opportunities. According to The Global State of Information Security Survey 2016 conducted by PwC, CIO and CSO, security is the least discussed topic in Indian boardrooms, while across the globe, security has already become a board level agenda. In 2016, private enterprises and government regulators will need to increase discussions about what can and can’t be done with big data and unstructured data.
This year, the use of data and advanced analytics will remain crucial in fighting fraud and cybercrime, and also play a larger role in areas key to payments, like anti-money laundering efforts. India is already receptive to this critical role. Stronger collaboration with regulators, along with greater usage of data, will ensure an effective and scalable approach to meeting regulatory and compliance requirements, while enabling a fantastic customer experience that companies can be proud of. For instance, the ability to use existing transaction data to meet “know your customer” requirements will help improve accuracy and eliminate the need for customers to separately upload information like driver’s licenses and bank statements.
In 2015, the U.S. identity fraud victim count increased by 3% to 13.1 million, but the dollars stolen decreased by 6% to $15 billion, according to Javelin Strategy & Research’s 2016 Identity Fraud Study.
Javelin, also found that the rise of EMV made a significant impact on fraudsters' behavior, doubling the instances of new account fraud. In addition, many consumers who do not trust their financial institutions engaged in behavior that lowered their chances of discovering fraud.
The 2016 Identity Fraud Study pinpointed these four significant trends:
1. There were more identity fraud victims, but less money was stolen. The number of identity fraud victims was at its second highest level in six years, but the amount stolen was at its lowest point in the past six years. Identity fraud, Javelin reported, is a serious issue as fraudsters have stolen $112 billion in the past six years. That equals $35,600 stolen per minute, or enough to pay for four years of college in just four minutes.
2. EMV led new account fraud incidents to double. In 2015, the U.S. transitioned to EMV cards, designed to reduce in-person fraud and the profitability of counterfeit card operations. Fraudsters reacted by moving away from existing card fraud to focus on new account fraud. This drove a 113% increase in incidents involving new account fraud, which accounted for 20% of all fraud losses.
3. Consumer choices negatively impacted fraud detection. The study found consumers who did not trust their financial institutions were less likely to use transaction monitoring, email alerts, credit freezes and black market monitoring. Fraudsters used these consumers’ information longer (by 75%). And, these consumers incurred a 185% greater mean expense compared to victims with high trust in their financial institutions.
4. U.S. consumer data was used in international fraud. The study found that 18%, or $2.4 billion, of money stolen from U.S. cardholders was spent outside of the country. The average dollar amount stood at $1,585 per occurrence, although most consumers did not incur an out-of-pocket cost, as the major card issuers offered zero liability. Javelin said issuers are doing a good job of quickly detecting this type of fraud and are proactively detecting 69% of these cases.
"Fraud is evolving at a frantic pace, although the amount of fraud has been relatively flat over the past four years," Al Pascual, senior vice president, research director, and head of fraud and security for Javelin, said. "This just shows that when the industry cracks down on one type of fraud, criminals quickly shift their attack vector and area of operation. The study this year reinforced that with industry, technology and consumers working in concert, people can best fight back against the fraudsters. The worst thing consumers can do is lose trust in their financial institutions and stop playing an active role in working to detect fraud. Taking a back seat will increase their risk and the damage that occurs if they are fraud victims in the future."
Source: CU Times
Over the next few months, the nation's three biggest banks will start rolling out ATMs that will let customers withdraw currency using their smartphones instead of debit cards -- the latest step toward a future in which phones could replace bank branches and wallets.
The banks' entry into cardless ATMs comes as a small but growing number of Americans are using their phones to send money to one another and to make purchases using so-called mobile wallet apps such as Apple Pay and Android Pay. It also comes as banks are trying to push customers to do more transactions online, on their phones or through ATMs -- all of which are less expensive than transactions done at branches staffed with tellers.
Just as with mobile wallet payments, which make up a tiny fraction of payments overall, analysts expect using a phone to get cash from an ATM probably will start out as a little-used novelty. But over the longer term, it could be one more application that will make customers feel comfortable using their devices as financial tools, leading to a general growth in mobile banking, said Mark Schwanhausser, a director at consulting firm Javelin Research & Strategy.
Banks will offer cardless access to ATMs using either near-field communication -- the tap-to-pay technology used in Apple Pay and Android Pay that connects phones with credit card payment terminals -- or codes that customers get through their bank's mobile app. Using near-field communication, or NFC, a customer Relevant Products/Services would sign in to a mobile wallet or bank app, then physically tap the phone on the ATM and enter a PIN.
For now, Chase is starting with a code-based system, which requires a software update for ATMs but no new hardware. Wells Fargo will start offering code-based access late this year. Those systems require customers to sign in to their bank's mobile app, request an access code and then type that seven- or eight-digit number into an ATM. The codes can be used once and expire in about 10 minutes, features that aim to prevent codes from being stolen or misused. "After that small window of time, it's a meaningless set of digits that can't be used again," said Jonathan Velline, head of ATM banking for Wells Fargo. Though customers might worry about seeing their bank accounts pillaged if their phone is lost or stolen, Ed O'Brien, a director at bank consulting firm Mercator Advisory Group, said accessing an ATM with a phone could prove more secure than using a card.
Fraudsters can steal debit card numbers and PINs by installing tiny devices on ATMs -- a crime known as skimming. Industry estimates put bank losses from ATM fraud Relevant Products/Services at $1 billion in 2008, and it probably has grown since then, according to Mercator. "The magnetic stripe has an issue of security Relevant Products/Services. Someone can duplicate a magnetic stripe, which does happen all too often," O'Brien said. But if a phone is stolen, a thief would have to get past a few layers of security to withdraw cash from an ATM. They'd need to unlock the phone, sign in to the mobile bank app or mobile wallet and, in most cases, know the customer's PIN. Both plan to allow customers to set up an ATM transaction in advance, cutting down on the amount of time they have to spend in front of the machine.
Source: CIO Today
Internet Technology has opened up new scope for the banking systems. It has enhanced our lifestyle up to some extent and it made our lives easier. But at the same time it comes with some risks because of its associated fraud.
According to NIBSS, increasing use of ATM and E-Platform has contributed to accelerated growth of fraudulent activities. According to latest figures, the volume of fraud is going up but actual loss from the attempted fraud is reducing. To know more check out this below info graphic which reflects the fraud data related to Nigeria.
Archive Section[-]  2017