Fraud & Security Mobile Payments Fraud: How Strong Is Your Defensive Line?

Fantasy football award
Dec042017

Fall is ending and with that comes the final rush to the playoffs for our American football teams. And with the close of football comes the final push for fantasy football team owners as they navigate the final few weeks of the season. As the proud winner of my local fantasy league’s 2016 trophy (pictured above), I’m keenly focused on gearing up for my 2017 playoff run. Reflecting back on our 2017 draft party in August, I remember “The Commissioner” collecting participants’ money — specifically, cold hard cash. Not a mobile payment, Venmo or Zelle, PayPal or Cashbot was in sight.

Seeing the flutter of sawbucks gave me a flashback to one of my first payments memories, from the early 1980s, when the Connecticut Bank and Trust Co. (CBT) used a character called Barney to popularize the use of nascent ATMs. No, CBT’s Barney wasn’t a purple dinosaur. According to a report in the Hartford Courant, the bank’s Barney character, which had a small round face and bow tie, was once so recognizable in the state that any bank’s ATM came to be known as a “Barney machine.” As a kid, I remember my mom and mad withdrawing cash from a “Barney machine,” watching with delight as a few 20-dollar bills floated into their hands.

Mobile Payments Proliferate

In the 35 or so years since banks were trying to convince consumers to use newfangled automated teller machines, ATMs — and consumer — have gotten a lot more sophisticated. Recently, as part of my job at FICO, I have been using my phone to withdraw cash from Wells Fargo ATMs. I have to admit I am a little surprised at how easy it is; all of the withdrawals have been processed without a hitch.

However, as a payments professional in the business of preventing fraud, I’m not just impressed at how easy this new ATM technology is to use. I’m concerned about the emergence of yet another opportunity for mobile payments fraud.

It’s no secret that consumers are moving quickly to embrace mobile payments. Following the first salvo fired by ApplePay, seemingly innumerable offerings have entered the mobile payment fray, each gaining a loyal following. For example, during the second quarter of 2017, the dollar value of mobile payments processed by PayPal rose 50% year over year, to about $36 billion. Peer-to-peer payments made with PayPal’s Venmo app more than doubled to $8 billion, year over year. The meteoric rise of payment volumes alone indicates a significant increase in mobile payments fraud risk.

Mobile Payments Are Tied to DDA and Savings Accounts

However, as mobile payment mechanisms proliferate, so do the options for the underlying source of funds. While ApplePay and most fill-in-the-blank “pays” are secured with debit or credit cards, other newer entrants are funded directly by checking or savings accounts.

Most notable here is Zelle, a Venmo competitor backed by a coalition of 30 banks. Zelle allows users to send payments directly from their bank accounts; senders only need to know information like a recipient’s phone number or email.

The rollout was fraught with confusion as users of Zelle’s predecessor, clearXchange, struggled to figure out how to migrate from the old peer-to-peer payment system to the new one, prompting headlines like, “Zelle sign-up issues expose risks of tying phone numbers to accounts.”

In full disclosure, I’ve used Zelle for money transfers within my own household. It is very easy to use (both sender and recipient), even if it was a little “buried” on my bank’s app.

New Risks Require Additional Fraud Coverage

Payments professionals — and banks, for that matter — know that fraudsters lay in wait, watching for any opportunity to exploit risk in the payments ecosystem. As mobile payment types proliferate, so does the risk of mobile payments fraud. While FICO® Falcon® Fraud Manager is best known for protecting payment card transactions, the Falcon platform offers capabilities to detect fraud on non-card electronic payments such as person-to-person, ACH and wire, as well as deposit and other online/mobile banking activity.

Will banks bolster their defensive line with additional mobile payments fraud protections, driving further adoption? To me, it’s something every financial institution must be considering. As we make things more and more convenient for consumers, we are opening up avenues for financial crime.

Time will tell as to whether mobile P2P payments become mainstream—and I’ll believe it when money gets Zelle’d to “The Commissioner” of my fantasy football league. But it’s clear that the mobile device as a vehicle to funds is only going to get more and more commonplace. Hopefully, for me, it will be in the form of being recipient of funds from The Commissioner and I’ll be working on my strategy for a Three-Peat.

Follow my views on fraud, payments and the occasional football play on Twitter @fraudbird.

Leave a comment