Three years in, open banking is finally gaining momentum. According to the UK’s Open Banking Implementation Entity (OBiE), in 2020 nearly six billion calls were made via application programming interfaces (APIs) to bank servers in the UK and more than four million open banking payments were completed. In comparison, 2018 saw 66.8 million API calls and 320,000 open banking payments—increases of nearly 90x and 12.5x, respectively. As customer adoption to open banking accelerates across the UK and Europe, there is no better time than now to pause and make sure all the necessary controls are in place for the continued growth, including an enterprise fraud strategy.
While open banking is a new channel, it’s important to remember the customers making these transactions are typically the same ones transacting in other channels. With an abundance of known behavior data available, it’s essential that banks utilize their customer relationships and knowledge to avoid starting over from scratch.
Fraudsters Embrace Open Banking, Too
Open banking and customer adoption of digital channels have grown exponentially because of COVID-19, and fraudster adoption has been equally large. According to the 2021 Fraud the Facts report in the UK, fraud committed via internet banking increased by 117% and 48% in the mobile channel. Losses have grown by more than 300% since 2018.
Clearly, open banking presents a very attractive proposition to a criminal. Here’s why: open banking comprises two parts, the ability to access customer information (read-only access) and to make payments (read and write access). Fraudsters flock to open banking to harvest data and, especially, to make payments.
Protecting Open Banking Transactions with Enterprise Fraud Management
An enterprise fraud management approach is critical in the open banking arena and is more important than ever as the future world of payments unfolds. If you’re wondering why an enterprise approach matters, that’s what this post is about. If you’re wondering whether your bank already has it, the answer is likely “no”.
History shows that when new payments channels are born, banks generally have reacted to the fraud challenge at hand, investing in a siloed approach only when losses in that channel grew to be unbearably big.
Today, we are in an era in which one channel complements the other. Technology has evolved so much that adding a new channel should be easy. Looking at customer behaviour across all channels is the best way to spot the criminals from the genuine customers. This is the essence of an enterprise fraud strategy.
Fighting Fraud with Transaction Data
Transactions via the card rails capture over one hundred data variables that historically have been used to help spot good and bad transactions. With open banking, the data variables are different and vary depending on which Payment Initiation Service Provider (PISP, a service provider who can execute a payment transaction on the behalf of a customer) is used and in which country.
For example, in Sweden where I live, shopping cart information is captured, whereas in the UK it’s not mandatory and some of the data collected by PISPs about open banking transactions may not be sent through. This means an enterprise fraud management approach has never been more important as we shift our focus from channel to customer level security for better protection.
Modern Technology and Mindset Are Required
In the past, integrating new data feeds into fraud management solutions could be difficult, but in 2021 it’s much easier with cloud-based, highly configurable platforms. Today we are saying goodbye to complex two-year projects and hello to rapid deployments.
Finally, enterprise fraud management isn’t just about adding a new payments channel. It requires a different mindset about customer experience. Authentication layers must be consistent across all channels, and there needs to be a digital communication fraud experience to complement the new digital interactions. Operations need to shift too, to make sure the customer is viewed across the entirety of enterprise interactions, not just individual channels.
FICO Falcon X Enables an Enterprise Fraud Strategy
FICO has long recognized the importance of adding new payments channels and multiple layers of fraud defenses. That’s why we launched FICO® Falcon® X and integrated capabilities such as strong customer authentication with all of our fraud tools. Banks and financial institutions worldwide are recognizing that the Falcon X platform approach—cloud deployment and open APIs—delivers multiple benefits pertaining to open banking, including enterprise fraud management, third-party data access and beyond. Analyst groups are also acknowledging the power of FICO’s approach to enterprise fraud management with FICO recently being recognized by Chartis as category leader in their Financial Crime Risk Management Systems: Enterprise Fraud Market Update and Vendor Landscape, 2021.
At an even higher strategic level, Falcon X gives banks the means to leverage their customer relationships and knowledge to avoid building from scratch the new fraud management capabilities open banking requires. It provides a single platform with which to make fully connected decisions, capturing comprehensive data in the earliest stages of the customer lifecycle, and enriching and leveraging it as customer needs and behaviors evolve. With all capabilities integrated by design into the Falcon X platform, IT teams at financial institutions are relieved of the enormous burden to manually integrate and maintain each new piece of technology.
To learn more about open banking, be sure to read these two articles from my colleagues:
- Open Banking: Will Covid-19 Unleash A Pandemic of Fraud?
- 5 Ways Criminals Could Take Advantage of Open Banking
Follow me on LinkedIn and join the FICO Fraud Protection and Compliance LinkedIn group to stay current with open banking, global fraud and compliance trends, and FICO news.
