The UK is home to the most sophisticated Authorized Push Payment (APP) scams in the world. In 2019, banks’ losses of £456 million nearly equaled the £470 million attributed to card not present (CNP) fraud. Now, in 2020, APP scams are expected to eclipse card fraud, fueled by niche schemes related to the COVID-19 pandemic.
FICO has just published my new Q&A on the topic of APP scams, and how a combination of converged fraud and compliance infrastructure, along with advanced authentication measures, are powerful scam-fighting solutions. Here’s a preview:
Q: Why is the UK a hotbed of APP scam activity?
The short answer is that instant, irrevocable payments are very attractive to criminals, who are further emboldened by the UK’s Contingent Reimbursement Model (CRM) Code, enacted in May 2019, which requires banks to support APP scam victims. If there is no evidence of first-party fraud, banks must reimburse victims for funds sent under false pretenses.
Compared to CNP fraud, criminals find APP fraud to be extremely lucrative; the £456 million lost to this fraud type in 2019 was spread across just 122,000 incidents. In contrast, 2.1 million people fell victim to CNP fraud the same year, with losses totaling £470 million.
Q: How do banks address APP fraud today?
Banks’ ultimate goal is to prevent APP fraud through consumer education, making those materials easily accessible through the mobile app, website and in-branch. In the meantime, UK banks have implemented a range of processes and controls to combat this fraud type.
For example, at the most crucial moment, when the victim is about to unknowingly send money to a criminal, the most effective deterrent is to slow down the payment by warning customers of what scams look like, and to check whether or not their current transaction is a scam. Banks intentionally slow down instant money transfers by introducing a bit of friction.
Q: What technology developments will help banks to detect fraud faster and more effectively in the future?
Banks already have added categorization into the payment workflow, to help create a common understanding of scam characteristics when specific transactions are later verified to be scams.
Behavioural analytics is another development that can help to detect APP scams. Keystrokes and swiping patterns on a mobile phone, for example, can be used to detect if a person is under duress while making a transaction, which can reflect the urgency with which many APP scams are conducted.
On the systems side, APP scams can be discovered more readily through converged fraud and anti-money laundering (AML) systems.
Q: How is FICO leading the way?
FICO is driving innovation in fighting APP fraud in three key ways:
- At an industry level, FICO’s history of convening data with the FICO® Falcon® Intelligence Network can be of great benefit in creating a mechanism to stop and recover funds sent in scams before the payment is deposited into the receiver’s account.
- As part of the FICO® Falcon® Authentication Suite, behavior analytics already help banks to identify that a customer is who they say they are.
- In terms of systems, FICO® Falcon® X delivers the converged fraud and compliance infrastructure that is the future of detecting APP scams, as well as new fraud types that have yet to appear.
For more information, download the entire Q&A, “UK losses to authorized push payment (APP) scams are on track to exceed card-not present fraud: what can banks do?” Follow FICO’s Fraud Protection and Compliance group on LinkedIn.
