Payment fraud

Sourcemedia's annual PayThink conference is always productive and informative, and this year's event was no exception.

FirstSense's technology is designed to spot and prevent fraud as it happens. It will operate with First Data's fraud protection and transaction authorization engine, helping financial institutions identify payment cards at risk.

Many companies no longer rely on static passwords alone, and use two-factor authentication to protect consumer accounts. The problem is they're using the same second factor: text messages sent to mobile devices.

This European regulation means fraud detection will inevitably need to evolve as the fraudsters find new ways to exploit new loopholes, according to Catherine Tong, vice president and general manager for Accertify.

More than half of U.S. financial institutions have made same-day ACH funds available without seeing any major shifts in fraud. But observers warn that as same-day ACH introduces broader access and bigger transactions, it will become a bigger temptation for fraudsters.

With technology tightening defenses against account fraud, scammers increasingly turn to what they view as the weakest link: the human being at a call center.

Institutions must enhance their fraud prevention strategy, and the most effective and successful way for doing so is by empowering customers to detect and respond to suspicious activity before the funds ever leave their account, writes Deborah Peace, CEO of ACH Alert.

Growing consumer expectations for 24/7 digital access and real time decisions as well as competitive pressures have reduced the time that organizations have for manual review, writes Mike Lynch, chief strategy officer at InAuth.

The Texas bank, which partners with the U.S. Treasury to dispense federal benefits via prepaid cards, is alleged to have dropped the ball as hundreds of cardholders say their money was forwarded to fraudsters posing as them.

After 20 years of working with a clunky, time-consuming 3-D Secure authorization method for online purchases, the wheels are finally in motion to get the upgraded 2.0 version in place for merchants and banks, granting access to more data for spotting fraud.

A legal battle is being waged between a U.S. bank and its insurer over the insurer’s refusal to pay out on a cyber policy, in the wake of hacks on the bank which led to a loss of over $2.4 million. The case flags the problems of insurance in the fast-moving world of digital security.

Wire and other payments fraud affected a record number of businesses last year, and the FBI is warning in particular about real estate scams.

To make informed decisions about fraud prevention, merchants must understand the current fraud landscape, customer expectations, and the risks and rewards associated with internal and external fraud prevention approaches, writes Bernardo Lustosa, partner, co-founder and COO of ClearSale.

Tokenization as a technology is suitable to support multiple payment use cases via a single system, ensuring emerging commercial models and the ability to adapt to new requirements are not constrained by an inflexible security framework, writes David Worthington, vice president of payments at Rambus.

Beyond offering a buzzworthy new payments app or automating exhausting mortgage applications, for example, traditional payment providers and fintechs need to ensure that their business is resilient against increasingly sophisticated cybercrime and ready for a hyperconnected world, writes Malte Pollman, CEO of Utimaco.

Once regarded as a safer option for consumers, BOPIS (buy online and pick up in store) has now joined the ranks of targets that cybercriminals are learning to exploit. It comes down to correctly identifying the shopper, writes Ryan Wilk, vice president of customer success at NuData Security.

Nonlisted encryption solutions are designed for easier deployment, but often lack many of the key attributes of PCI-listed point-to-point encryption products, writes Ruston Miles, founder and chief strategy officer of Bluefin.

Phone-based customer service opens opportunity for voice phishing, or "vishing," and other types of attacks linked to card not present transactions, according to Rafael Lourenco, an executive vice president at ClearSale.

As data breaches mount in the "Equifax era," CFOs have a broad vision of enterprise data that can prove helpful in mitigation, according to Lauren Ruef, a research analyst for Nvoicepay.

Payments fraud from business email compromise, or BEC, occurs when scammers use phishing tricks and email to fool businesses into making fraudulent payments to perceived suppliers. Experts suggest newer factors are accelerating the trend.