International. People's buying and payment habits changed as a result of the health crisis brought by Covid-19. E-commerce was boosted and the mass adoption of online payments was encouraged; the pandemic pushed the use of cash to an all-time low.
BPC Banking Technologies, an organization that links the needs of people in their real lives, with intelligent digital solutions and that works with banking institutions and neobanks, presented its report on Fraud Prevention: The Anatomy of the New Scammer, where it highlighted the main actions that financial institutions must implement to prevent growing attacks.
The study contemplates that the global payments market will reach USD 2 trillion by 2025; but it also highlights that a loss as a result of fraud of up to USD 200 billion is expected. The transactional business is exposed to a growth in crime with cards, particularly those of payment with Card Not Present (CNP), which increased in their level of affectation, by 70% in recent months and, according to the report of Nilson Report, the global losses by this means will reach USD 32 billion by the end of 2021.
BPC Banking Technologies, established the three main profiles used by criminals and how they take advantage of the different transactional channels to carry out their crimes. Here were their findings:
Modus operandi of the scammer
Internal: Your authority and trust within the company allows you to bypass many of the controls within the organization. According to a survey, conducted by the Association of Certified Fraud Examiners (ACFE), 65% of these fraudsters are employees of the company, and 38% were part of the company for more than 6 years. These workers cause losses by an average of USD $200,000. The report also warned that 20% of these offenders are part of the executive level and that they also cause the most embezzlement, with an average of USD $ 600,000.
External: Of which customers, sellers and suppliers are part, who represent three quarters of the total of fraudsters. These people take advantage of their financial bond to send bad checks; falsified information for a payment; return stolen or counterfeit goods for a refund; participate in bid manipulation schemes; issue invoices to the company for goods or services not provided or demand bribes from employees. Examples of their actions are hacking, theft of confidential information; tax, bankruptcy, insurance, health care and loan fraud.
Confabulation: 20% of all theft schemes are the product of a collaboration between internal and external scammers. This scheme often involves former employees, suppliers, or customers acting with a corrupt employee within the organization.
Main types of fraud:
● From cards: Card-not-present (CNP) payment transactions remain the priority target of fraudsters, given that the buyer and seller are not in person during the transaction. When data is stolen at ATMs, mobile POS devices (dataphones), it is called card-present (CP) fraud and happens mainly because most victims are unaware of its subsequent use, until they check the movements. The wide adoption of EMV-enabled cards (with an integrated security chip) reduced fraud with the cards present, but led to the 70% increase in the cards present, since the beginning of the pandemic.
● Social engineering: Thousands of people were tricked into paying money to save their relatives from illness, or where scammers posed as public officials, taking advantage of misinformation about the virus.
● Friendly: According to the FBI, it is one of the top three threats to e-commerce and it is the most common and costly fraud scheme for the organization and originates when the cardholder receives the purchased product, but then alleges that he did not authorize the purchase or that he never received it.
● Applications: In this case, people apply for loans or credit cards, but once they access this resource, they disappear from the bank's contact mechanisms. 40% of these cases involve the use of false IDs or combining stolen data from several victims.
● For counterfeiting: It occurs when legitimate card data is copied into a fake plastic, and is a modality that frequently occurs in gas stations, restaurants, cinemas or ATMs. For merchants that adapted their technology for EMV chip cards, fraud was reduced by 75%.
● Identity theft: When credit cards or their stolen numbers are used to make purchases that the cardholder did not authorize. By 2020, more than 130,000 cases of this type of phishing were reported.
● By appropriation: Here the scammers pose as the cardholder and request a new replacement falsely reporting their loss. Account absorption increased by 57% in recent months. Javelin Strategy, announced that 40% of these types of crimes occur within 24 hours of the fact.
The SmartVista Fraud Management solution, from BPC Banking Technologies, detects and prevents fraud in the different payment channels, in real time and makes statistical profiles of cards, terminals, merchants or devices. Its powerful analytical tool monitors transactions based on parameters such as purchase location or more sophisticated validations based on the historical profile of card behavior.
For Santiago Egas, Executive Vice President of BPC Banking Technologies, "Given this phenomenon there is a need to share knowledge to increase awareness among the parties involved in the online payments business. Innovative risk management solutions make it possible to analyze data from different transactional channels; this can be mitigated cost- and time-efficient by integrating high-tech tools through a comprehensive strategy."
