5 minute read
Faster payments, faster fraud: Is “slowing down” transactions the answer?
Part 3 of 3
Part 1 of our real-time payments blog series highlighted the state of real-time payments on a global scale. Part 2 looked at why faster payments struggle to balance security and speed, including customer vulnerability and the role of AI/authentication technology. Part 3 examines regulations and the impact of adding friction to transactions.
There are nearly 50 real-time payment (RTP) rail systems worldwide. Each has varying consumer rules and regulations per region. That means countries must take different approaches to fraud and requirements for reimbursement.
If fraud continues to increase, affecting many people and businesses as it has in some places, there is likely to be a concentrated effort to add more security to these payment rails. This may involve adding new rules and regulations.
That’s the case for many countries with RTPs.
In Mexico for example, 15% of the population has been a victim of a scam. A 2023 FICO survey exploring the consumer impact of RTPs and authorized user/authorized push payment scams in Mexico found 72% of customers expect to be refunded most of the time in the case of a scam.
Yet many regions, not only in Mexico but worldwide, lack scam regulations. What happens when fraud occurs with RTPs where there are no regulations?
Banks involved likely do an investigation and block future transactions, but it depends on who is liable and how the fraud occurred.
Whether or not a country has regulations in place, there are actions that banks can take to protect themselves and their customers:
- Commitment to data-driven decisions: There is emphasis around investment in technology but what powers those tools is data. Can the fraud system gather large amounts of data and instantly spot emerging trends or identify risk indicators?
- Industry collaboration: It’s important to not only work with vendors in the fraud space but other experts to engage in the prevention of scams, including tracking down suspects. An example is the Multilateral Memorandum of Understanding in Americas, which is the U.S. Federal Trade Commission’s agreement with Chile, Colombia, Peru and Mexico to promote cooperation across Latin America on cross-border enforcement matters.
- Education and communication: Improving client education and communication is key to growing consumer confidence. From tailored messaging to scam awareness, this can help provide an added level of knowledge of prevention and detection while strengthening client relationships.
More friction, less problems?
Even with all the regulations and technology to protect us from RTP fraud, banks must consider the customer. The ideal customer experience has often been hyped as frictionless or seamless. Though with less time to detect fraud on real-time transactions, issuers may want to reconsider how to balance speed and friction.
Can this be done by “slowing down” processing times to allow for more account and ID verification before a transaction is completed?
That’s what the United Kingdom is considering with its proposed payment services draft bill, which would let banks delay processing payments to conduct security reviews when there are grounds to suspect fraud. The bill is part of a broader plan to minimize instant payment fraud.
Adding time to a transaction process may not make an experience frictionless, but it could ensure more effective fraud management.
How would customers react to this “helpful friction” with transactions?
“Something like 80% of consumers are ok with friction if there is security,” said Manish Andhy, AI & Industry Executive, Financial Services, Teradata.1 “Friction is ok as long as you have trust. How you add friction matters. Banks should give more information (to consumers).”
The hesitation to share information showing additional steps for transactions is because it may create a reputation risk for banks. Banks competing for customers could market their technology and experiences as frictionless compared to competitors.
Despite this uncertainty, additional checks and friction may be inevitable due to the increased exposure to fraud. As such, FIs should be wary of the customer experience as they add more security checks. Though not all transactions need added friction, and when they do, it’s often a small delay or extra step with little — if any — inconvenience for the customer.
For example, it could be an authentication tool working in the background to validate if the electronic device being used for a transaction belongs to the actual customer and is being used by that customer at that time. The friction may only amount to a few extra seconds being added to the transaction process to confirm this information, so the customer may be unaware of the delay or of the tools being used.
Transactions in which the customer is aware of the friction due to actions they need to complete — such as reviewing a notification about a transfer on one’s phone — the extra step is typically approving or denying it. In such cases, alerts are triggered due to extra scrutiny needed, such as a high-fraud risk exchange for an uncharacteristically large amount of money.
Prepare for the future today
RTPs face fraud challenges with technology, communication and the regulatory channel. The good news is many banks and regions recognize the issues.
The question is what steps will it take to drive conversations into actions and ensure greater protection for FIs and their customers.
1. FICOWorld 2024, Manish Andhy, AI & Industry Executive, Financial Services, Teradata, Powerful partners in prevention: Stopping real-time payments fraud, Breakout Session, May 16
Latest articles
Never Miss an Insight
Get the latest from TSYS a Global Payments Company