What is APP Fraud?
Authorised Push Payment fraud, or APP fraud, is a social engineering scam carried out using a real-time payments system. APP scams can vary in design, but the underlying process is the same. Trick an individual or business into authorising a transfer of money to the scammers bank account, then disappear.
APP fraud is one of the fastest growing types of fraud due to the rise in popularity of real-time payments. These payments give fraudsters plenty of time to hide money and disappear before the victim becomes aware of the scam. Which also makes retrieval and refunds difficult. We need to understand APP fraud before we can fight it. Which is why we’re going to be outlining some key strategies and solutions to prevent APP fraud. Keeping your business and customers safe is fundamental.
Types of APP fraud include:
Success with adjacent fraud solutions have naturally pushed fraudsters towards social engineering. This is because it has low technical requirements with minimal traceable evidence. While imposters leave tell-tale signs that businesses can pick up on, recognising an individual under coercion is much more difficult. It requires Financial Service Providers (FSPs) analyse whole new sets of data. The blind spot in fraud strategies is only aggravated by the reluctance some victims feel to reporting the scam.
Reports of APP Fraud
The 2021 UK Finance report detailed a 39% increase in APP fraud, costing over £583.2 million to the finance industry and customers. Compare this to the £479 million lost in 2020 and we start to notice a considerable rise. As households tighten their purse strings and brace for a recession, consumers are becoming more vocal about the lack of help they’re receiving regarding fraud. News stories pop up weekly recounting the failures of websites, businesses, and individuals in helping protect our most vulnerable.
It’s not all bad though, financial regulatory bodies and FSPs have been discussing strategies needed to counter the recent rise. Released reports detailing recommendations have sparked discussion within the industry covering a range of topics – allowing banks, telecoms, and big tech to ask themselves what more they can do.
Identifiers of Fraud
Despite the disguise, there are some clear identifiers that firms can look out for when identifying risky transactions. With a combination of these datapoints, the risk profile of a specific transaction can be quantified and treated accordingly. We can split the data into two categories, behavioural and situational.
Often, when an APP scam is in progress, the victim is using their mobile, talking to the scammer to receive instructions. Information like this can be layered to give the firm a clearer picture of the situation the payer is in, and therefore can reduce APP fraud directly.
That’s why at Phronesis we’re releasing our newest data call – Protect: Scam Signals – in partnership with the UK’s leading mobile phone networks BT/EE, Telefonica, Three and Vodafone. This allows your business to check important indicators of fraud without destroying your customer’s experience; preventing fraud and eliminating anxiety, frustration and wasted time for everyone involved. Cutting-edge mobile network insights, when combined with behavioural risk signals, can increase the identification of APP fraud by 25%.
Large FSPs are bolstering their fraud solutions to better protect against APP fraud by layering richer datasets. But there are substantial industrywide efforts that need to be adopted if we stand a chance against fraud.
Industry Recommendations and APP Fraud Solutions
Introduce new data sharing standards
When FSPs and Payment Service Providers (PSPs) share information as part of the faster payments system, they gain a safer overall picture of their customer interactions. Embedding data capturing for both the sender and recipient bank presents an opportunity to spot suspicious transactions prior to authorisation. For example, a payee sending money for rent to a personal rather than a business account is a red flag. Collecting and sharing rich behavioural and situational data with other firms can give everyone a better chance at catching fraudsters before customers end up as victims.
Ensure all payment providers follow a specific set of fraud rules
An industrywide regulator would provide oversight and can hold those not adhering responsible, standardise technology and data sharing, as well as track and monitor fraud trends to better adapt to rises in specific types of APP fraud. If the industry had a universal duty of care to its customers, the likelihood of reimbursement would rise and customer-friendly banks would no longer be solely taking a hit. The PSR has recently put forth a proposal for mandatory reimbursement, but this does not cover all payments, leaving international and CHAPS payments unprotected.
Provide a more tailored approach to payments
More should be done to facilitate the safe transfer of large value payments. Often large value payments are treated the same as small value payments, this needs to change. Financial service providers should consider adding additional checks and friction for payments like house deposits to ensure financial loses aren’t lifechanging.
Prevent fraudsters from reaching people in the first place
Social media companies, search engines, and telecom providers need to better moderate the content going through their channels. With The Online Safety Bill being pushed back, the repercussions for phony adverts on sites or through SMS are few. Consumers are often overwhelmed by numerous scam messages. Though they may be able to easily distinguish a few, sheer volume can lead to them eventually becoming defrauded.
Help inform your customers about the profile of APP fraud
There are quite a few campaigns financial service providers can run to inform their customers about the dangers of APP fraud, most notably the Take Five To Stop Fraud campaign. The campaign focuses on the five steps a person should ask themselves before they proceed with a payment. These might include verifying events with legitimate outbound company numbers, being suspicious of ‘too good to be true’ deals online and ignoring or reporting pop-ups or SMS messages talking about malfunctions in payments or computer systems. These campaigns can be both internal and external and can reduce the risk you and your customers lose money with very little cost.
Keeping your customers and employees safe can save companies tens of thousands of pounds and assure customers that their money sits within responsible and caring hands. If your company isn’t able to fully prevent APP fraud, book a call to discuss the potentials of mobile network data as an APP fraud solution. Our data can both elevate your business operations and keep your financials and customers safe. If you would like to learn more about the Take Five To Stop Fraud campaign to help educate customers, follow the link below.