Cross-sector action needed to tackle APP fraud epidemic

UK Finances’ 2021 fraud report revealed a staggering increase in online payment fraud. To tackle this fraud epidemic, we need to focus more on digital identity, argues Martin Wilson, CEO of OneID®. 

Instances of authorised push payment (APP) fraud in the UK rose by a frightening 39% in 2021.

According to the 2021 Fraud Report from UK Finance, APP fraud accounted for £583.2m of stolen funds, close to 50% of the £1.3 billion of losses from criminal fraud.

At the epicentre of this growing problem is ‘identity’. The UK Finance report states that nearly 40% of APP-based losses were down to impersonation schemes.

These schemes typically involve consumers being duped into initiating payments to criminals posing as trusted contacts using stolen identities. They use fake websites, emails and phone numbers to bypass the typical security and authentication checks employed by banks and payment providers.

We need banks, businesses and fintechs to work together to tackle the fraud epidemic in the UK, or the UK faces becoming the bank scam capital of the world.

Impersonation scams on the rise

UK Finance reports that in 2021, the UK’s communications regulator Ofcom found that eight out of ten people it surveyed have been targeted with scam texts or calls pretending to be from an official source such as banks, NHS or government departments.

One of the more pernicious forms of impersonation scams is the so-called romance scam where the criminals use fake social media accounts to target victims, forming friendships over several months before requesting money from the unwitting victim. Romance fraud losses soared by 73% during 2021. In total, victims of such scams lost £30.9m and case numbers were up 41% at 3,270 last year.

As many as 40% of online scam victims have reported feeling stressed or depressed (28%) as a result while victims of romance scams are often left with anxiety, depression, low self-esteem and an inability to trust others or their own judgment.   

Banks losing hundreds of millions

Banks have already invested heavily in their security measures such as strong customer authentication, preventing a further £1.4 billion of unauthorised fraud getting into the hands of criminals.

But they are still losing large amounts of money, paying out hundreds of millions of pounds to thousands of customers who have fallen victim for fraud since the APP voluntary code was introduced in 2019. For example, TSB has refunded 98% of all bank fraud cases under its Fraud Refund Guarantee.

While the figures may differ between banks, they all face the same impossible challenge – either absorb the losses of their clients or face losing those customers due to a lack of protection.  And all amid a rapidly rising source of fraud.

The government has also said it will legislate in the upcoming Financial Services and Markets Bill to enable the Payments Systems Regulator to require banks to refund victims of APP fraud. Banks could be on the hook for even more than the hundreds of millions they fork out each year.

Cross-sector action needed

UK Finance has used these findings to call for more cross-sector cooperation and action to tackle the criminals and reduce the instances of fraud. This type of approach has worked in other countries.

Sweden launched its BankID in 2003 and it is now the largest electronic identification system in the country with a 94% usage rate among smartphone users with more than 6.5 million active users. It is owned and operated by several Swedish and Scandinavian banks.

A similar but independent BankID scheme operates in Norway which also acts as a utility, owned and operated by a number of banks.

Originally conceived as a way for consumers to log on to their online banking accounts, the system has expanded its scope as consumers increasingly conduct more transactions digitally. BankID is used for confirming online payments and even signing official documentation. The scheme has proved to be successful in reducing payment fraud from 1% to just 0.00042% of transactions.  

It’s clear that banks and consumers need support to spot and prevent scams now, and the UK government and law enforcement can’t tackle this billion-pound issue through creating and enforcing legislation alone.

As in Sweden and Norway, the banks could be a big part of the solution but we need cross-sector action to explore and invest in new technologies which can help prevent fraud.