Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Payments

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

New payment rules - new mindset!

As of 1st January 2012, the three-day wait for fund transfers will be over. Banks must ensure that for all electronic payments (e.g. online banking transfers), the money reaches the payee’s account in a much more timely manner.

This is likely to cause problems for banks and may well identify weaknesses in their approach to fraud management in terms of keeping pace with the skill of today’s fraudster.

At the moment, if a bank spots unusual activity on a customer’s account (such as an unusually high amount being transferred) it currently has a three-day window in which to speak to the customer to check whether the transaction is genuine or fraudulent. However, despite this, banks already struggle to balance dealing with fraud effectively and managing their False Positive ratio.

As the time window shortens from three days to one in the New Year, this situation is only going to get worse. Banks may wave through fraudulent transactions, but the likelihood is that they will err on the side of caution if fraud is suspected and simply reject the more dubious transactions straight off, just in case they are fraudulent.

These so-called ‘false positives’ (genuine transactions declined because they are deemed potentially fraudulent) could increase dramatically and as a result call centres will need to grow exponentially to deal with the ensuing problem, customer satisfaction will hit an all-time low, costs will explode and revenues will implode, all of which is of course bad news for issuing banks.

The solution, however, is simple. At the moment, banks rely on historic data to see trends and patterns in transaction behaviour, but this system falls flat when a customer makes a transaction that is outside their own norm. Use of real time information would greatly improve this situation. Proximity correlation logic uses information about the cardholder’s mobile phone to anonymously determine the likelihood of the transaction being genuine or fraudulent. This isn’t a tracking device, so there are no worries over privacy. The system simply detects, within a fraction of a second, whether the card is in the same vicinity as the phone – or rather, if it ISN’T. Thanks to the ubiquity of the mobile device, banks can dramatically reduce their false positive rates this way. If the phone is not in the same vicinity as the card, there is a good chance the card is not being used by the card holder and hence the bank can concentrate on that (much more likely) potential fraud.

With the new rules taking effect in the New Year, the good news is that banks now have a new tool to add to their armoury to help in the fight against the fraudster. How long will it be before such checks become commonplace? In my opinion, not long at all and 2012 will see this become de-facto!

4949

Channels

Security Payments

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (3)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 16 December, 2011, 21:05Be the first to give this comment the thumbs up 0 likes

In case we are talking about UK, unless I am missing something, it is not clear what kind of electronic payments are being referred to here: Card payments, CHAPS and FPS happen in realtime, I am not sure if there is a 3 day waiting period in the first place. If we are talking about BACS, I don't see how 'card' and 'phone' enter the picture. Since we are talking about online, I take it that any card payment would imply Card Not Present, in which case there is no need for a phone or for the card to be in close proximity to the phone even if we are talking about mobile payments via cards - we could have left the card somewhere and could be entering card details from memory (unlikely) or from an PDA / smartphone entry containing the card details (highly likely, from personal experience). Won't proximity correlation logic result in many False Positives?

Report abuse
Pat Carroll
Pat Carroll - ValidSoft - London 19 December, 2011, 10:16Be the first to give this comment the thumbs up 0 likes

Ketharaman, the point made is of course a good one. However, the example provided was for illustrative purposes only. Simply put, the move to faster payments means that we will need to start deploying the same real-time protection available for Card Present transactions for all payment types impacted by the FPD, clearly the majority of these include internet banking and other forms of online payments. Proximity Correlation Logic (PCL) equally applies to CNP transactions, although the basis for the correlation is more intricate, but equally accurate. For example, if I know that a transaction is originating from your home (although I don’t need to know where your home is), and your mobile phone is also correlated to your home, then there is a high probability that this is a genuine transaction. Other invisible tests of course need to be performed to ensure that the integrity of the transaction has not been compromised, and the institution may still want to ensure that the parties to the transaction, and the integrity of the transaction itself, have not been compromised in any way. This is the power of real-time, privacy sensitive, PCL when implemented as a component of a layered, multi-factor, telecommunications based security model.

Report abuse
A Finextra member
A Finextra member 20 December, 2011, 12:07Be the first to give this comment the thumbs up 0 likes

The maximum transaction value by Fasterpayments I understand is £100k but banks currently apply their own maximum transaction value limit. Will banks wriggle out of fasterpayments by retaining a low limit using anti-fraud measures as the excuse?

Report abuse
Join the discussion
Pat Carroll

Pat Carroll

Founder/Executive Chairman

ValidSoft

Member since

17 Mar 2011

Location

London

Blog posts

79

Comments

40

More from Pat

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all
Community
See all blogs »
Financial Services Regulation 

Why the advantages different sized businesses have in DORA compliance shouldn't be overlooked

Steven Rackham

Steven Rackham

Bigger than Technology 

When to use Privacy Enhancing Technologies (PETs) vs. privacy management tools in Banks?

Tejasvi Addagada

Tejasvi Addagada

API 

Observations from EBADay Lisbon and a Reflection from the Past

Cheryl Chiodi

Cheryl Chiodi

Banking 

Why Developed Economies are Benefiting from QR Payments?

Abhinav Paliwal

Abhinav Paliwal

Now hiring

See more