Community

I agree and believe advanced detection systems are the most important tool in fighting fraud. The criminals will always find a way in, be it through data breaches, phishing or targeted hacking - the mindset at some institutions has even gone as far as considering the "front door" as untrustworthy.  

This realisation drives the need for sophisticated detection/prevention systems that can gather information about all aspects of transactions and user sessions - not only identifying fraudulent activity for individual users, but extrapolating trends that can even help banks identify the ‘point of compromise’ of data and therefore other cards or accounts that could be at risk. That being said, without the ability to influence the authorisation decision with sub-second response times, institutions will always be at least a step behind.

The other factor that banks need to consider when managing fraud is how they deal with it when it does happen. The best prevention and detection tools available can’t stop all fraud, so banks need to look at the systems and processes they have in place to make sure that any fraud that does happen does not alienate the customer. Identifying fraud quickly and accurately, proper communication, ensuring the consumer isn’t out of pocket – all these factors contribute to the opinion that customers have about how banks protect them, and how likely they are to stay loyal.

Dont forget, an "attack" is just a criminal setting up a phish site/email and attempting to sucker the public...doesnt mean they are successful!  In my experience phishing success, or at least the average loss per successful attack is falling.

There is definitely a catch up game that, by the nature of the fraud world, is always being played by banks.  I, however, think in terms of Faster Payments, there was experiential knowledge gathered, by the banks, from places that have gone through a "faster payments" shift in the past.  They knew that any current vulnerability would be exploited further and took the first steps by securing them.  It is unfortunate that in many cases there has to be enough loss to warrant the investment in prevention but, in this case, I think many banks did try to pre-empt the problems.

I feel I have to stand up for the banks when it comes to the fraud concerns of Faster Payments. True, some banks have implemented temporary solutions to manage fraud resulting from Faster Payments, but it is essential that people don't misunderstand ‘temporary' to mean ‘inadequate'.

Banks have to review their fraud prevention tools and processes on an ongoing basis, and regularly make changes to keep up with changing technology and changing fraud trends, and the UK banks are very experienced and capable of doing this. The banks that have gone live with Faster Payments were prepared for the changing nature of the fraud they would face, and made sure that they and their customers would be protected when it went live.

A good fraud prevention system is never permanent, it evolves and changes all the time. As the world around it changes, for example with chip and PIN, online banking, Faster Payments, SEPA or mobile banking, banks will expand their fraud strategies to encompass new channels and trends. That is one of the reasons we are seeing such a move towards real-time and enterprise fraud systems as banks combine information from many different sources to ensure they are as accurate as possible when preventing fraud.

Ultimately, it is the banks that are liable for fraud, not the consumer - so it is in their benefit to make sure their systems are as secure as possible.