As the payments industry evolves, fraud is becoming a growing issue, experts told bankers at the Federal Reserve Bank of Chicago Payments Symposium 2012 Tuesday.
Beyond any immediate losses, fraud is a large issue for banks because they have lost much of their traditional business to non-banks, with payments being a notable exception. But competitors such as PayPal, Square, a wide variety of mobile wallet providers and others are making inroads.
But an issue with some of these newer providers is that they don’t have the history of combating fraud as financial institutions.
Responding to an earlier comment that mobile payments are safer than some other forms – check forgery, payment card theft and other types of fraud are still committed more often, Julie Conroy McNelley, director for Aite Group, said: “The potential is there for mobile to be safer. But there are 111,000 new strains of malware every day, 50 percent of them aimed at obtaining online credentials. The average Web surfer comes across a malware site one every three months.”
She added that the fraudsters are well organized, and are usually operating from overseas locations where they stay outside the reach of law enforcement authorities.
Mobile malware is growing at an exponential rate as criminals go to where the money is. According to McNelley, the number of known mobile malware apps has grown 10-fold, from 12,000 to 120,000 in the last year.
McNelley expects those developing mobile malware to become more active as mobile apps, including mobile payments, become popular.
“Banks are already seeing cross channel fraud,” McNelley added, explaining once a fraudster breaks into a customer account through one channel, such as online, it can provide the criminal with a way to take over other customer accounts as well.
One of the challenges is to include incentives so that fraud protection is included in payments system development, John Carlson, executive director of the Financial Services Roundtable, said. “The best way to do that is collaboration. It’s really important to bring the different parties [in the payment system] together to solve this.”
That means pulling together software and hardware providers as well as bankers and other payments providers.
The rules have to determine the responsible party when fraud occurs, Carlson added. For example, the credit card issuers tend to absorb unresolved fraudulent charges of under $50, and in many cases will cover the consumer for much higher amounts.
“The government needs to work with private industry on electronic identity management,” Carlson said, pointing out that fraud-related lawsuits are growing at a fast rate.