With payments processed at the click of a button, the digital age has spawned unparalleled convenience for consumers and generated immense revenue for businesses.
But consumers and businesses aren’t alone in seizing the opportunities presented by payments innovation – savvy fraudsters exploiting these transactions cost UK businesses a staggering £1.2bn in 2018, according to UK Finance. The rise of payment fraud stems from an otherwise positive development: the unprecedented efficiency of payments on a global scale over the past decade. But organisations must ensure that transactions are not only fast, but also secure.
Addressing payment fraud will require acknowledging that existing security measures have not adequately stemmed the problem and embracing sophisticated technologies designed to flag questionable activity and keep fraudsters at bay.
The rise of payment fraud in the UK dovetails with global trends. The 2019 AFP Payments Fraud & Control survey found that a record 82% of organisations experienced incidents of payment fraud in 2018 – and it’s not just big businesses. While a 2018 Vocalink Analytics survey found that 58% of UK SMEs believe payment fraud would have only a minimal effect on their businesses, fraudsters are attacking businesses large and small.
Amid steadily climbing rates of fraud, organisations are slowly acknowledging the scope of the threat. A recent survey revealed that 73% of UK businesses believe payment fraudsters are now ‘ahead of the industry’, yet even still, only 32% have adopted more stringent measures to combat fraud.
Adding human resources is no panacea – and may even make fraud worse. Hackers are eager to exploit human vulnerabilities to defraud companies, and human auditors unaided by technological tools that can flag otherwise furtive anomalies will often miss fraudulent activity, or worse, be lured unwittingly into socially engineered online scams. Unfortunately, employees themselves are also occasionally the culprits.
Beyond social engineering and internal fraud schemes, malicious actors can also leverage cyber and IT fraud to manipulate payment transactions. The supplier onboarding and payment run processes are especially vulnerable to hacking, with breaches often going unidentified until it is too late to recover the funds.
Do businesses face a catch-22? With payment fraud at record levels, existing measures clearly have not sufficed – raising the question of whether it’s wise to continue placing a premium on payment speed and convenience. But as digital-native millennials and Gen Z enter their prime spending years, any change that comes at the expense of ease and efficiency would seem to be out of the question.
Fortunately, it’s possible to achieve both efficiency and greater protection. It starts with companies abandoning the idea that internal controls and processes will be enough to fight fraud and beginning to invest in payment-protection technologies.
Third-party technologies can safeguard payment processes at every point in the transaction life cycle – including corporation, bank and supplier – while catching errors and hacking attempts in real time. By storing, monitoring and protecting assets, these solutions not only help retain the essential speed of transactions, but provide a robust line of defence when red flags are raised.
It is time companies embrace new, dynamic cybersecurity models to help combat new, dynamic cyberthreats. To maintain speed and efficiency in transactions, it’s vital to implement payment automated protection solutions that provide security along the entire transaction journey. Inevitably, this will require technology that identifies fraud before the payment is fulfilled, so that merchants aren’t simply combating fraud, but are stopping it before it can be executed.
With many businesses either unaware or oblivious to their own vulnerabilities, or not taking sufficiently vigorous measures to remedy them, the need for this paradigm shift is pressing – and without widespread commitment to tackling the problem, fraud rates are likely to continue increasing, robbing companies of billions.
The same focus on innovation and ingenuity that enabled the payments revolution can restore security to the online payments process. Leveraging independent, external technology controls, businesses can diffuse single points of failure, bolster their cyber network strength and protect hard-earned revenue.
nsKnox works with companies to protect against risks and financial losses by detecting and preventing payment fraud in real time. With TxAuthority, it ensures payments reach the intended beneficiary by securing the transaction between approved suppliers and customers.
The solution analyses every piece of data within payment files, from initiation through to fulfilment, enabling the detection, alerting and blocking of fraudulent payment attempts in real time.
Establishing external controls across a distributed framework ensures that there is no single point of failure, enhancing the level of protection.
Mus Huseyin is head, UK & EU, at nsKnox
