Fraudsters using real-time payment rails to commit faster fraud in North America

If it feels like the real-time payments (RTP) landscape is suddenly becoming more crowded, that’s because it is. Both the US and Canada have announced plans to launch their own real-time payment infrastructure next year. These new systems will compete directly with existing payment networks like The Clearing House’s RTP system and the Automated Clearing House (ACH). With payments on track to accelerate, North American banks and financial institutions (FIs) must take action now to protect their customers from real-time payments fraud and scams.

The Expansion of Real-Time Payment Rails in North America

In the US, the Federal Reserve is planning to launch its FedNow payment system by 2023. Meanwhile, Canada is planning to launch the nation’s Real Time Rail (RTR) scheme next year as well. These payment schemes promise to expand access to real-time payment services in their respective markets.

The availability of real-time payment systems promise to usher in a new era of convenience and cashlessness. Consumers and businesses will be able to complete transactions using any device they choose on a 24/7/365 basis. Users will be able to make bill payments, deliver payrolls, make credit card payments, international payments, and a variety of business and consumer transfers. These services also open the possibility of using new digital channels, such as using voice assistants like Apple’s Siri and Amazon’s Alexa to transfer money.

However, as is always the case when payments get faster, fraudsters are always among the earliest adopters. Some US consumer groups are criticizing FedNow over a lack of adequate fraud prevention measures. The groups claim this puts customers at risk of fraud. 

We’ve already seen how successful fraudsters can be at using these systems for quick gains. A report by UK Finance showed victims used the nation’s Faster Payment Service (FPS) in 98% of fraud cases to make authorized push payments in the first half of 2021. Meanwhile, FPS also accounted for 92% of fraud loss value in the same period.

These numbers offer a stark warning for North American banks: new real-time payment rails will inevitably lead to real-time fraud. The good news is that many banks and FIs have strong solutions in place to address traditional fraud tactics like account takeover (ATO) attacks. The bad news is this will just divert fraudsters to attack the next most vulnerable link in a bank’s defenses: the customers themselves. 

Real-Time Payments Means Real-Time Fraud and Scams

Coercion and deception are among the most effective tools in a fraudster’s arsenal. That’s why many scam customers into sending money under false pretenses. 

The availability of real-time payment systems makes these scams much more attractive and profitable for fraudsters. North American FIs should understand the fraud and scams types that will increase once real-time payment schemes debuts. These scams include:

  • Business Email Compromise (BEC) Scams: Fraudsters impersonate a company employee or vendor. They target another company employee and convince them to share sensitive information like employee tax forms or other personal information. 
  • CEO Fraud: Fraudsters impersonate a company’s boss or executive. They may use phishing emails or fraudulent SMS messages to manipulate company employees into changing vendor payment information.
  • Romance Scams: Fraudsters pretend to have romantic feelings for their victim. Once they gain their victim’s trust, they convince them to send them money under the guise of paying for a medical expense or a plane ticket to meet in person.
  • Crypto Scams: The constantly fluctuating cryptocurrency market gives fraudsters an opening to lure victims into cryptocurrency investment scams. Fraudsters claim they have a once in a lifetime opportunity to get rich overnight and use high-pressure tactics to convince victims to invest.

Scam take a significant toll on victims, beyond financial losses. Victims feel betrayed emotionally by the scam and will likely turn to their FIs for help.

How FIs Can Protect Customers from Real-Time Payments Fraud

Unfortunately, real-time payments means the money lost in a scam is likely gone for good. There are very few options available to recover it. If the money has moved to a second bank, it will likely disappear in a short time.

Recent trends indicate that fraud liability is shifting to banks and FIs. With this in mind, FIs should take initiative to ensure their organization and customers are protected from real-time payments scams. Taking the following steps will put banks on the right path.

Monitor inbound and outbound transactions

Back in the days of paper checks, banks would have roughly three days to clear a payment. Today, banks have a much smaller window to review a payment’s risk. However, solutions are available to quickly match a recipient’s and payer’s names. Banks should quickly assess whether a transaction makes sense for a customer given their existing history. They should also look closely at the recipient’s account to determine if there is an existing relationship. If the account was created recently and appears to be only receiving funds, it could be a red flag that it’s a money mule account.

Implement a real-time risk engine

Real-time payments generate a massive trove of data. As such, banks must be able to process and understand the data and which transactions pose the highest level of risk. Perform a risk assessment to understand what it takes to implement a real-time risk engine for your bank’s new transaction volume. This assessment should consider whether your organization can manage the demands of a 24/7 banking operation, from tellers to ATMs to call center operators and chatbots. Consider using managed vendor services if your bank can’t quickly shift to a real-time risk engine on its own.

Invest in Consumer Education 

Banks have an obligation to turn their customers from the weakest link to the first line of defense. This is especially true if scams are going to be the fraudsters’ weapon of choice. Not only are education and awareness initiatives the best way to help customers protect themselves. They also are likely to win favor with regulators who want to see banks proactively engage with their customers and clients to keep them safe.

Convenience is key in the digital banking age. Real-time payments provide a value add for both customers and FIs. Customers gain ease of access and faster delivery of payments while banks and FIs can improve customer retention with faster services. But banks don’t want to make real-time payments convenient for fraudsters while they deliver services for their customers. Taking these steps will help banks ensure that real-time payments don’t become real-time fraud losses.

Want to learn how to keep real-time payments from becoming fraud losses? Schedule a demo with our team and learn how to protect your customers from new and emerging scam threats.