Turn the tables on instant payment fraud

Consumers love the convenience of real-time payments, but detecting real-time fraud takes hyper-vigilance —and collaboration.

Consumers have flocked to the speed and convenience of instant payments. However, there’s a flipside: instant payment fraud. And it’s a topic that’s not getting nearly enough attention.

At a recent fintech conference, an executive from The Bank of New York Mellon encouraged attendees to proactively tackle instant payment fraud, emphasizing the importance of data and information sharing.

We agree—and have collected several additional considerations for how banks can securely manage instant payments across the multiple networks emerging to support these real-time transactions.

The growing threat of real-time payment fraud

Real-time payments (RTPs) have skyrocketed. The US’s 2023 rollout of FedNow joins the growing roster of RTP networks already implemented by approximately 80 countries.

That’s good news for banks and payment service providers: As RTP networks multiply, it expands these businesses’ reach—that is, they gain more opportunities to transact with counterparties, which invariably attracts a larger customer base.

Equally important, the RTP trend now extends to corporate and institutional clients, and the promise of international RTP is getting closer.

But juggling multiple RTP systems incurs not only complexity and cost but also introduces the possibility of real-time payment fraud. In parallel with RTP’s rapid adoption has been a global wave of scams, including authorized push payment (APP) fraud. Financial crime and fraud are projected to cost banks and financial institutions $40.6 billion annually by 2027 globally.

Detecting instant payment fraud sooner rather than later

Network and counterparty collaboration is critical to make this happen. For example, sharing the data characteristics of fraudulent transactions through payment market infrastructures—the systems owned by central banks that allow for safe open payments—will help banks and payment service providers combat counterparty fraud and better protect end customers.

Four considerations to guard against real-time payment fraud

Here are four actions to take for securing RTP transactions across multi-network ecosystems.

1. Implement AI/ML fraud detection. While there’s nothing new about fraud, RTPs render traditional fraud detection models obsolete. For one thing, RTP transaction values are relatively small, making it easier for fraud to go undetected. For another, fraudsters can move stolen money through multiple account “hops” quickly, making funds harder to track and recover.
   
   Now, customized real-time machine-learning techniques are helping to boost detection by enabling features that confirm a sender’s identity and intentions. Techniques such as specialized behavior-sorted lists, or B-lists, can determine the probability that the debit party is the payment’s authentic originator. B-lists also monitor key attributes of the originator’s payment history and isolate patterns, learning to identify typical behaviors and, conversely, suspicious ones.
   
   
2. Implement customized rule sets and RTP command centers. The instantaneous nature of RTPs requires banks and payment service providers to take immediate action after detecting fraud. Doing so will require customized rule sets that need to be implemented with care.
   
   First, the right interdiction support must be baked into the payment flow for all RTP clearing and settlement mechanisms. Second, because it’s difficult for any risk scoring engine to classify fraudulent transactions against a pre-defined taxonomy for each RTP network, payment market infrastructures must be able to separate authorized transactions from APPs so the appropriate rule set can be applied.
   
   Another issue is that the classification rules—as defined by the payment market infrastructures—evolve over time. That means fraud detection and command action software needs to be easily customizable to support rule updates.
   
   For banks and payment service providers that process a large volume of RTP transactions, it’s critical to set up a dedicated RTP command center that employs automated responses based on the appropriate scenario-driven rule sets.
   
   
3. Harness the power of data through collaboration. RTP fraud detection models are only as good as the granularity of the data fed into them. Enriching the input data takes connectivity to multiple data sources and collaboration among stakeholders on several fronts.
   
   One area of collaboration is categorizing and sharing the data per agreed classification models. Another is allowing API access to third-party providers, making data source modification easier. In addition, integration with credit bureaus is crucial for sourcing details such as credit history, eligibility scores and credit types. So is access to payment market infrastructure data, including fraudulent transaction history, watchlists and compliance metadata.
   
   Keeping up with fraudsters takes increasingly dynamic prevention strategies. For example, we are working with a telecom provider to add location data to its security layer, giving it an up-to-the-minute touchpoint to enhance screening. Real-time sharing of data requires carefully designed APIs and cross-industry collaboration, but the dynamic details can help detect anomalies in new fraud tactics like SIM swap attacks or one-time password scams.
   
   
4. Leverage internal and RTP network data and controls. Instant payment market infrastructure providers like FedNow prevent fraud through transaction limits. These limits can occur at network and participant levels, and through participant-defined negative lists.
   
   Network-level limits are typically defined by the payment infrastructure provider, while banks and payment service providers set participant-level limits. While internal tools like transactional fraud models have been effective in fighting account takeovers and card-not-present fraud, RTP fraud requires more sophisticated tools to detect scams that often appear to be authentic transactions.
   
   Again, collaboration is key: The best approach to tackling this problem is a consortium-based model that’s fed by data sources and detects anomalies in consumer behavior.

Securely managing instant payments across multiple networks takes hypervigilance and collaboration. But in an increasingly real-time world, it’s a must-do for banks and payment service providers.

For more on real-time payment fraud, read our white paper, “A Perspective on Fraud: Resilient Real-Time Payment Hubs with Multiple Clearings.”