In the U.S., fraud is an underground economy that costs individuals and businesses an estimated $200 billion a year. Gartner predicts that the overall cost of card fraud to the financial services industry will increase threefold over the next three to five years.
Clearly, the challenge of fraud prevention in the banking industry continues to be paramount in the minds of institutions and consumers alike – and the cost and implications don’t stop there.
The latest wrinkle on this front is litigation, with several high-profile cases coming to light recently, including Choice Escrow and Land Title LLC vs. BancorpSouth and PATCO Construction Inc. vs. Ocean Bank.
With the cost of fraud already at astronomical levels, the additional losses that are mounting due to legal actions, possibly even class actions, will only heighten the severity of this matter and reaffirm the urgency for finding solutions to stem the tide.
As a result, banks and credit unions are increasing their investment in fraud detection and prevention enhancements. Multifactor authentication, regular risk assessments, transaction verification, account monitoring and customer/member education are now top of mind for bank security executives who fight fraud every day.
The increased focus on security is also due in part to the Federal Financial Institutions Examination Council’s updated authentication guidance. However, according to the recent Faces of Fraud survey report, 29% of respondents don’t fully understand the desires of the regulators, and 88% don’t even believe that conforming to the guidelines will have a great effect on halting online fraud.
The reason for such attitude is likely that in general, guidelines are simply that –guidelines – and typically represent lowest common denominator, not highest common factor. Against such background the tendency is to simply comply, and not exceed, which leads to the lack of confidence.
In addition, when discussing fraud, the conversation typically hones in on how fraudsters obtain such personal information about their victims, and whilst as an industry we should of course focus on preventing data breaches, the sad reality is that we must also assume that such breaches will continue to prevail and will follow the trend of recent attacks, increasing in volume and impact.
As a counter measure, the industry needs to place equal if not more emphasis on preventing criminals from using the personal information and data they steal. As Peter Hurst, chief executive of CIFAS, the UK’s fraud prevention service, says: “Prevention . . . remains better than cure, and it is time for all organisations and consumers to start reviewing their approaches to preventing fraud rather than trying and failing to recover losses.”
In this context, prevention of abuse is as important as prevention of theft.
Of note now is that smart technology exists that can alert individuals whenever a fraudster is trying to access their money or hijack their mobile phone, for example.
Much of this new technology is “invisible” and context aware, yet non-invasive from a data privacy and data protection standpoint being totally anonymous and compliant with stringent data protection and data privacy standards.
By adopting an out-of-band approach to the verification process and approaching security using a multi-layer model, the customer can be alerted to a potential crime in real-time, thereby fully enabling the customer with the power and resources to combat it.
Whilst as an industry we may never have a perfect cure to fraud, it’s important to realize that intelligent, advanced prevention solutions already exist.