The Evolution of Online Payment Fraud

POSTED BY Nick Maynard
From market data, it is clear that online payments are convenient and drive eCommerce. However, they have also created a playground for cybercriminals who are intent on circumventing the structures on which online payments rely. Trust, it seems, is breaking down.

The threat landscape continues to evolve and test existing anti-fraud measures. The omnichannel retail environment, fuelled by changing customer expectations, restrictions during the pandemic, along with initiatives that are encouraging the open use of financial data, are creating a perfect storm for fraud. Fresh and upgraded challenges must be tackled in the world of online payments. New types of fraud such as ‘silent fraud’ and cybersecurity vulnerabilities are all contributing to a complex mix of attack vectors.

As in any other industry, disruption has the potential to be a force for good; it opens up opportunities through innovation. However, payments involve a complex web of interactions and APIs, which while creating opportunities for stakeholders, must now be a consideration in fraud terms. The identity network is also a driving force that, used well, can build trust, but also adds into this heady mix opportunities for fraud.

Cybercriminals are always one step ahead. They use a mix of social engineering and technology know-how to circumvent systems. Fraudsters’ ultimate aim is financial, so payment systems are the ideal target. Understanding the threat landscape is crucial to reinforcing protection, whilst keeping innovation clear of exploitation.

Fraudsters are highly innovative and use whatever means available to intercept, manipulate, and misrepresent financial transactions for personal financial gain; meaning that mitigation strategies need to be similarly innovative.

Identity is sitting as a central element in the payment ecosystem for both customer engagement and fraud prevention. As identity has become intrinsically entwined with payments, the focus of the fraudster has been innovating around identity or more precisely, identity data. Methods of fraud reflect new technologies and new processes. Attacks are often multi-part, drawing in the social as well as the technical to execute a fraud event.

How human behaviour plays out in payments is a major consideration for fraud management. The overlap in creating great customer experiences in payments and matching these to a secure experience is perhaps the greatest challenge of the industry. Balancing security measures versus usability has always been a difficult objective across many sectors, but this goal is heightened by the focus of cybercrime on the payment sector. 

The pandemic is exacerbating identity theft issues. Anti-fraud techniques must work to minimise friction whilst maximising detection capability. This must be done across multiple channels with no gaps. The multiple parts of a payment model across all the human touchpoints mean that the many moving parts of the system must be oiled by anti-fraud and fluid identity verification. The emergence of identity networks that can handle multiple sources of data and verification services will help move the scales towards a more balanced security-usability model.

Our latest whitepaper, Fighting Online Payment Fraud in 2021, explores the current online payment fraud landscape, highlighting new trends and strategies to combat this relevant issue.

Download the Whitepaper: Fighting Online Payment Fraud in 2022
Related Research: Online Payment Fraud