Examining the “Customer Journey” to Prevent ACH And Check Fraud
- A "holistic approach" is best in combating fraud
- Digital financial products are an easier target
- Checks, while less targeted, are still in the crosshairs of fraudsters
In their latest “Digital Fraud Tracker” feature, PYMNTS talked with Seth Ruden, senior director of fraud operations for First Tech Federal Credit Union. In his analysis of fraud prevention, he spoke about a holistic approach balancing ironclad security with seamless payments and banking interactions.
“As we move forward with our digital banking shift, we want to ensure that people recognize that digital banking has created a significant uptick in the amount of fraud risk,” noted Ruden. “Deploying these technologies like multifactor authentication, as well as getting greater visibility to all channels and cross-channel activity, is where we’re going to be able to deliver on the promise of significantly elevated and enhanced protection.”
All Fraud Targets Are Not Equal
Digital and paper-based payments are targets for fraud -- but not equally, as digital presents a bigger target. Also, as noted in the report:
Despite the growing popularity of digital payments, paper checks are still an extremely common transaction method. They are also the payment method most susceptible to fraud, according to the 2021 AFP Payments Fraud and Control Survey Report. The study found that 66% of payments fraud occurred through paper checks, with bad actors often stealing checks from the mail and then altering them to redirect the payments to themselves.
However, Ruden pointed out that digital services are more vulnerable due to their transaction volume, fed by the growing numbers of consumers who shifted to online banking during the pandemic.
“Digital services are where most people perform most of their transactions, and those digital channels are the ones [that] tend to be receiving the bulk of the attacks,” he said. “Certainly, we have plenty of check deposits where fraudsters have made attempts, but we anticipate that as we become more digitally focused as a society, [digital channels are] where a lot of the risk has to be concentrated.”
Fraudsters have a number of tactics in their tool belts to use against both targets, but some are more common than others. Account takeovers are most popular, according to Ruden.
“We certainly have seen very large increases in account takeovers in recent years, and it is not inconsistent with the compromises that occur across the entire internet ecosystem,” he said. “You share a password between different sites — and that’s a huge problem with passwords. We need to be far more diligent as organizations to ensure that we shore up those risks, as individuals are compromised every day.”
Engaging the "Big Picture"
Fighting fraud of all kinds requires knowledge all areas of the "customer journey," Ruden points out. A single-layer cybersecurity system is child's play for the clever fraudster; FIs need to secure all avenues of approach.
“We use solutions that look at payments and journeys and [are] not just focused on the individual transaction,” he said. “We look at the full life cycle of an individual’s engagement with their financial institution by ensuring that our members have strong security hygiene, that they’re using the right kind of passwords, that they’ve got multi-factor authentication options that suit their lifestyles, and that we have the right kind of fraud [prevention] tools that provide the right kind of alerts that the member can engage with specifically.”
The challenge, of course, is maintaining the seamless banking interactions that customers expect. Threading this needle requires precise security controls that only interact with transactions when absolutely necessary, said Ruden.
A hybrid approach to fraud -- digital or paper-based -- is the strongest method to protecting financial institutions and their customers. While there is not a single technology that can detect all frauds, the emergence of APIs makes it possible for many technologies and their outputs to work in tandem and synchronize, enabling financial institutions to detect and prevent fraud from all channels -- including checks. Merging transactional-based systems with image forensic AI into a single fraud review platform enables banks to have a single source for fraud detection while protecting themselves and their customers.