Peer-to-Peer (P2P) Payment App Fraud: Navigating the New Payment Landscape - Primax
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Peer-to-Peer (P2P) Payment App Fraud:
Navigating the New Payment Landscape
Executive Summary has doubled in just four years, from 22% in
2014 to 50% in 2018.1 Two of the top P2P
Peer-to-Peer (P2P) Payment Apps are a new apps on the market are Venmo and Zelle. As
major player in mobile payments and quickly P2P payments have become mainstream,
gaining traction in the U.S. The trend is not many large financial institutions like Bank
only hot with consumers, but with fraudsters of America, Chase and Wells Fargo, are
as well. With a number of different P2P apps partnering together to offer a P2P service
available to cardholders, it can be challenging often via the Zelle network.
to determine the best way to handle P2P fraud
when it happens at your bank. This white
A Fast, Convenient
paper will provide a comprehensive review
Payment Option
of P2P payment app fraud and guidelines for
banks to help cardholders detect and thwart For many people, cash or checks have
this emerging threat. historically been the easiest way to pay
a friend or acquaintance. However, P2P
payment technologies have introduced a
What are Peer-to-Peer
new way of sending money that is fast
(P2P) Payments?
and convenient.
Unlike traditional methods in the payments
ecosystem, Peer-to-Peer (P2P) payments P2P apps are an easy way to transfer money
are an electronic transaction that allows without having to carry cash or checks.
individuals to pay another person in real time Cardholders commonly use them to transfer
directly, through an online or mobile app, using money to people they know (sending gifts,
their account or card information. All they splitting a restaurant bill or vacation, paying a
need is an email address or a mobile phone neighbor at a yard sale).
number to send and receive money.
The downside of this modern method
Use of P2P payments is accelerating in the of payment is that it is also becoming
U.S., and not just with millennials. A recent increasingly popular with scammers.
Aite report shows that P2P payment use
Peer-to-Peer (P2P) Payment App Fraud:
Navigating the New Payment Landscape
Why Fraudsters are Targeting P2P Payment Apps
P2P app fraud is on the rise due to fraudsters taking advantage of the person-to-person payment
environment; they prey on your cardholders’ trust. Popular scams include:
1. Online schemes in which the victim is enticed to buy a product or service online, then their money
(and the scammer) disappears after they’ve sent the payment via the P2P app and without the
product or service.
2. Fraudsters, armed with cardholder information such as name, phone number and card or
account number from the dark web, are able to load customer cards onto P2P apps on
their phones.
3. Fraudsters will call victims and impersonate the fraud department or the bank, telling the victim
they are calling in response to a potentially fraudulent authorization on the victim’s card, then
asking them to share personal information. The fraudster will try to extract the cardholder’s
passcode that is sent to them via text message, and the fraudster uses that to take over the
victim’s P2P app.
4. Fraudsters will ask a victim to use their phone, saying their battery died or they lost their phone.
While pretending to send a text, the stranger has actually gone in to the victim’s P2P app to
transfer funds from the victim’s account to theirs.
5. When a victim’s Bluetooth is turned on, highly skilled hackers can hack into their smartphone via
the enabled Bluetooth portal, and gain access to any application where the victim’s username
and password are automatically stored.
P2P payment transfers happen in real-time and outside of most fraud security checks and controls,
enabling scammers to steal the money fast. Additionally, most P2P services don’t provide buyer
protection like with a credit card. P2P payments are essentially electronic cash that can be moved
around and withdrawn in real time, so fraudsters don’t need to convert items into cash like they
would with a gift card or merchandise.
P2P transfers often occur outside of traditional payment networks, and a customer’s payment
is immediately available to the party they send it to. The convenience and ease of use of P2P
payments is inherently what makes it exploitable to fraudsters. Often times, the fraudster has
already moved the money by the time the fraud is suspected.
Peer-to-Peer (P2P) Payment App Fraud:
Navigating the New Payment Landscape
Can P2P Payment Fraud be Controlled?
Currently, P2P payment operators have some rudimentary controls in place to prevent fraud, but
unfortunately, the onus is often on the consumer to transfer funds correctly, set up PIN entry, Touch
ID, or Face ID verification within the app and make sure they know and trust the receiving party.
The majority of liability around P2P payments remains with the consumer. According to Aite, if a
consumer sends a payment through a P2P app to someone they don’t know personally and fraud
occurs, most banks are not willing to provide a refund. An exception would be if a fraudster initiated
the transaction, then the financial institution would likely follow the same procedure as a mobile app
hacking to refund the cardholder.Peer-to-Peer (P2P) Payment App Fraud:
Navigating the New Payment Landscape
How to Prevent P2P Payment Fraud
The best way banks can help prevent their cardholders from falling victim to fraud is through
education and proactive detection. Through every channel your bank uses, including, social media,
website, email or printed pieces, share the following P2P fraud prevention messages with
your cardholders:
1. Never send money to someone you haven’t met in person. When purchasing something, you
should use a service with buyer protection.
2. Double-check the username or phone number of the person you are trying to send money to, and
try sending a small amount first to confirm that your intended recipient received it.
3. Opt-in for stronger security. Almost every popular P2P platform offers the ability to create a
personal identification number (PIN) or use facial recognition. Once the PIN is created, you will be
required to enter it upon opening the app, or before you’re able to transfer/cash out money you’ll
be required to pass the face recognition reader.
4. Before using any P2P service, search the app for customer service contacts and procedures so
that you know where to go and what kind of help to expect in the event that you have a dispute.
5. Make sure you have auto-updates turned on for your device across the board to ensure your app
has the latest updates and protections.
6. Set up transaction or account alerts and controls so that you can be notified of transactions or
any account changes from your financial institution.
7. Don’t let strangers borrow your phone. They could pretend to be using it for an emergency but
really be using it to transfer money from your app to their account.
8. Consider linking your credit card in the app, instead of a debit card, so you have more
fraud protection.
9. If you suspect fraud, freeze or lock your card immediately, contact the P2P app customer service
to initiate a dispute, then separately contact the bank for further instructions.
10. You also can lodge a complaint with the CFPB’s Consumer Complaint Database. Or, you can file a
complaint at Fraud.org via a secure online complaint form.
You may also want to work with your payments processor’s fraud team or risk consultant to assess
any trends you are experiencing with P2P app fraud and implement proactive threshold rules, for
certain maximums, based on the bank’s comfort.
As with any type of fraud, a multi-layered approach to preparedness, detection and responsiveness
will help to prevent and mitigate loss and maintain cardholder satisfaction.Peer-to-Peer (P2P) Payment App Fraud:
Navigating the New Payment Landscape
The Future of P2P Payments
With consumers embracing P2P payment
technologies more rapidly, banks will likely
want to allow for P2P transactions to remain
competitive. The convenience of a real time
peer-to-peer payment that takes place very
quickly is highly attractive to consumers,
but it’s even more attractive to fraudsters,
because the quicker the transaction, the
quicker the fraudster can steal. For the most
part, consumers have generally had the
experience they expected with P2P apps and
feel they are safe, but it is key for both the
bank and cardholders to be aware of the risks
to thwart this emerging threat.
1
“Person-to-Person Payments: How Americans Pass the Buck,”
Aite Group, April 11, 2018.
About Primax
Primax, a PSCU business, provides community banks with payment processing services and
an expansive array of value-added technology and solutions. Primax’s customizable solutions,
including risk management, digital banking, mobile and online card management, data and
analytics, loyalty programs, marketing, strategic consulting, delinquency management and contact
center services, help community banks profitably grow their portfolios and deliver an unparalleled
experience to their accountholders. With a longstanding commitment to service excellence, Primax
has been designing and providing support services for financial institutions throughout the U.S. and
the Caribbean for over 40 years. For more information, visit www.primax.us.
Payments ■ Risk Management ■ Digital Banking ■ Data Science and Analytics ■ Loyalty
Mobile and Online Card Management ■ Contact Center Services and Solutions
5.21 Strategic Consulting ■ Marketing ■ Delinquency ManagementYou can also read
