UK Faster Payment System Prompts Changes to Fraud Regulation

UK Faster Payment System Prompts Changes to Fraud Regulation

Steven Murdoch

Innovation Security Architect at OneSpan

Views 1766

UK Faster Payment System Prompts Changes to Fraud Regulation

29.10.2018 01:00 pm

Banking transactions are rapidly moving online, offering convenience to customers and allowing banks to close branches and re-focus on marketing more profitable financial products. At the same time, new payment methods, like the UK’s Faster Payment System, make transactions irrevocable within hours, not days, and so let recipients make use of funds immediately.

However, these changes have also created a new opportunity for fraud schemes that trick victims into performing a transaction under false pretences. For example, a criminal might call a bank customer, tell them that their account has been compromised, and help them to transfer money to a supposedly safe account that is actually under the criminal’s control. Losses in the UK from this type of fraud were £145.4 million during the first half of 2018 but importantly for the public, such frauds fall outside of existing consumer protection rules, leaving the customer liable for sometimes life-changing amounts.

The human cost behind this epidemic has persuaded regulators to do more to protect customers and create incentives for banks to do a better job at preventing the fraud. These measures are coming sooner than UK Finance would like, but during questioning by the House of Commons Treasury Committee on Tuesday, their Chief Executive conceded that change is coming. They now focus on who will reimburse customers who have been defrauded through no fault of their own. Who picks up the bill will depend not just on how good fraud prevention measures are but how effectively banks can demonstrate this fact.

UK Faster Payment Creates an Opportunity for Social Engineering Attacks

One factor that contributed to the new type of fraud is that online interactions lack the usual cues that help customers tell whether a bank is genuine. Criminals use sophisticated social engineering attacks that create a sense of urgency, combined with information gathered about the customer through illicit means, to convince even diligent victims that it could only be their own bank calling. These techniques, combined with the newly irrevocable payment system, creates an ideal situation for criminals.

Even banking/security leaders are not confident their organisation could detect and prevent the constantly changing types of fraud. With that in mind, the regulators accept that customers can’t be expected to spot every type of fraud. Those who take reasonable measures but still fall victim should be refunded.

In these cases, who will pay for the reimbursement will depend on whether the customer was given adequate warning, whether bank fraud prevention systems were effective, and whether the bank that received the stolen funds could reasonably have done more to prevent the stolen money leaving the account.

Providing Evidence of Security

When there’s a dispute as to whether a victim should be refunded, the Financial Ombudsman Service will adjudicate. They’ve already indicated that they will take a hard line against banks making unrealistic expectations of customers. Not only will the Ombudsman expect that banks do all they reasonably could to prevent fraud, as well as giving sufficient warning to customers, but be able to provide rigorous evidence that their measures are effective, and that due care was taken of particularly vulnerable customers.

For victims of fraud, these changes can’t come soon enough. Banks and their security providers will have to step up to the challenge of not only being secure enough for their own satisfaction but be able to demonstrate to the satisfaction of the public that they are continually monitoring the threat landscape and could not reasonably do anything more than they already do.

 

 

Latest blogs

David Villaseca Oracle

Are Banks really responsible in a digital world? Challenges on United Nations

This week, we held a discussion on Responsible Banking on the 25th United Nations Climate Change Conference (COP25). It connected different experts from Bank of Spain, Santander, etc, with the coordination of CEU. Green and Responsible Banking Read more »

Steve Morgan Pegasystems

What Trends Will Shake Up the Banking Tech Sector in 2020?

In the past year, we’ve seen technology play a huge part in shaping the banking industry landscape, from emerging fintechs to new solutions facilitated by Open Banking to the latest AI tools. With such progression happening throughout the sector, we Read more »

Bas Lemmens Pivotal Software Inc

Agile holds the key to competition and growth in financial services

The pace of change in the financial services sector is such that traditional business models are no longer viable, and firms that have stood the test of time must adapt in order to survive. A recent Gartner report found that by 2030, 80% of heritage Read more »

Alexander Yuditsky Tradalaxy

The State of The Global Export Market. Barriers and Opportunities for Local Business Going Global

Global trade is an ever-shifting sea. The waves of growth go up and down, but one thing remains certain: both barriers and opportunities are always present. Global trade tensions have been rising since 2018, and with tariffs on some widespread goods Read more »

Ahmed Khidhir Temenos

How Generation Z Will Reshape Digital Banking

Generation Z (or Gen Z), the demographic cohort following the Millennials, presents a new breed of customers for financial institutions. Born after 1995, Gen Z is the first generation to be born and raised with YouTube, Instagram and Netflix. Unlike Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel