From securing your online purchases to strengthening your e-commerce ecosystem. strong customer authentication (SCA) helps verify remote electronic transactions and reinvents digital commerce landscape.
In Europe, such mandates have effectively curbed fraud; stemming New report on customer credential theft european banking authorities (EBA) has revealed worrying trends. Despite the existence of SCA; con man In particular, it has managed to adapt, adopting increasingly sophisticated technologies. Use social engineering tactics.
Fraud currently includes three main categories: payer; A mix of social engineering and technical scam; The report states that there were violations of the registration process.
Then, Operation of According to the report, scammers are using social engineering tactics to force payments directly from customers. These techniques often exploit personal information collected from social networks, with perpetrators impersonating trusted organizations such as relatives, friends, business partners, and payment service providers (PSPs). In the corporate space, A scheme like “CEO fraud” involves tricking employees into initiating large payments under false pretenses.
mixture social engineering and technical fraud combined Phishing techniques Like vishing and smishing person who steals Customer personal security credentialssays the report.. Fraudsters then use social engineering tactics to persuade payment service users (PSUs) to approve fraudulent transactions.different from typical Impersonation planthis category of scammers directly tampers with the victim's account, increasing the risk.
Compromising the registration process, on the other hand, involves fraudsters exploiting vulnerabilities in the registration process to register devices as a secondary factor in the SCA, supplemented with stolen credentials obtained through phishing, smishing, or vishing. This includes: This ruse allows them to take full control of your payment account and perform multiple fraudulent transactions.according to the report.
Additionally, the report highlighted that: Instant credit transferor immediate payment indicates a high rating scam Rates compared to traditional credit transfers. This phenomenon partially due to to There are limits to the PSP's capabilities. recover funds with in the case of Fraudulent instant payments occur and are made worse by faster execution times for these transactions.
nick fleetwoodHead of Data Services form 3emphasized the sensitivity of instant payment The scam was carried out earlier this year, citing an increase in both fraud damage and attack cases in recent years.
“Fraud losses increased by 27%, but the number of incidents increased by 68%.” [of instant payment-based attacks] Because you can connect a sense of urgency,” Fleetwood told PYMNTS in January.
In response to these evolving fraud dynamics, the EBA has proposed additional security measures to complement the existing regulatory framework. 3rd Payment Services Directive (PSD3) and the Payment Services Regulation (PSR), recognizing the need for a multi-pronged approach to effectively combat fraud.
fleetwood, However, it emphasized the importance of joint efforts to build strong defense mechanisms against fraud using technology and data analytics. He also emphasized that the concept of “consortium intelligence”, where all stakeholders contribute to a shared data model, is a means to keep fraudsters at bay.
The consortium approach has proven effective in identifying 80% of fraud in the system.He said.
“This is very inefficient for scammers [to be successful] Using instant payments: 80% of fraud is stopped,” he said. “The consortium's intelligence will be a key element in the fight against fraud in instant payments and beyond.”