There’s been no real harbinger of what we’re facing: the huge shift toward doing everything at home, from working to learning to — especially — shopping.
The fraudsters follow the money, of course — which means they follow the money home, so to speak.
To put it more bluntly, the shift toward eCommerce means that card not present transactions are, and will be, on the rise — which means that authentication and verification efforts by merchants, and indeed businesses of all verticals, must be stepped up a notch or several, and must fully enter the digital realm, too.
In a series of interviews with Karen Webster, executives with companies focused on helping battle the bad actors indicated that COVID-19 has raised the stakes in a battle that has been ongoing for some time – namely, ascertaining that people are who they say they are and shepherding good transactions through to completion, while weeding out false positives.
In one interview, Boku CEO Jon Prideaux told Webster that typical means of authentication such as passwords, or individual specific data such as street addresses, all can be ascertained and exploited by fraudsters. That means they can co-opt identities and even cobble new identities (known as synthetic IDs) before even interacting with a business or an FI, carrying on a ruse from the onboarding process onward.
In the bid to strengthen KYC and AML efforts, phones can offer at least one strong line of defense, and can require biometric authenticators to open. Telcos have the data on hand to verify that customers using the phone to transact are using the right phones. Aggregating data across mobile operators and countries can be done through companies like Boku.
The idea of using digital technology to boost risk mitigation and improve verification is gaining traction around the globe, and getting boosts from government bodies.
In one example, the Financial Action Task Force (FATF) has recommended that FIs and other stakeholders work together to “ensure coordinated policy responses” for payment services. The U.K.’s Financial Conduct Authority has said that it is following the FATF’s recommendations and is allowing, as part of its Guidance on Digital ID, selfies and scanned documents as proof of identity for AML efforts, as detailed by biometricupdate.com.
“Criminals are taking advantage of the COVID-19 pandemic to carry out financial fraud and exploitation scams, including advertising and trafficking in counterfeit medicines, offering fraudulent investment opportunities and engaging in phishing schemes that prey on virus-related fears,” said the FATF.
In separate and general commentary on digital onboarding during in an interview with PYMNTS, Zac Cohen, chief operating officer of Trulioo, said that “in order to quickly adapt AML efforts, payment processing companies should consider flexible, scalable and interoperable technology that can easily be reconfigured for many in-market conditions.”
“Additionally, for identity verification, a layered approach that applies the correct screening and onboarding workflows for the right customer at the right time is the way to go if these companies want to obey the ever-evolving laws and regulations around AML globally,” he added.
As life moves inexorably online, so too must new ways to keep fraudsters from hijacking identities and stealing funds. Shoring up the onboarding process can stop the bad guys before they start in a battle that never ends.