‘Swarm’ Attacks Challenge Traditional Fraud Defenses  

For as long as hard-earned money has existed, criminals have been trying to take it. And as money itself has evolved across an increasingly digital landscape, bad actors have followed suit with their own, increasingly sophisticated tactics — making safeguarding against payments fraud an ever-more intricate challenge.

“It’s not necessarily original, but fraud prevention has become about artificial intelligence (AI) today as much as it is about anything else,” Maciej Pitucha, VP of product and data at Mangopay, told PYMNTS.

With next-generation advancements in technology, Pitucha said, creating synthetic identities that appear to be genuine has become alarmingly accessible — and alarmingly scalable. Fraudsters can easily procure fake identity documents through online platforms, and this democratization of what was previously a relatively inaccessible and sophisticated attack vector now presents a significant challenge for identity verification processes — particularly as automation facilitated by AI empowers fraudsters to orchestrate large-scale social engineering attacks.

“We’ve always had social engineering attacks, but with the advent of AI, it’s much easier to create a bot that will have a credible conversation with a victim and convince many victims at the same time to share their credentials, transfer money, and do other things that they wouldn’t normally do,” he said.

The proliferation of digital payment methods, while offering convenience and efficiency, has also expanded the playground for cybercriminals, and has changed the parameters of fraud prevention from a focus on one-to-one interactions to a perimeter defense against AI-enabled swarm attacks.

Staying Ahead of the Fast-Moving Threat Landscape

The evolving landscape of payments fraud protection is facing a unique and staggering suite of challenges from bad actors. An unwelcome side effect of the ability of cyber criminals to use technology to scale their attacks is that, as awareness about fraud spreads, more individuals are drawn to these illicit activities, contributing to the sophistication of fraudulent schemes.

Pitucha noted that the fraud landscape has witnessed a surge in professionalization, with organized groups leveraging specialized software to execute their illicit attacks at an industrial scale.

Still, “there is a solution to everything,” he said, emphasizing that the state of the contemporary payments fraud landscape is not hopeless — but stressing that today’s realities require both time and ingenuity for firms to defeat and defend against modern fraudsters.

Complicating matters is the fact that while measures like 3D Secure authentication enhance security, they can often come at the expense of user experience, leading to potential trade-offs — particularly for eCommerce businesses that might want to enhance user stickiness with lax refund policies.

And as Pitucha explained, those same lax refund policies which are aimed at improving customer satisfaction can inadvertently open avenues for refund fraud. Fraudsters exploit lenient return policies by manipulating transactions, underscoring the need for continuous adaptation and innovation in fraud prevention strategies.

Innovative Strategies to Effectively Mitigate Fraud Risks

To stay ahead of evolving threats, businesses must adopt proactive approaches to fraud prevention.

Pitucha advocated for leveraging data and expertise from specialized fraud prevention companies that possess the necessary tools and insights to detect and mitigate fraudulent activities most effectively, versus the cost and resource lift of building a cutting-edge solution in-house.

“There are so many data points that we couldn’t get previously, without today’s technology, that all help give a sense of what might be coming,” he said. “Data is usually the answer … Building a successful fraud prevention solution requires lots of data, lots of expertise.”

Technologies such as AI and machine learning are at the forefront of this battle, offering the ability to analyze vast amounts of transaction data in real-time to identify and prevent fraudulent activities.

Continuous experimentation and collaboration with multiple fraud prevention providers can also enhance efficacy by leveraging the strengths of different solutions, while the use of predictive analytics and deep learning can help further refine the accuracy of fraud detection systems, potentially staying one step ahead of fraudsters.

By investing in robust fraud prevention measures, businesses can mitigate risks while prioritizing user experience and operational efficiency, Pitucha said.

And end users also play a crucial role in mitigating fraud risks. Pitucha advised consumers to opt for secure payment methods that offer additional authentication layers, such as two-factor authentication. Vigilance in online transactions, including verifying the legitimacy of websites and refraining from sharing sensitive information with unknown entities, is essential in safeguarding against fraud.