Real-time payments thrill consumers and businesses with immediate fund transfers, but that same speed attracts fraudsters. Banks eager to meet customer expectations must rethink defenses because scams, particularly authorized push payment (APP) fraud, are spreading and pressure is growing for clearer reimbursement when victims lose money.
APP fraud occurs when a legitimate customer is tricked into sending money — often through social engineering — under the false belief the transaction is valid. “It’s the real person, they really want to buy whatever it is, or send the money to whomever it is because that person believes it is legitimate,” Steve Bledsoe, VP of Solution Consulting at Entersekt, told PYMNTS.
A scammer might advertise $15 sneakers on a marketplace or pose as a trusted contact, coaxing the victim to “authorize” a transfer. Because the customer initiates the payment, recovering funds or proving fraud is difficult, pushing banks to reconsider reimbursement and detection methods.
He stressed that customer education, reimbursement policies and preventative controls need to work together in an age where funds are moving more quickly than ever.
Moving Beyond Intent
Traditional fraud models looked for malicious intent, but APP scams flip that script. “We’re not looking at intent anymore, except for maybe in first-party fraud,” Bledsoe noted. Instead, banks must analyze context, such as where the request originated and how the customer found the offer, and blend that with authentication layers that can gently ask, “Are you sure you want to do this?”
Advertisement: Scroll to Continue
Data, Not Single Signals
Fraud defenses weaken when banks fixate on a single indicator. “Fraud tools can get in trouble if they categorically say this type of signal is better than that,” Bledsoe cautioned. The key is to move toward understanding the full picture. Platforms are critical for that holistic endeavor, he said, not just point solutions.
Entersekt’s platform-based system layers behavioral analytics, reputational data and device security posture, then models trends over time. A VPN connection, for example, may hide a criminal’s location, or simply indicate a user streaming a show abroad. “You can’t look at individual things and say, aha, that’s the smoking gun,” he said. “You have to layer all that intelligence in together and model and make smart decisions.”
Avoiding Alert Fatigue
Constant pings train customers to ignore warnings. “The last thing that we want to do is just fire off authentication messages all day every day,” Bledsoe said. Effective risk-based authentication naturally limits unnecessary prompts, introducing “expected friction” only when risk is high. A routine login from a known device should glide through, while a high-value Zelle transfer from an unfamiliar location deserves extra checks.
Controls might block or step up a suspicious payment, and if education is done right, “that experience shouldn’t be a surprise to the account holder. It should be signaling … ‘my FI has my back.’”
Good Friction and the Risk Register
There’s an art in applying “good friction” that slows fraud without alienating customers. Policies can vary by institution and risk appetite. Some banks “want to hard-challenge everything,” Bledsoe said, while others use granular rules for high-value accounts that exempt low-value payments from a hard challenge and apply obviously a layer of risk-based decisioning. Every financial institution maintains a “risk register” tracking fraud losses. Entersekt works with each to tailor controls and adjust as patterns shift.
Integrating at the Core
Implementation succeeds only if integration is seamless for customers and bank staff. “It has to be easy to use no matter where you integrate,” he said, including at the digital layer or the core layer. Customers shouldn’t have to enroll; protections like biometric authentication should activate automatically.
Entersekt pipes real-time risk and security data back to the bank’s core systems or third-party platforms. Rather than merely flag “VPN use,” for example, it provides context: “This session is a little bit risky because it’s coming from a location that’s inconsistent with the behavior and the pattern that we see here,” he said, illustrating the information relayed back to the financial institution (FI). Banks can combine this with their own data to make decisions.
Proving the Impact
Data quality and measurement are essential. “Not all data is equally valuable, nor is all data of high quality,” Bledsoe warned, citing the maxim “garbage in, garbage out.” Key metrics include false positives and customer experience during events like travel. Entersekt’s results speak loudly: a Q2 digital banking client reported a 90.7% average monthly reduction in Zelle fraud losses after deployment, and another bank recorded zero losses in November 2024. Continuous reporting ensures models adapt in real time.
The Bottom Line
For Bledsoe, success always comes back to equilibrium. “Balance, balance, balance … you get the balance wrong, you let the wrong people in. You get the balance wrong, you kick the right people out. And we don’t want any of that to happen.”
Real-time payments aren’t slowing down, and neither are scammers. Banks that combine layered data, intelligent risk modeling and customer-friendly education can keep pace, delivering the speed customers crave without handing fraudsters the keys.
