With the transition to EMV chip payment cards just months away, online merchants are bracing for an expected surge in eCommerce fraud. But two other kinds of financial crime that’s likely to increase: those involving checks and bank account applications, according to a security expert at the Federal Reserve Bank of Atlanta.
“Well before the EMV card liability shift occurs in the United States on Oct. 1, 2015, a number of financial institutions have reported a marked increase in counterfeit checks and duplicate-item fraud, usually by way of the mobile deposit capture service,” wrote David Lott, a payments risk expert in the Atlanta Fed’s Retail Payments Risk Forum.
“In many cases, the fraud takes place on accounts that have been open for more than six months, long enough to allow the criminal to have established an apparent pattern of ‘normalcy,’ although there are reports of newly opened accounts being used as well,” Lott added.
That matches the experience of financial institutions in Canada, where an EMV liability shift like the U.S.’s October 2015 deadline took place in 2011 and 2012. Fraudulent applications for credit and checking accounts have increased by up to 300 percent in the three years since the Canadian EMV shift.
“Criminals are opening checking accounts to perpetrate overall identity theft fraud as well as to create conduits for future counterfeit check or kiting fraud,” Lott wrote. “And they’re submitting fraudulent credit applications to purchase automobiles or other merchandise that they can then sell easily.”
While that shifts fraud away from payment cards (as well as mobile-payments approaches that use Visa and MasterCard accounts), it still leaves both banks and merchants in harm’s way: banks because they’re creating fraudulent accounts, and merchants because they’re the ones targeted with bad checks or fraudulent credit applications.
And as with the recently discovered problem with bogus Apple Pay accounts, it’s up to banks to tighten their due diligence to block the fraud at the start.
“Financial institutions should already be evaluating their check acceptance processes and account activity parameters to spot problem accounts early. Likewise, financial institutions should make sure their KYC, or know-your-customer, processes and tools are adequate to handle the additional threat that the credit and account application channel may experience,” Lott wrote, adding that banks must be proactive to prevent the fraud in the first place, and also ensure they can react quickly to potential attempts at fraud.