Security & Fraud

Fraud’s New Paradigm: Let Fraudsters In, But Never Let Them Leave

Fraud is rampant and thriving.

With a wealth of stolen credentials to pick from in the wake of several data breaches that comprised the identities of millions, fraudsters have more resources than ever. What’s more, fraudsters are getting smarter, building out identities and initiating money transactions that are made to appear as legitimate as possible before making their move.

Banks, financial institutions (FIs) and other members of the financial world are, thus, dealing with a rising flood of identity theft and application fraud, as bad actors look to capitalize on the email addresses, Social Security numbers, credit details and other information they have on hand.

In the latest Digital Fraud Tracker™, PYMNTS examines how fraudsters are capitalizing on stolen data, as well as how banks and retailers are responding to a world where many of the credentials they use for online verification have been compromised.

Around the Digital Fraud World

With fraudsters getting bolder, banks, retailers and consumers are recognizing that stronger verification is now a necessity. Meanwhile, many of the affected brands are taking steps to win back consumers’ trust.

Take Marriott, which is still dealing with the fallout of a breach that left the data of 500 million rewards customers exposed. The hotel is subsequently rebranding its rewards program, a move expected to take place within the next year. While the rebranding may help the company distance itself from the breach, affected consumers are likely to deal with the repercussions of the breach for years to come.

Meanwhile, digital streaming companies are seeing an increase in fraud, with bad actors turning to phishing schemes and other tools to ensnare the identities of customers. Netflix, for one, is currently warning its customers of an email scam designed to steal payment details from users.

Overall, thanks to the rise in data breaches, merchants and FIs alike are dealing with a steep increase in fraud. In one such instance, a First National Bank customer personally lost $10,000 from identity theft, after a fraudster used his name and identity to obtain and charge a credit card.

Inverting the Fraud Approach

For banks, fraud protection is a crucial part of staying competitive. Yet, how can banks protect against identity theft and application fraud with so many details compromised?

First, banks need to stop thinking about fraud as an identity problem, and start thinking of it more as a money problem, according to Dickson Chu, global head of portfolio management for BBVA. Second, banks need to invert their fraud protection strategies to watch money movement, he told PYMNTS.

“It’s not about putting locks on the door — it’s about making sure there’s no way to get the money out,” Chu said. “We’re perfectly happy if you’re a fraudster [who’s] going to move money in … because we’re going to have some additional verification methods if you move the money out.”

To learn more, take a look at the feature story.

About the Tracker

The Digital Fraud Tracker™, powered by DataVisor, offers a monthly look at the latest data, news and trends surrounding fraud and cybersecurity.



The PYMNTS Cross-Border Merchant Friction Index analyzes the key friction points experienced by consumers browsing, shopping and paying for purchases on international eCommerce sites. PYMNTS examined the checkout processes of 266 B2B and B2C eCommerce sites across 12 industries and operating from locations across Europe and the United States to provide a comprehensive overview of their checkout offerings.