Posts By :

Stuart O'Brien

CALL FOR SPEAKERS: Share your thoughts on today’s biggest payments issues

If you’re an anti-fraud professional and would like to share your knowledge, case studies and best practice with peers, then please get in touch – we have speaking opportunities upcoming at the Smarter Payments Summit this September.

This long-running and unique, invite-only event is attended by senior payments and anti-fraud professionals and leading suppliers, offering a great environment for networking and knowledge sharing within specialist seminar sessions.

Among the topics we’re looking for thought leadership on are risk, chargebacks, checkout trends, payments tech, fintech, AI and more.

The Smarter Payments Summit takes place on September 24th at the Radisson Blu Hotel Manchester Airport.

So, if you would like to deliver a talk sharing your experiences and knowledge with delegates, please contact Natasha Cobbold at n.cobbold@forumevents.co.uk or visit https://forumevents.co.uk/speaker-opportunities.

More AI knowledge required in consumer goods brands to avoid security blunders

Artificial Intelligence (AI) refers to software-based systems that use data inputs to make decisions on their own or that help users make decisions. Generative AI refers to AI creating content in any shape or format, from writing original text to designing new structures and products. These technologies have developed rapidly over the last 18 months and generated serious hype. However, the benefits and costs of AI applications are poorly understood. Consumer goods companies need to fail – and fail fast – in their AI initiatives to gain this understanding, according to new analysis.

GlobalData argues that consumer goods companies need to understand the technical, financial, and organisational requirements of any AI application to reliably assess the level of risk that application represents. Consumer goods companies need to consider how an AI should be trained to enable it to function cost-effectively. They also need to consider which delivery model is the most suitable from a data security and infrastructure cost point of view.

Rory Gopsill, Senior Consumer Analyst at GlobalData, said: “Industry professionals remain bullish about AI’s potential to disrupt numerous industries (including consumer goods). According to GlobalData’s Q1 2024 Tech Sentiment Poll, over 58% of respondents believe AI will significantly disrupt their industry. However, consumer goods companies should remember that the technology has limitations and risks. Chatbot failures caused Air Canada and DPD financial and reputational damage, respectively, in the first quarter of 2024. DeepMind’s own CEO warned against AI overhype in April 2024.”

In reality, adopting AI can pose very real financial and security risks. Training an AI can prove very expensive, especially if the task being automated is complex and requires an advanced AI. Furthermore, if an AI application requires training data that is commercially sensitive or confidential, a company may choose to train the AI in a private cloud environment rather than a less secure public cloud. Purchasing and maintaining the necessary IT infrastructure for this would be very expensive and organizationally demanding.

Gopsill continued: “Consumer goods companies need to be aware of these (and other) risks when choosing to develop AI applications. If they are not, their AI initiatives could fail with serious consequences. For example, sensitive data could be exposed, development costs could outweigh the application’s benefits, the quality of the AI application could be diminished, or the project could simply never get finished.

“Understanding these risks will enable consumer goods companies to fail early and safely and to learn from that failure. This will equip them with the knowledge to implement AI in a way that is safe and profitable. Fostering a culture of transparency around the risks of AI will help drive industry application and protect consumer goods companies and customers from the potential pitfalls of this evolving technology.”

Photo by freestocks on Unsplash

MULTI-FACTOR AUTHENTICATION MONTH: Top tips for finding the best solutions to shield your tills

Multi-Factor Authentication (MFA) solutions offer an extra layer of security for anti-fraud professionals in retail, but navigating the landscape of providers can feel overwhelming. Fear not! Here are some top tips to help you source the best MFA solution for your retail organisation

Understanding Your Fraud Landscape

  • Fraud Types: Identify the most common types of fraud your organisation faces, such as account takeover (ATO) attempts, fraudulent online purchases, or chip and PIN scams. Tailor your MFA solution to address these specific threats.
  • Customer Journey Analysis: Consider where in the customer journey MFA would be most beneficial. Will it be used for online account logins, high-value transactions, or staff access to sensitive systems?
  • User Experience (UX) Considerations: MFA shouldn’t hinder legitimate customer transactions. Choose a solution with a user-friendly authentication process that minimizes disruption to your customers’ shopping experience.

Evaluating MFA Solution Providers

  • Security Expertise: Seek providers with a proven track record in security solutions, particularly those specialising in retail fraud prevention. Look for industry certifications and accreditations.
  • Authentication Methods: Consider the types of MFA methods offered by the provider. SMS verification, mobile app authentication, or hardware tokens each have their advantages and disadvantages.
  • Integration Capabilities: Ensure the MFA solution integrates seamlessly with your existing retail management systems and payment processing platforms. Minimize disruption to your current workflows.

Beyond the Technology: Training and Support

  • Staff Training: Investing in staff training on the new MFA solution is crucial. Ensure your team understands how it works and can effectively assist customers who encounter any issues.
  • Customer Communication: Clearly communicate the implementation of MFA to your customers. Explain the benefits of enhanced security and address any potential concerns they might have.
  • Ongoing Support: Choose a provider that offers reliable technical support to address any issues that might arise after implementation. Prompt and efficient support is key.

Popular MFA Solution Providers for UK Retail

The market offers a variety of MFA solutions. While not an exhaustive list, here are some options popular in UK retail:

  • Duo Security: A well-established provider with a user-friendly platform offering various MFA methods, including push notifications and security keys.
  • Microsoft Azure AD Multi-Factor Authentication: A good choice for retailers already invested in the Microsoft ecosystem. Offers seamless integration with other Microsoft products.
  • Google Authenticator: A free and popular option offering time-based one-time passwords (OTP) generated through a mobile app. Security concerns around potential phone loss exist.
  • RSA SecurID: A leading provider offering hardware tokens and mobile app authentication, ideal for high-security environments.
  • Authy: A cloud-based MFA solution offering push notifications, mobile app authentication, and a user-friendly interface.

Building a Secure Future for Retail

By following these top tips and exploring the popular MFA solution providers, you can make an informed decision and implement a solution that effectively safeguards your retail organisation against fraud. Remember, MFA is just one piece of the puzzle. Combine it with ongoing staff training, robust data security practices, and clear communication with your customers to build a robust defence against evolving fraud threats. Investing in a reliable MFA solution empowers you to protect your customers’ data, reduce financial losses, and ultimately, build trust and confidence in your brand.

Are you searching for Multi-factor Authentication solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Austin Distel on Unsplash

VISA bets on Payment Tokens as the future of cards

Visa has unveiled new products and services that it says will ‘revolutionise’ the payment card and address the future needs of businesses, merchants and consumers and the financial institutions that serve them.

At its big launch event in San Francisco Jack Forestell, Chief Product and Strategy Officer at Visa, said: “The industry is at a pivotal point – new technologies like Gen AI are rapidly shifting how we shop and manage our finances. We’re announcing the next generation of truly digital-native payment card experiences. Today we unveiled new card features and digital innovations that will bring consumers into a more customized, convenient and secure future.”

A Visa study found that more than half of card users want the power to access multiple accounts through a single credential. The Visa Flexible Credential will allow a single card product to toggle between payment methods, putting the power of choice in the hands of the consumer. Now people can easily set parameters or choose whether they use debit, credit, “pay-in-four” with Buy Now Pay Later or even pay using rewards points. Visa Flexible Credential is live in Asia and will be launching with Affirm later this summer in the U.S.

There are six billion mobile devices in the world providing consumers with a versatile NFC enabled device primed to be “tapped.” At the end of 2023, Visa’s tap to pay penetration reached 65% globally, up two times the penetration we saw in 2019, cementing tap as one of the best commerce experiences today.

This year, new ways to “tap” on a mobile device will become an integral part of the Visa experience.

  • Tap to Pay: Any device can now be a POS device
  • Tap to Confirm: Easily authenticates identity when shopping online
  • Tap to Add Card: Enhances security when adding card into a wallet or app
  • Tap to P2P (person-to-person): Allows money to be sent between family and friends

Other key product announcements include:-

Visa Payment Passkey Service

Identifying a person in the digital world has become incredibly complex and has resulted in a significant increase in fraud. Today, online payment fraud is seven-times higher than in-person payments.

Built on the latest Fast Identity Online (FIDO) standards, the Visa Payment Passkey Service confirms a consumer’s identity and authorizes online payments with a quick scan of their biometrics like a face or fingerprint. When shopping online, Visa passkeys replace the need for passwords or one-time codes, enabling more streamlined, secure transactions.

“There is a global desire to find commonality, interoperability and simplicity for online payments. Our passkeys, designed specifically for payments, represent a massive paradigm shift in our industry because it confirms identity without interrupting the checkout experience,” said Forestell. “Visa Payment Passkey Service increases security while reducing friction when you pay online, across any device or website, globally.”

Click to Pay + Visa Payment Passkey Service

As its first deployment of passkeys, Visa is integrating Visa Payment Passkey Service into Click to Pay, powering a more seamless and secure checkout experience at scale. Additionally, in many markets around the world, Visa will partner with issuers to enable Click to Pay and Visa Payment Passkey Service on new Visa cards, reducing manual entry of card details and passwords from the moment the card arrives.

Pay by Bank

Non-card payments don’t deliver the same experience, security and protections as card-based payments. Electronic payments, like ACH transfers, have been left out of the digital revolution. With pay by bank, Visa is digitizing and streamlining the account-to-account (A2A) payments experience, giving people more choice over how they want to pay, whether that’s an A2A transfer, applying for a loan or paying with another funding source, like a credit card. Since its acquisition of Tink, Visa has expanded across Europe, giving millions of bank customers innovative financial management tools and removing friction from their payment experiences. Visa is bringing this new technology to the U.S. to help its clients deliver additional seamless, protected banking experiences.

Visa Protect for A2A Payments

Visa sees over 200 billion transactions every year and analyzes 500 data elements in every transaction to identify and stop fraud5 in real time. Working with Real-Time Payments (RTP) networks around the world, we are overlaying decades of Visa expertise in applying AI to help mitigate fraud for account-to-account payments on RTP networks. Live in Latin America and piloting in the UK, Visa Protect for A2A Payments is already identifying 60% of RTP fraud and scams previously undetected by financial institutions.

Data Tokens

For the last 10 years, Visa has added security to the payments ecosystem by tokenizing payments, removing sensitive cardholder account information from the payment flow. Today, 29% of all transactions processed by Visa are tokenized, with widescale adoption by merchants and issuers in nearly every market globally. As new data regulations create a guide for better consumer data privacy practices, and Gen AI transforms how we discover things online, Visa believes that payment data has a role to play in delivering these new and improved experiences – and that consumers should be empowered to have more control too. Using its tokenization infrastructure, Visa will offer a new way for people to control their data and receive better shopping experiences, powered by AI.

Visa data tokens let consumers, whose financial institution participates in the program, consent to sharing their data as they shop online, then see where it’s been shared and revoke access right from their banking app. With data tokens, Visa and participating banks can enable an experience where a merchant can request consent from the consumer to get more personalized offers as they shop. If the consumer agrees, behind-the-scenes, Visa issues a private data token to the merchant complete with AI-generated insights based on the consumer’s transaction data.

The data token can be used with the merchant’s AI models to deliver real-time recommendations for the shopper. Visa will also pass the data token to the consumer’s bank to capture where the data has been shared, so the consumer can easily review where it has been shared in their mobile banking app and revoke access if they choose.

The anti-fraud solutions you need await at the Fraud Prevention Summit

Are you free on the 6th November, 8am – 5pm? If so, you’ll have the opportunity to attend the Fraud Prevention Summit at the Hilton London Canary Wharf.

Meet with innovative solution providers who match your requirements and attend a series of insightful seminar sessions throughout the one-day event.

We have an invitation specifically for you, your pass is completely free, which includes: 

  • A seat at our educational seminar programme
  • A personalised itinerary of 1-2-1 meetings with industry leading suppliers, to discuss your business projects
  • Lunch and refreshments provided throughout the event
  • Informal networking opportunities with fellow industry professionals
  • Personalised attendance options to suit your schedule

We have had a high number of registrations in the past couple of weeks and don’t want you to miss out on a spot – secure your free pass.

Please feel free to contact us here with any questions!

If you specialise in Digital Identity Verification Solutions we want to hear from you!

Each month on Fraud Prevention Briefing we’re shining the spotlight on a different part of the market – and in June we’ll be focussing on Digital Identity Verification Solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help industry buyers find the best products and services available today.

So, if you specialise in Digital Identity Verification Solutions and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jennie Lane on 01992 374 098 | j.lane@forumevents.co.uk.

Jun – Digital Identity Verification
Jul – Fraud Detection Tools
Aug – Anti Fraud Platforms
Sep – AI for Fraud
Oct – Chargebacks
Nov – Biometrics for Fraud prevention
Dec – Mobile Fraud Prevention
Jan – Digital Identity Verification
Feb – Fraud Prevention Solutions
Mar – Risk Prevention & Compliance
Apr – Financial Crime
May – Multi-factor Authentication

Photo by Gilles Lambert on Unsplash

EU adopts new laws to combat money laundering

The European Parliament has adopted a package of laws strengthening the EU’s toolkit to fight money-laundering and terrorist financing, ensuring that people with a legitimate interest, including journalists, media professionals, civil society organisations, competent authorities, and supervisory bodies, will have immediate, unfiltered, direct and free access to beneficial ownership information held in national registries and interconnected at EU level.

In addition to current information, the registries will also include data going back at least five years. The laws also give Financial Intelligence Units (FIUs) more powers to analyse and detect money laundering and terrorist financing cases as well as to suspend suspicious transactions.

The new laws include enhanced due diligence measures and checks on customers’ identity, after which so-called obliged entities (e.g. banks, assets and crypto assets managers or real and virtual estate agents) have to report suspicious activities to FIUs and other competent authorities. From 2029, top-tier professional football clubs involved in high-value financial transactions with investors or sponsors, including advertisers and the transfer of players will also have to verify their customers’ identities, monitor transactions, and report any suspicious transaction to FIUs.

The legislation also contains enhanced vigilance provisions regarding ultra-rich individuals (total wealth worth at least EUR 50 000 000, excluding their main residence), an EU-wide limit of EUR 10 000 on cash payments, except between private individuals in a non-professional context, and measures to ensure compliance with targeted financial sanctions and avoid sanctions being circumvented.

To supervise the new rules on combatting money laundering, a new authority – the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) – will be established in Frankfurt. AMLA will be charged with directly supervising the riskiest financial entities, intervening in case of supervisory failures, acting as a central hub for supervisors and mediating disputes between them. AMLA will also supervise the implementation of targeted financial sanctions.

The Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT)package consists of the sixth Anti-Money Laundering (AML) directive (adopted with 513 votes in favour, 25 against, and 33 abstentions), the EU “single rulebook” regulation(adopted with 479 votes in favour, 61 against, and 32 abstentions), and the Anti-Money Laundering Authority (AMLA) regulation (adopted with 482 votes in favour, 47 against, and 38 abstentions).

The laws still need to be formally adopted by the Council, too, before publication in the EU’s Official Journal.

By adopting the law, Parliament is responding to the demands of citizens put forward in the conclusions of the Conference of the Future of Europe, notably proposal 16(1) and 16(2) on preventing tax evasion and cooperating on corporate taxation.

Photo by Guillaume Périgois on Unsplash

AI now the key tool for amateurs committing financial crime

Nearly 70% of the 600 fraud-management, anti-money laundering, and risk and compliance officials surveyed in BioCatch’s first-ever AI-focused fraud and financial crime report say criminals are more adept at using artificial intelligence to commit financial crime than banks are at using the technology to stop it. Equally concerning, around half of those same fraud-fighters report an increase in financial crime activity in the last year, and/or expect to see financial crime activity increase in 2024.

The report depicts a troubling and burgeoning trend in which criminals with minimal technical expertise or financial crime skillset are using this new technology to improve the quality, reach, and success of their digital-banking scams and financial crime schemes.

“Artificial intelligence can supercharge every scam on the planet,” BioCatch Director of Global FraudIntelligence Tom Peacock said, “flawlessly localizing the language, slang, and proper nouns used and personalizing for every individual victim the scam type, images, audio, and/or video involved. AI gives us scams without borders and will require financial institutions to adopt new strategies and technologies to protect their customers.”

A staggering 91% of respondents report their organization is now rethinking the use of voice-verification for big customers due to AI’s voice-cloning abilities. More than 70% of those surveyed say their company identified the use of synthetic identities while onboarding new clients last year.  The Federal Reserve believes traditional fraud models fail to flag as many as 95% of synthetic identities used to apply for new accounts. It regards synthetic identity fraud as the fastest-growing type of financial crime in the U.S., costing companies billions of dollars every year.

“We can no longer trust our eyes and ears to verify digital identities,” BioCatch CMO Jonathan Daley said. “The AI era requires new senses for authentication. Our customers have proven behavioural intent signals are those new senses, allowing financial institutions to sniff out deepfakes and voice-clones in real time to keep people’s hard-earned money safe.”

Other Key Survey Findings:

  • AI (Already) an Expensive Threat: More than half of the organizations represented in the survey say they lost between $5 and $25 million to AI-powered attacks in 2023.
  • Financial Institutions Also Using AI: Nearly 3/4 of those surveyed say their employer used AI to detect fraud and/or financial crime, while 87% say AI has increased the speed with which their organization responds to potential threats.
  • We Need to Talk: More than 40% of respondents say their company handled fraud and financial crime in separate departments that did not collaborate. Nearly 90% of those surveyed say financial institutions and government authorities need to share more information to combat fraud and financial crime.
  • AI to Help with Intelligence-Sharing: Nearly every respondent says they anticipate leveraging AI in the next 12 months to promote information-sharing about high-risk individuals across different banks.

“Today’s fraudsters are organized and savvy,” BioCatch CEO Gadi Mazor said. “They collaborate and share information instantly. Fraud fighters – including technology-solution providers like us, along with banks, regulators, and law enforcement – must do the same if we expect to reverse the growing fraud numbers across the globe. We believe our recent partnership with The Knoble will advance this discussion and remove the perceived barriers to better, more meaningful collaboration and fraud-prevention.”

MULTI-FACTOR AUTHENTICATION MONTH: Deploying multi-factor security across multiple sectors

For anti-fraud professionals, the fight against unauthorised access is a constant battle. While passwords have long been the first line of defence, cybercriminals are becoming increasingly adept at cracking them. This is where Multi-Factor Authentication (MFA) steps in as a powerful tool, adding an extra layer of security and significantly reducing the risk of fraud across both private and public sectors. Let’s explore how anti-fraud professionals can deploy and leverage MFA solutions to create a more secure environment

Private Sector Applications

  • Financial Services: Banks and other financial institutions can utilise MFA to protect customer accounts. This could involve a combination of passwords, one-time codes sent via SMS or authenticator apps, and fingerprint or facial recognition for high-value transactions.
  • Ecommerce and Online Retail: MFA can be implemented during online checkout processes, requiring customers to enter a code sent to their phone in addition to their password. This adds an extra layer of security and deters fraudulent purchases.
  • Remote Access and Cloud Security: MFA can be used to secure access to company servers and cloud-based applications. This is particularly important for businesses with remote workforces, ensuring only authorised personnel can access sensitive data.

Public Sector Applications

  • Government Agencies: MFA can protect access to government databases and e-services, safeguarding sensitive citizen information from unauthorised access. This is crucial for protecting national security and preventing data breaches.
  • Healthcare Providers: MFA can safeguard access to patient medical records. Doctors and authorised personnel would need to use a combination of factors, such as passwords and security tokens, to access patient data, ensuring confidentiality and compliance with data protection regulations.
  • Local Authorities: MFA can be implemented for council employees accessing online council tax systems or other sensitive databases, reducing the risk of fraudulent activity and protecting public funds.

Beyond the Basics: Advanced MFA Features

Modern MFA solutions offer a range of features to enhance security:

  • Adaptive Authentication: Risk-based authentication that adjusts the required factors based on the situation. For example, high-risk login attempts from a new device might require additional verification steps, while low-risk logins from a trusted device might only require a password.
  • Biometric Authentication: Fingerprint scanners, facial recognition, and iris scans can be used as additional authentication factors, offering a high level of security.
  • Geolocation Verification: MFA systems can verify a user’s location when logging in, potentially alerting them to suspicious login attempts originating from a different country.

The Future of Multi-Factor Authentication

The future of MFA holds exciting possibilities for enhanced security:

  • Integration with Artificial Intelligence (AI): AI can be used to analyse user behaviour and identify anomalous login attempts, triggering additional verification measures if necessary.
  • The Rise of Passwordless Authentication: Biometric authentication and secure token-based systems might eventually replace traditional passwords altogether, offering a more convenient and secure user experience.
  • Focus on User Education: Continuous user education on best practices for creating strong passwords and understanding MFA protocols will remain a crucial aspect of anti-fraud efforts.

Building a Robust Defence

MFA solutions are an essential tool for anti-fraud professionals in both private and public sectors. By deploying MFA and leveraging its advanced features, organisations can significantly reduce the risk of unauthorised access, data breaches, and financial losses. As technology evolves, so too will MFA solutions, offering ever-more sophisticated protection against evolving cyber threats. Remember, in today’s interconnected world, robust security is paramount. MFA is a critical line of defence in the fight against fraud, helping to create a more secure digital environment for everyone.

Are you searching for Multi-factor Authentication solutions for your organisation? The Fraud Prevention Summit can help!

Photo by Onur Binay on Unsplash

Visa delivers new Click-and-Mortar’ solutions

Visa has unveiled new solutions for merchants who serve the new fast-growing segment of ‘Click-and-Mortar’ shoppers, who rely on digital features to shop both online and in-store.

“The payments sector has made significant strides in simplifying the consumer shopping experience. In doing so, the payments ecosystem has become more complex and fragmented for sellers — but it doesn’t have to be this way,” said Rob Cameron, Global Head of Acceptance Solutions, Visa. “Visa Acceptance Solutions allows businesses worldwide to offer their customers best-in-class payment options without over-indexing on complexity for themselves.”

Visa’s latest enhancements support merchants of all sizes with new and improved commerce experiences including:

  • Improved access to and ease of integration with partners: Visa Acceptance Platform is debuting Developer Assist, an AI-powered tool to help partners develop sophisticated payment flows, answer questions on testing and certification and even suggest sample code. The platform, which is used by more than 450 payment service providers (PSPs), connects to over 100 independent software vendors (ISVs), bringing ease of use to over 450,000 active merchants each month across 160 countries using 50 different currencies.
  • A reimagined small and medium-sized (SMB) business platform: Authorize.net has reimagined its user interface (UI), bringing data and streamlined day-to-day business operations to the forefront. The new UI has benefits for both partners and merchants across new dashboards, workspaces and smart search functionalities.
  • Growing mobile acceptance, without additional hardware: Tap to Phone, which allows sellers to accept contactless payments using a certified smartphone, is now live in 121 countries with more than 6.7 million active terminals and more than $8.5 billion in payment volume on a 12-month basis3. Visa is also deploying contactless technology from Tap to Phone in new innovative ways, including the recent pilot in Latin America and the Caribbean that allows consumers to tap their cards to their own device in order to pay for online purchases.

“The past few years have had a profound and lasting impact on the commerce strategies for merchants of every shape and size. Consumers desire immediacy and increasingly expect digitally evolved experiences. To keep pace with this trend, merchants are now looking for partners to help them simplify their ability to maintain connectivity to the ecosystem,” said Jordan McKee, Research Director at S&P Global Market Intelligence 451 Research.