authorised push payment (APP), Authorised push payment fraud, Authorised Push Payment Scams Voluntary Code, Cyber Security, Daily news, Fraud, Fraud & Security, Risk & Compliance, UK Banking, unauthorised fraud -

UK Banking industry stops £4.5 million of fraud a day in H1 2019

The finance industry prevented £820 million of unauthorised fraud in H1 2019, up 14% on the previous year, according to the latest figures from UK Finance. This is equivalent to £2 in every £3 of attempted unauthorised fraud being stopped, or £4.5 million of fraud being prevented a day.

Over the same period, £408 million was stolen by criminals through unauthorised card, remote banking and cheque fraud. In addition, £208 million was lost to authorised push payment (APP) fraud, where customers are tricked into authorising a payment to an account controlled by a criminal.

The compromise of personal and financial data remains a significant driver behind fraud losses. Customer details are being stolen through data breaches at third parties outside the financial sector, while sophisticated “digital skimming” attacks are being used to steal card data when consumers are shopping online. Criminals also continue to use social engineering techniques to trick customers into divulging their personal information or transferring money.

“Not only does fraud have a devastating impact on victims, the money stolen goes on to line the pockets of organised criminal gangs involved in drugs, arms and human trafficking,” comments Katy Worobec, Managing Director of Economic Crime at UK Finance.

“The finance industry is constantly investing in advanced security systems to protect customers from this threat, while helping law enforcement to apprehend and disrupt the criminals responsible. A new voluntary code was introduced in May that has significantly improved consumer protections from authorised push payment fraud, with signatory firms committed to reimbursing victims providing they have met certain standards.

“However, criminals are continuing to exploit vulnerabilities outside the financial sector to obtain customers’ data that is then used to commit fraud. We all have a responsibility to work together, including online retailers and social media companies, to beat the fraudsters and keep customers’ data secure.”

The data published by UK Finance covers both unauthorised and authorised fraud.

Unauthorised fraudulent transactions UK

Unauthorised fraud

In an unauthorised fraudulent transaction, the account holder themselves does not provide authorisation for the payment to proceed and the transaction is carried out by a third-party. Customers are legally protected against losses caused by unauthorised fraud. Industry research indicates that customers are fully refunded in over 98% of unauthorised fraud cases.

Total losses due to unauthorised fraud across payment cards, remote banking and cheques in the first half of 2019 were £408 million. This is an increase of 2% compared to the first half of 2018, but a fall of £36 million compared to the second half of 2018. Included within the overall total:

  • Losses due to unauthorised transactions on payment cards increased 2% to £313 million. The industry prevented £488 million in attempted unauthorised card fraud, 3% less than in the H1 2018. Three-quarters of card fraud losses (£237 million) were due to remote purchase fraud, where stolen card details are used to buy something online, over the phone or via mail order.
  • Losses due to unauthorised remote banking fraud totalled £66 million, 28% lower than in the H1 2018. This category covers unauthorised fraud through internet banking, telephone banking and mobile banking. Banks prevented £130 million of attempted unauthorised remote banking fraud.
  • Cheque fraud losses rose to £29 million, an increase of almost eightfold compared to H1 2018. Intelligence suggests this increase was largely driven by a number of high-value transactions targeting business accounts, with personal customers only accounting for a small fraction of total losses. Over £202 million of attempted unauthorised cheque fraud was prevented, an increase of 172% compared to H1 2018.
  • There were a total of 1,385,447 cases of unauthorised financial fraud.

Authorised push payment fraud

Authorised push payment (APP) fraud occurs when a customer is duped into authorising a payment to another account which is controlled by a criminal.

The APP fraud data for the first half of 2019 shows:

  • A total of £208 million was lost to APP fraud, split between personal (£147 million) and business (£61 million) accounts.
  • In total there were 57,549 APP fraud cases, split between personal (53,475 cases) and non-personal (4,074 cases) accounts.
  • Financial providers were able to return a total of £39.3 million of the losses to victims, split between personal (£25.6 million) and business (£13.6 million) accounts.

Investment scams accounted for the largest proportion of losses amongst personal customers, with £41 million lost to this type of fraud, or over £12,200 per case. Purchase scams remained the most prevalent form of APP fraud, accounting for almost two in three (65%) of all cases targeting personal customers.

When a customer authorises a payment to be made to another account, even if they are tricked into doing so, current legislation means that they have no legal protection to cover them for the losses – unlike an unauthorised transaction. However, an industry voluntary code that came into effect on 28 May 2019 has introduced new consumer protections against authorised push payment fraud. Firms who have signed up to the code have committed to reimbursing the victims of this type of fraud, provided the customer has met the standards expected of them under the code.

UK Finance only began collating data on APP fraud from 2017 onwards. Losses due to APP fraud in H1 2018 totalled £148 million across 34,129 cases. The data published here is not directly comparable to these figures as two additional banks began reporting the data to UK Finance from early 2019. In addition, intelligence suggests that increased public awareness in the build-up to the introduction of the Authorised Push Payment Scams Voluntary Code has resulted in an increase in reporting by customers who fall victim to this type of fraud. Data on reimbursements made under the code is due to be published in 2020.

The post UK Banking industry stops £4.5 million of fraud a day in H1 2019 appeared first on Payments Cards & Mobile.