Battling Mobile Wallet Fraud – More Data, Fewer Silos

Fraud Prevention

November 2nd, 2015

Actimize Fraud Product Team, Fraud Detection & Prevention

​The often-used saying, “too much information” simply does not apply when it comes to battling mobile wallet fraud. ​

Recently, fraud executives from a number of leading financial institutions gathered in London at our workshop, “Take the Bite out of Mobile Wallet Fraud”. The goal was to share lessons learned from the massive Apple Pay fraud losses experienced here in the U.S., as well as to strategize fraud plans for emerging wallets, such as Samsung Pay, Android Pay, and applications that will be enabled by the European Commission’s Payments Services Directive 2 (PSD2).

While there were a range of mobile wallet fraud concerns expressed by the group, there were two primary trends cited by nearly all of our attendees: 
  1. Mobile wallet threats will grow significantly in the next 2-3 years.
  2. Mobile Wallet fraud solutions will only flourish when provided with access to as much information and data as possible. 

Keying off these examples, here are six mobile wallet fraud takeaways from our conversation: 
  • The more data to analyse, the better: In fraud detection, there can never be too many data points to analyse and score. That couldn’t be more true when it applies to mobile wallet fraud detection, where it’s important to analyse data related to enrolment and account provisioning, tokenisation, device ID, location, customer banking history and payment patterns.  
  • No more siloes: Access to data is the first step, but connecting the dots between this data is even more crucial in mobile wallet fraud detection. As an example, financial institutions should be able to compare data for the device linked to an Apple Pay account to data for the device generally used for the same account in the FI’s mobile banking app. They should also be able to compare Apple Pay transactions with traditional card transactions and with other retail payments.
  • Plastic & Non-Plastic Unite: As we connect the dots, the wall between ‘plastic’ and ‘non-plastic’ fraud will fall. It will become crucial to implement a “hub” that allows you to score DDA payment transactions with the context of plastic payments. The days of separating these fraud operations are numbered.
  • Account takeover and card-not-present fraud detection solutions are key: Account takeover threats loom large for FIs – and that remains the case for Apple Pay and other card-based mobile wallets. Running analytics that indicate account takeover or CNP is crucial. Once a fraudster takes over an account and enrols that account on a device, they can easily begin spending in the ultimate card-not-present (CNP) scam. 
  • Fraud threats will differ in card-based wallets and PSD2-enabled payment apps: It’s easy to lump together wallet fraud threats. However, fraud in card-based wallets like Apple Pay and Samsung Pay will differ from threats linked to wallet apps provided by Third Party Payments (TPP) providers. Under the European Commission Payments Services Directive 2 (PSD2), FIs will be required to open APIs and allow TPPs to provide payment apps that link directly to DDA accounts. This is an important time to investigate potential fraud threats linked to those applications, as well as where the liability will lie. In considering fraud detection solutions, FIs will need the ability to separately score activity initiated in these apps. 
  • Device threats loom large: Regardless of the wallet type, it’s more important than ever to have a fraud strategy that includes device analytics. It’s difficult to tell how much of this device information will be available in the varying types of mobile wallets. Nevertheless, many FIs are concerned about threats, such as SIM swapping and mobile device phishing.

There is one other important aspect to success in fighting mobile fraud — collaborative sharing among financial institutions should be a “must”. In tackling threats, it is essential that FIs begin to share information much more efficiently. However, some of the providers are preventing that critical “next step.”

Until now, Apple has successfully kept participating banks from comparing notes under strict non-disclosure  agreements – and it’s likely that Samsung Pay will place FIs in the same position. In the U.S., it was precisely this void of communication and collaboration that lead to massive fraud losses at many financial institutions.

I’d like to see some of these barriers eased. We all have the same common enemy — the fraudster, and we should be working more closely together on behalf of customers to stem fraud in the mobile space. 

Visit our mobile wallet fraud resource site to learn more. 

A global challenge: Fast Payments equals Faster Fraud

Fraud Prevention
March 26th, 2024
Freddy Arthur, EMEA Fraud Strategy Leader

SEPA Instant Payments – How will mandating real-time payments and the new Payment Service Regulation change the fraud landscape for European FIs?

Fraud Prevention
March 1st, 2024
Freddy Arthur, EMEA Fraud Strategy Leader

Outpace First-Party Fraud and Mule Activity

Fraud Prevention
February 28th, 2024
Rob Rendell, Global Head of Fraud Market Strategy & Fraud Prevention - Subject Matter Expert

Fraud Predictions 2024

Fraud Prevention
December 12th, 2023
Jake Emry, Fraud Prevention Subject Matter Expert & Rob Rendell, Global Head of Fraud Market Strategy & Fraud Prevention - Subject Matter Expert

Lessons Learned from How a Scam Closed Down a Bank – A Discussion with Peter Tapling of PTap Advisory, LLC & NICE Actimize

Fraud Prevention
November 3rd, 2023
Jake Emry, Fraud Prevention Subject Matter Expert & Peter Tapling, Serial Entrepreneur, Advisor, and Investor, PTap Advisory, LLC & NICE Actimize
Speak to an Expert
Speak to an Expers

Thank you for your interest

A NICE representative will be in touch with you shortly

Get in Touch