Tackling mobile fraud – is that really your customer?




With the decorations packed away and new year’s resolutions already in jeopardy, now’s the time for companies to be looking at 2017 and beyond and identifying what trends they’ll need to be ready for in the year ahead.

One area that every business needs to be focusing on is mobile. 2016 was a year when this channel really hit the mainstream, and with people now much more comfortable using these devices to make payments and get in touch with companies, it’s going to be the first – and for some, only – way they want to interact.

It’s estimated that in 2017, some $1.5 trillion will be spent around the world via m-commerce. But it’s not just shopping where these devices will take over. In financial services, for example, many more people will be conducting everyday activities via these devices.

However, inevitably, with new opportunities come new risks, and the greater interest in mobile will also attract the attention of fraudsters. Therefore, ensuring the security of these channels needs to be a priority for every business regardless of sector.

New technologies, new threats

Recent figures from Threatmetrix highlight just how big the mobile channel is – and how fraudsters are seeking to take advantage. It noted that across all sectors, 43 per cent of online transactions now come from mobile gadgets, a 50 per cent increase from 2015. What’s more, in financial services, transaction volumes increased 260 per cent compared with the previous year.

This presents new opportunities for fraudsters. For instance, one trend that was spotted for the first time in 2016 was the use of bots to attack mobile apps. These can be used to uncover valid login credentials via brute force, by testing multiple username and password combinations until they get a successful hit. Bots can also masquerade as human traffic using credentials gained from elsewhere.

All this means spotting the fraudsters among legitimate traffic needs to be a top priority for 2017 and beyond. Threatmetrix noted that at times, an attack using an automated botnet could make up 90 per cent of an organisation’s digital traffic – so the focus changes from weeding out the criminals to spotting the genuine customers among the noise.

The balancing act for businesses

Given these risks, it’s understandable that financial service firms will want to take a cautious approach to mobile transactions in order to reduce the risk of fraud.

If you’ve ever had a legitimate transaction declined because of ‘suspicious activity’, you’ll recognise just how inconvenient this can be. While a bank may argue these false positives are sometimes unfortunate but necessary in order to ensure protection, it doesn’t feel that way if you’re the one having to try and prove you are who you say you are.

This means it’s a tricky balancing act for financial services companies – be over-cautious and you’ll annoy and alienate your customers, but go too far the other way and it will be open season for fraudsters, which is even worse.

That’s why it’s so important to verify each interaction and spot immediately when genuine customers are looking to make a transaction. Fortunately, today’s advanced analytics solutions can help businesses make these efforts more accurate than ever before, using techniques ranging from location-based services to tools that can detect if a SIM has been swapped.

The results of this might be invisible to customers, but they work to create a frictionless experience that’s both convenient and secure – something everybody wants in 2017.


Find out how Aspect Verify can help you understand who your genuine customers are.