03:00 PM
Connect Directly

Evolving Fraud Schemes Keep Pressure on Evolving Payments Instruments

The battle against payments fraud is as old as money. But while some of the latest efforts borrow from scams past, most of today's fraud schemes are as sophisticated as banks' most advanced payments systems. And stopping them is still a challenge.

Keeping Fraud in Check

Still, fraudsters are loyal to the tried and true. Even as check volumes decrease in the U.S., check fraud remains the reigning fraud champion.

"Traditional check fraud is the easiest form of fraud," says First Manhattan Consulting's Sussman. "There's still check kiting, check washing and the availability of good laser printers. ... You just need the check routing number and account number to get started [counterfeiting]."

The passage of Check 21 and the introduction of check imaging and remote deposit capture (RDC) may even have created opportunities for innovative criminals. "A lot of fraud is tied to Check 21 because of the reduction in physical check characteristics that occurs once the check is imaged," notes Michael Urban, senior director of fraud solutions at FICO (Minneapolis). "We get a lot of efficiencies from check imaging, but the fraud prevention part becomes trickier."

Tom Wills, senior analyst, risk, security and fraud, with Pleasanton, Calif.-based Javelin, agrees that new kinds of fraud have been introduced along with check truncation. "You might have low-resolution scanners at the point of sale," he explains. "Some paper checks are secured with an infrared watermark and special ink. All that protection goes away because the check scanner might not pick it up."

To prevent counterfeit and forged maker checks, KeyBank uses image-based check detection solutions from Bear, Del.-based Softpro. "This has reduced our false positives and is having a good impact from a client perspective," relates the bank's Twining. "It's a risk-scoring tool. We can call the client even before a check posts to a consumer account."

But even automated clearing house (ACH) payments -- which historically were a means to enable recurring credits generated by the government or commercial interests and were considered secure -- may not be entirely safe now that ACH debit has become prevalent for Internet- and phone-based payments. "ACH is known for being secure," states Lars Skari, partner and practice manager for banking and capital markets with Infosys Consulting, a division of Infosys Technologies (Bangalore). "But there's potential for some sophisticated fraud activity here because you can now authorize ACH debits on the Web or phone."

According to Aaron McPherson, practice director, payments and security, for Framingham, Mass.-based Financial Insights, ACH fraud has not been a significant concern and ACH fraud numbers are holding steady. "But does that mean ACH is secure, or are we not catching it?" he asks.

McPherson says the vendors he has spoken to aren't reporting much demand among banks for ACH-monitoring solutions. "Bankers seem confident in the security of the ACH system," he reports. But, "With ACH you just transmit the item transit number and the account number. This information is on checks," McPherson notes, suggesting that this opens an opportunity for fraud.

Adds Robert Jones, a senior consultant with the fraud practice at Santa Fe, N.M.-based The Santa Fe Group, "At least with a card, you know there's a certain amount of monitoring and funds. With a checking account number, you don't know if the number really exists at all. It's a Wild West scenario."

2 of 4
Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.