The report accentuated that fraudulent activities primarily targeted credit transfers and card payments from late 2022 to early 2023. Within the EU/EEA, fraudulent credit transfers amounted to EUR 1.131 billion, while card fraud involving EU/EEA-issued cards totalled EUR 633 million.
Encouragingly, the implementation of Strong Customer Authentication (SCA) measures has resulted in a reduction in fraud rates, particularly in card payments. This inaugural report is based on data collected through PSD2 and the ECB regulation on payments statistics, and it provides insights into fraud trends, geographical patterns, and the effectiveness of security measures in different payment methods. With the increasing use of digital payments, these findings are valuable for regulators, financial organisations, and customers in the ongoing battle against payment fraud.
Although the absolute value of fraudulent transactions is substantial, the report indicates that fraud rates remain relatively low for total transactions during the first half of 2023:
Card payments had the highest fraud rate at 0.031% of the total transaction value.
E-money transactions followed closely with a fraud rate of 0.022%.
Credit transfers, despite having high absolute fraud values, had a low fraud rate of 0.001%.
Direct debits and cash withdrawals showed fraud rates of 0.002% and 0.008% respectively.
Regarding transaction volumes, card payments led to 7.31 million fraudulent transactions, accounting for 0.015% of total card payment volumes. The report also shows a significant difference between where transactions occur and where fraud takes place, with most fraud happening cross-border. This highlights the complexity of securing international transactions against fraud.The results of the analysis demonstrate that SCA requirements from PSD2 are reducing fraudulent payments, especially within the EEA.
Payment fraud patterns show remote transactions are common for credit transfers and e-money, with 98% of fraudulent credit transfers from remote channels. In contrast, card fraud mostly occurs in online transactions (82%), highlighting vulnerabilities in online card payments due to the lack of physical verification methods.
Fraud mechanics vary by payment method:• Over 92% of fraud value in cards, cash, and e-money is from direct fraudulent payment orders.
Credit transfer fraud involves social engineering (57%) and direct payment orders (43%).
Card fraud includes digital card detail theft (61%) and physical card loss/theft (39%). The payments industry faces the task of strengthening defences against online attacks and physical card risks.
The report highlights the effectiveness of SCA in combating fraud under PSD2. In the first half of 2023, most electronic payments were authenticated with SCA, reducing fraud rates. SCA-authenticated card payments had lower fraud rates compared to non-SCA transactions. However, transactions outside the EEA without SCA showed higher fraud rates, accentuating the need for global payment security standards.
The report discusses exemptions under SCA regulations, highlighting varying fraud vulnerabilities. Exemptions for credit transfers to trusted beneficiaries or low-value transactions showed higher fraud rates than those for recurring transactions. This data informs security protocol adjustments to upgrade protection where needed.
SCA's success in the EEA shows regulatory impact, while higher fraud rates in non-EEA transactions stress the need for global cooperation. Varied fraud loss distribution indicates an opportunity for unified consumer protection measures in the EEA. Social engineering in credit transfer fraud highlights the necessity for improved consumer education to combat manipulation tactics.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now