Real-time payments have revolutionised the payments industry globally—but with their rise, so has the risk of fraud.
Kicking off The Paypers’ Real-Time Payments Fraud Series, Anis Ahmed, founder and host of The Fraud Fellas, a forum dedicated to exploring fraud and its societal impact, sheds light on this critical topic.
Real-Time Payments (RTP) are digital payments that are processed 24/7, 365 days a year, enabling instant fund transfers between banks, individuals, and businesses. This ensures that recipients can access their money instantly, eliminating the traditional delays associated with payment-clearing processes.
RTPs are used in various contexts, including A2A (account-to-account), P2P (person-to-person), B2B (business-to-business), and C2B (consumer-to-business) payments, among others.
Source: ACI Worldwide & Global Data
According to ACI Worldwide and Global Data, RTP transactions are projected to reach 575 billion by 2028, with a CAGR of 16.7% from 2023. The total transaction value is expected to exceed USD 58 trillion by 2028, a growth of over 160%. Currently, UPI in India and Pix in Brazil process approximately 535 million and 237 million RTP transactions daily, respectively, totalling USD 32 billion in value.
Faster transactions: RTP processing improves cash flow for businesses. Enables consumers to complete transactions quickly, reducing settlement times.
Enhanced customer experience: RTPs operate 24/7 offering immediate confirmation and reduced waiting times, leading to higher customer satisfaction.
Interoperability: RTPs enable smooth transactions between various financial institutions, apps, and Open Banking platforms. This interoperability enhances user experience and fosters innovation in the financial sector.
Enhanced financial inclusion: RTPs can promote financial inclusion by providing fast and affordable payments. RTPs can help underserved communities by providing immediate access to cash flows.
Security risks: The speed of transactions leaves little time for fraud detection and mitigation, which can lead to higher risks for both consumers and businesses.
High infrastructure costs: Implementing and maintaining RTP systems requires significant investment in technology, security, and compliance infrastructure, particularly for smaller institutions.
Potential for errors: RTPs offer limited time to detect and correct errors, which could lead to incorrect payments or challenges in reversing fraudulent transactions.
Regulatory challenges: New regulations may be necessary to establish guidelines for RTPs, ensuring consumer protection, data privacy, and financial stability. Implementing effective oversight mechanisms will be crucial to monitor RTPs and address potential risks.
While RTPs bring substantial benefits, they also present unique challenges, particularly in fraud prevention. The primary risk factor for RTPs is ‘Security’, including fraud, scams, and data breaches.
Source: Global Anti-Scam Alliance & Feedzai
Regulatory landscape - balancing consumer protection and operational efficiency: Countries like the UK, Singapore, and Australia are implementing stricter laws to protect consumers from fraud in RTP payments. While these regulations increase consumer protection, they also pose operational challenges for financial institutions, including increased costs for fraud prevention and dispute resolution, a rise in ‘friendly fraud’, and complex compliance requirements. As regulations evolve, financial institutions must adapt systems to balance compliance with delivering a secure RTP payment experience.
Frauds or unauthorised payments: These occur when a victim's identity and financial credentials are stolen by deception to make unauthorised transactions.
Scams or authorised payments: These occur when a victim is tricked into voluntarily transferring money to a fraudulent account.
This includes techniques like impersonation scams, quishing, pig-butchering, advanced fee, Business Email Compromise, romance fraud, purchase scam.
In the modern payments landscape, the fight against fraud is increasingly centred on protecting digital identities, as fraudsters often exploit compromised identities to execute their schemes. Many institutions rely on single-solution strategies—like AI, biometrics, blockchain, or behavioural intelligence— believing that these alone are enough to prevent fraud, as it remains pervasive due to its complex, evolving nature.
Digital identity serves as a cornerstone for fraud prevention. A reliable digital identity framework is essential for building trust between individuals, businesses, and government agencies. By establishing a robust digital identity framework, economies can foster a more secure and resilient ecosystem against fraud. Digital identities can:
Verify identities: Confirm that individuals and businesses are who they claim to be.
Detect anomalies: Identify suspicious behaviour and potential fraud attempts.
Enhance security: Reinforce the security of RTP payment systems.
National identity infrastructure: A robust national digital identity framework, especially when implemented as Digital Public Infrastructure (DPI), is crucial for combating fraud. Providing a secure and verifiable way to confirm a person's identity online, significantly reduces the risk of identity theft and fraud. In many countries, institutions including, banks, fintechs, and telcos, rely on such frameworks for identity verification. While, some developed nations, such as the UK, USA, Canada, and Australia, lack a universal, mandatory national identity card, the increasing digitalisation necessitates a strong digital identity infrastructure to safeguard individuals and businesses.
Take the big leap - go passwordless: Passwords have outlived their purpose and are vulnerable to breaches and phishing attacks. It's time to embrace passwordless authentication as a more secure alternative. Passwordless authentication technologies complement national identity infrastructures, offering phishing-resistant options that eliminate the risks associated with traditional knowledge-based authentication.
Adopt a multi-layered approach (MLA): Given the complex nature of identity, a comprehensive approach is required, involving multiple layers of security measures to address diverse fraud risks.
Scams pose a distinct challenge as victims willingly transfer funds to fraudulent accounts. While traditional fraud prevention methods can mitigate unauthorised transactions, they may be less effective against scams. Common approaches include:
Customer education & awareness – Raising awareness about common scams and fraud tactics can empower individuals to protect themselves. However, the rapidly evolving nature of scams requires continuous education and adaptation.
Verification of Payee (VoP) – VoP adds an extra layer of protection by verifying the recipient's identity, reducing the risk of funds being sent to fraudulent accounts. While effective against basic scams, more sophisticated fraudsters may find ways to circumvent this method.
Behavioural biometrics - Behavioural biometrics is a common technology for scam detection. However, human behaviour is inherently inconsistent, influenced by factors like stress, illness, and environment. This variability can hinder accurate pattern matching and anomaly detection. Additionally, challenges like data quality, evasion techniques, privacy concerns, and implementation costs can limit its effectiveness.
To effectively combat scams, industry-wide data-sharing consortia are gaining traction. By pooling data, institutions and data-sharing partners can gain insights into emerging scam trends and refine prevention strategies. International collaboration of data sharing consortia is essential to combat cross-border fraud and scams.
Initiatives led by the UK and G7 nations are establishing data-sharing platforms to enhance scam prevention. A government-led consortium facilitating cross-sector data sharing could further strengthen these efforts.
In a rapidly evolving digital landscape, RTP has revolutionised the payment ecosystem, offering unmatched convenience. However, the increased speed and accessibility bring significant fraud risks. Balancing innovation and consumer protection requires a collaborative, multi-layered approach, including robust security frameworks, regulatory alignment, and leveraging industry-wide intelligence networks and digital identity systems.
Stay tuned for our next instalment, coming on the 9th of December, where we’ll dive into the structure of incentives, controls, and fraud for real-time payments.
About Anis Ahmed
Anis Ahmed is a renowned anti-fraud expert and the Founder of a digital identity and anti-fraud startup. With over 25 years of experience in anti-fraud, financial crimes, and corporate investigations, he's actively involved in the global fight against financial crime.
He's also the founder and host of ‘The Fraud Fellas’, a forum dedicated to discussing fraud and its societal impact, and leads the MENA Chapter of ACFCS.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now