In the 2023 card fraud report published by The European Central Bank (ECB), card-not-present fraud declined by 12% from 2020 following the market-wide implementation of strong customer authentication under the revised EU Payment Services Directive (PSD2).
Despite the improvement brought by the introduction of PSD2 and Strong Customer Authentication, financial fraud still has significant costs, not just in terms of monetary losses but also in terms of damage to reputation and trust.
This article aims to highlight the new types of fraud and how financial institutions, thanks to Artificial Intelligence, could tackle this main challenge.
Historically, banks were mostly facing ‘unauthorised payment transactions’ fraud which means payments made as a result of the loss or theft of payer credentials. The most common were SIM swapping, phishing, and malware.
Nevertheless, in the last few years, we have seen more and more ‘authorised payment transactions’ fraud. With app scams (authorised push payment), criminals often try to persuade users to take action in a hurry. They made the users panic before they had time to think it through properly. We can see different app scams (such as invoice & mandate scams, CEO fraud, purchase scams, etc.) but what interests us the most is the impersonation fraud, where a fraudster has misrepresented himself as a legitimate bank employee to urge the payer to issue a bank transfer.
Those new types of fraud were not considered in the PSD2 regulation and represent a high risk for the bank and its users. PSD3 will go beyond PSD2, tackling new types of fraud like ‘spoofing’ (impersonation fraud), which blur the distinction between unauthorised and authorised transactions. As a result, the Commission is proposing additional anti-fraud measures and article 59 of PSR requires the issuer to refund the payer the full amount of the transaction, in case of bank employee impersonation fraud, as long as it has been reported to the police and the bank.
The duality of Artificial Intelligence is an important element in highlighting the importance of fraud today.
Generative AI scams involve the use of advanced algorithms to create synthetic content that appears authentic: create fake identities, generate fraudulent content such as fake emails for phishing without any mistakes, or create realistic images and mimic human voice. These scams leverage AI’s ability to imitate and deceive. In relation to this, the European Union proposed the ‘AI Act’ legislation to ensure that AI is developed and used in a way that benefits society while minimising potential risks and ensuring accountability.
However, and fortunately, it is important to note that generative AI technology can also be used for detecting and preventing fraud. For example, it can be trained on a large dataset of fraudulent information to be able to recognise these types of patterns in real-life situations.
Financial fraud is a complex and constantly evolving problem, making it difficult for humans alone to identify all the signs of fraudulent activity. This is where artificial intelligence comes in as a highly effective tool in detecting fraudulent activities.
Taking a look into GBG’s latest fraud report, which includes insights from financial institutions (FIs) across key European markets, you can see it paints a clear picture with more than 50% of respondents who plan to roll out AI solutions to detect unknown fraud cases and almost a third of respondents plan to invest in newer AI fraud detection solutions like machine learning and predict analytics.
Worldline provides Digital Security Suite, a security module to protect all devices from fraudsters.
This solution uses AI tools in the following different aspects:
To protect against bank fraud scams by detecting suspicious patterns and anomalies. Machine learning algorithms can be trained on large datasets of past fraud incidents, allowing them to identify patterns that are indicative of fraudulent activity but also to work on-device intelligence to be able to identify unusual devices.
To monitor customer behaviour and detect changes in their pattern of activity that could indicate fraudulent behaviour. For example, if a customer suddenly begins making high-value transactions from a new location, AI can flag these transactions for further investigation.
To verify customer identity through biometric authentication, reducing the risk of identity theft and account takeover fraud. It can also be used to analyse text, audio, and video data for signs of social engineering or phishing attacks.
To generate different scores, based on all information collected (device, contextual, transactional, and behavioural intelligence), that will help to manage adaptive authentication.
In conclusion, the duality of AI is a crucial factor to consider in the fight against fraud. On one hand, generative AI technology can be exploited by criminals to create convincing fake content, deepfakes, and phishing materials that pose significant risks to authentication and security. However, on the other hand, AI can be harnessed to detect and prevent fraud effectively. It can be trained on extensive datasets of fraudulent information to recognise patterns and anomalies, making it a powerful tool for identifying fraudulent activities.
Worldline's Digital Security Suite exemplifies how AI can be employed to protect against bank fraud scams comprehensively. By utilising AI tools, this suite detects anomalies, monitors customer behaviour, verifies identities, and generates scores based on multiple data sources. In this ever-evolving landscape of financial fraud, AI technology is not only a powerful ally in combating threats but also a cornerstone of security and fraud prevention.
About Claire Deprez Pipon
Claire is responsible for the product management of Strong Customer Authentication & Security solutions such as Access Control Servers, Trusted Authentication, and Digital Intrusion Protection. With 10 years of experience in international business developments and bids, she has developed strong skills in understanding customers and market requirements, with a special focus on security, payments, and identity.
About Worldline
Worldline is the European leader in the payment and transactional services industry. With innovation at the core of its DNA and thanks to a presence in 30+ countries, Worldline is the payment partner of choice for merchants, banks, public transport operators, government, agencies, and industrial companies, delivering cutting-edge digital services.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now