5 Tips To Stop Fraud In The Fintech Sector
Fraudsters love fintech as an industry: As much as 85 percent of financial institutions experienced fraud in the process of account opening. Scammers can steal credit card information and personal information by hacking into anti-fraud systems and using victim’s online wallets and bank accounts, or buying an account on the black market. Existing bank accounts can be purchased on the dark internet for as low as $100, which is less than buying someone’s passport information.
Another form of fraud is to manipulate users directly or so-called “social engineering.” This means that attackers can track when people are looking for work and then send them invitations to interview. These invitations will appear like they are from well-known companies, such as Apple or Microsoft. Victims are asked to submit data via phishing links, which grant access to their devices.
Criminals are already using more sophisticated technology, such as deep fakes. While they are not yet able to compromise user accounts, these technologies are easy enough for them to be used. However, this technology will soon become widespread enough to pose a serious threat to users and the fintech industry.
My personal goal and ambition as an entrepreneur is to make the world free from money laundering and digital fraud. Since the founding of Sumsub in 2015, we have been helping prevent fraud for over 400 companies in 220 countries and have earned a prestigious Global InfoSec Award as a “Hot Company in Fraud Prevention.”
We have compiled a list of ways fintech companies – such as our clients Cryptopay, The Token Fund, Zerion and TokenBox – can effectively prevent fraud cases based on the latest scam trends.
Liveness Detection Technologies
Excellent results have been achieved using liveness detection technology for identity verification. Instead of uploading a static selfie, the liveness detector asks users to form a circle with the heads to verify that they are present and real. Selfie techniques are also widely used, but they don’t provide companies with 100 percent protection because criminals use stolen selfies, wax figures, and other ways to get into user accounts.
Some clients dislike the idea of liveness and instead prefer to take selfies. However, we have found that the technology has improved our clients’ pass rates by up to 40%, which encourages many to return to it.
It is vital to understand your clients’ habits and track their behavior. These could include changes in address, duplicate card requests and password resets. They also can indicate typical spend velocity, time between payment locations, typical shopping times, and other factors. Uncharacteristic spending and strange phone calls are indicators that you should pay more attention to your client.
These data can be gathered by machine learning algorithms to identify if the patterns are likely fraudulent. Your system should be able immediately to report fraud to you via suspicious alerts. In some cases, it may even block further transactions. You will be less likely to overlook fraud if your client’s behavior is more transparent.
A system that is based on a person’s unique physical attributes makes it much more difficult for criminals to fool. Biometrics is an additional barrier that fraudsters can overcome, even though passwords can be stolen or lost. Although biometrics can be faked sometimes, it takes much longer to forge biometrics than hacking static login credentials.
A client’s fingerprint allows you to track if they log in from another device or location, and identify unusual behavior patterns. A user from England may order decorations from an online marketplace, and then later make a purchase in China. It is important to monitor the IP location of suspicious countries using AI.
Basic Web Safety
Clients need to be educated about security basics. Make sure your website has alerts that remind customers not to do the following:
- Exposed leaving cards
- Clicking on unfamiliar links
- Connect to public WiFi to open digital wallets
- Reputable companies will send job opportunities in exchange for registration and personal data submission.
Customers should not post sensitive information to Twitter, Instagram, or any other website. It could suffice to have a name, an e-mail address, and a Facebook profile to gain access to a bank account and drain it.
Choosing the Right Partner
Traditional tools on the market are know-your-customer requirements and biometrics verification. However, there are many scammers that produce high-quality fake documents. You can avoid this by looking for duplicate documents. Cross-check, for example, if registered customers share the same photograph with another user. If this is the case, the passport was hand-forged. It is therefore important to work with companies that have access to a broad range of documents and identities.
As we have seen an unprecedented amount of fraud in the fintech aftermath of the pandemic, it is more important than ever that cybersecurity investments are made. You can increase your security and protect your customers by combining different types of fraud protection, and protect fraud in the fintech as I have described above.