Welcome to our August FraudTech Digest! We have simplified the latest payment and fraud news into small chunks for you to read and enjoy with ease!
In this month’s FraudTech Digest we will be discussing:
🏦 FFIEC issuing authentication and risk management guidance for financial institutions
⏰ JP Morgan Chase & Co launching a real-time payment option
📑 AML regulation for crypto currency exchanges
💳 Square having a BNPL enhancement from Afterpay acquisition
📱 40 million T-Mobile customers hit by a data breach
💰 UK fintech investments hitting £18bn worth of deals in the first half of 2021
👩⚖️ Shopify sued over collection of online shoppers’ personal data
August FraudTech Digest #1
The FFIEC has issued guidance for financial institutions on effective authentication and various access risk management principles for digital banks. The guidance highlights current cybersecurity threats, including increased remote access by customers and attacks focusing on compromised credentials.
This direction does not impose new regulatory requirements on banks. And it doesn’t serve as a comprehensive framework for access management programs.
The guidance includes information on the risks of push payment capabilities. It also provides examples of authentication controls and industry and governmental resources that assist financial institutions with authentication.
Furthermore, the weaknesses in single-factor authentication are also included and multi-factor authentication can effectively mitigate risks.
August FraudTech Digest #2
JP Morgan Chase & Co has launched a real-time payments option. They hope to increase their edge in the financial industry’s battle to handle the large volumes of global digital payments.
‘Request for pay’ lets corporate clients send payment requests to the bank’s 57 million retail clients. This service cuts the time and costs involved with paying companies.
With the rise in digital payments over the last year, JP Morgan is heavily investing in their digital payment options. And, they can now keep up with the sharp rise in eCommerce payments.
They have stated their job is to provide multiple different payment types so corporates and merchants can provide the right options to their customers.
August FraudTech Digest #3
The application of AML regulation will help make safer crypto exchanges. The FCA issued an advisory warning to the cryptocurrency industry and its consumers that most crypto exchanges were failing to comply with the UK’s AML regulations and are in danger of facing punishment.
The FCA showed these punitive actions with Binance in June, “banning” them in the UK. Binance has shown various inadequate parts of its business structure. However, it is in the process of trying to get FCA approval so this ban can be lifted.
Binance would need to implement AML rules, providing strategic tools to help police dangerous individuals. Cohen, from Digital Transactions, says it would be encouraging to apply these rules to crypto to make the environment safer for the financial industry and consumers.
August FraudTech Digest #4
Square will become an overnight force in BNPL due to its afterpay acquisition. Afterpay Ltd. will provide Square with a ready-made product for the buy now, pay later market. This product will be plugged into consumer and merchant applications, having an immediate effect on BNPL transactions.
The acquisition provides Square the ability to get a jump in the market, becoming more competitive without having to build an application from scratch.
The BNPL market has gained an influx of momentum in the past year, and it is projected to grow by 33% annually over the next three years.
Square states that it plans to integrate Afterpay into its cash app peer-to-peer payment app as well as its in-person checkout solution. This integration will allow the cash app opportunities to provide Afterpay consumers access to cash app’s suite of financial-services.
Cash app users will also be able to manage their BNPL installments and repayments directly within the app. Alongside this, the cash app will integrate commerce delivery from the Afterpay app to help drive lead generation for merchants and consumer engagement. Afterpay consumers will also be able to use the features of cash app, including peer-to-peer payments and stock trading.
August FraudTech Digest #5
40 million T-Mobile customers have been hit by a US data breach. The highly sophisticated cyber attack targeted individual’s personal information with criminals attempting to sell the customer’s data online.
The company’s investigation identified approximately 7.8 million T-Mobile postpaid customer’s information in the stolen files. It was estimated that 850,000 customer names, numbers and account PINs were also exposed.
Large firms like T-Mobile are increasingly likely to be a fraudster’s prime target, due to the mass of data available that they can sell for profit on the dark web.
August FraudTech Digest #6
Britain’s investment in the financial technology industry has reached an all time high, with nearly £18bn worth of deals in the first half of 2021. According to the Pulse of fintech report, the UK secured investments of $24.5bn, second to the USA’s $42.1bn. KPMG states the total for the UK was given a one-off lift from the $14.8bn purchase, made by the London Stock exchange of Refinitiv, a financial data provider and Bloomberg rival.
Venture capital firms, are focusing on buying start-ups, and are especially active with fintech focused investments in the UK, reaching 6.2bn. These investments are more than double the level that was reached in the second half of 2020.
The head of financial services at KPMG states UK fintechs attract significantly more funding than their counterparts in the rest of EMEA combined. He adds that the pandemic has instigated a race to providing digital financial services. Many major banks have used their investment pots to make these digital changes.
August FraudTech Digest #7
A customer has sued Shopify Inc with claims stating that the eCommerce platform does not inform customers that their information is being analysed. Shopify is unlawfully collecting and tracking consumers’ behaviour across millions of websites.
This suit claims that consumers using merchant websites have the expectation that they are communicating directly with the merchant and they are unaware that Shopify collects and stores their sensitive information.
The complaint also contends Shopify’s software code, which installs cookies that track consumers’ activity across its entire merchant network. The invasion of consumer privacy is among the several claims inside the complaint.
To conclude, if you haven’t seen last months digest, click here and get in touch if you have any questions!