By Roy Urrico
Finopotamus aims to highlight white papers, surveys and reports that provide a glimpse as to what is taking place and/or impacting credit unions and other organizations in the financial services industry.
Atlanta-based LexisNexis Risk Solutions just released the results of its first Global State of Fraud and Identity Report, which explores cybercriminal trends and its impact on the global true cost of fraud and transaction data from over 39 billion transactions from the LexisNexis Digital Identity Network.
Among the study’s findings is that pandemic-driven digital transaction growth continued to attract fraud attacks, with global businesses recording a 32% jump in the human-initiated attack rate over the previous 12 months, while high-velocity automated bot attacks were up 38% year over year; and e-commerce bot attacks rose 155% year over year (YoY), with digitally based businesses facing the largest attack increases.
The report brings analysis from a comprehensive survey with 2,952 risk and fraud executives in retail, ecommerce and financial services/lending across Asia-Pacific (APAC), Europe, the Middle East and Africa (EMEA), Latin America (LATAM) and North American (NAM) regions. This research was conducted at a regional level by KS&R, a global market research firm, between 2021 and 2022. The report is also based on analysis of transactions and attacks detected by the LexisNexis Digital Identity Network from January 2022 to June 2022. Data collection occurred during 2021 and 2022; many of the survey questions reference the past 12 months.
Digital Transactions Dominate
The report reveals how digital transactions dominated the global marketplace as consumers migrating to online interactions during the pandemic lockdowns, becoming commonplace behavior afterwards.
Digital transactions in the LexisNexis Digital Identity Network rose by 37% YoY for the period. In addition, shifts to mobile channels continued to increase, reaching 76% of all transactions in the Digital Identity Network.
According to the study, consumers today use an average of four connected devices to facilitate digital transactions. The addition of new ecommerce channels via marketplaces and within the wider banking ecosystem, along with a proliferation of payment options such as buy now, pay later (BNPL), digital wallets and QR codes, contributed to a growth in transactions across mobile channels.
As consumers adopt multiple digital channels and payment formats, they expect a positive experience and trusted security measures at every touchpoint, according to this LexisNexis Risk Solutions report. Additionally, identification and authentication solutions across the entire customer journey are becoming mandatory, as fraudsters build attack strategies at every stage. For example, 1 in 12 new account openings and 1 in 20 password resets represent an attack.
Better Connectivity Driving Fraudsters
LexisNexis Risk Solutions reported greater connectivity is leading bad actors to continually devise new methods and expand the complexity and scale of their attacks. Cybercriminals quickly launch complex attacks on the weakest link in the omnichannel network, targeting individuals who are newer to transacting online with less cybersecurity awareness, while targeting companies that, in their rush to provide consumers with digital transaction options, have not deployed adequate defenses.
The report suggested large-scale cybersecurity breaches and the recent digital evolution have created an ideal incubator for scams to cultivate and thrive with identity theft. Studies show that optimizing identity verification approaches leads to safer omnichannel ecosystems.
Key Findings:
· Bot attacks continue rising. Businesses globally experienced a 38% increase in malicious bot attacks in the 12 months prior to the study. E-commerce businesses in particular faced a bigger threat as the bot attack rate increased 155% YoY. Regionally, EMEA (Europe, the Middle East and Africa) recorded the highest growth in bot volume (98%), followed by LATAM (Latin America) at 83%.
· Human-initiated attacks also continue to grow. These attacks grew 32% YoY globally. NAM (North America) showed the highest YoY increase of 52%, followed by EMEA (19%).
· Fraud evolves with new payment methods. Increased adoption and strong demand for contactless payment methods in APAC are major contributors to the rise of QR code fraud. QR code payments and peer-to-peer transfers are becoming the leading payment channels in Southeast Asia and India. BNPL is gaining traction globally and in EMEA particularly, leading to an increase in new account opening fraud.
· Risks across the customer journey. Fraud networks are increasingly industrialized and pervasive in the omnichannel digital ecosystem leading to a dramatic rise in scams including social engineering, identity theft, password reset and account takeover fraud. The escalating risk of account takeover fraud is one of the biggest threats, as mobile app login attack rates increased 211% YoY.
· Identity verification remains the top hurdle. Customer identity verification remains a top challenge for global businesses across APAC, EMEA, LATAM and NAM. Global businesses cited limited real-time third-party data (46%) and limited real-time transaction tracking (43%) as the two biggest challenges in verifying customer identity in online channels.
· Industrialized fraud networks attack businesses across border. Fraudsters work within complex networks. Every piece of data used is linked to the next valuable piece of data on a mass global scale. Therefore, businesses and industries need greater collaboration globally to fight the fraud network but also to understand who the trusted consumers are. Gaining visibility of trusted consumers allows businesses to open new revenue channels and upsell to a loyal consumer base.
"The latest surge in scams shows how the fraud landscape will continue to morph. Organizations need to use flexible fraud prevention models coupled with an adaptive authentication approach," said Stephen Topliss, vice president, fraud and identity, LexisNexis Risk Solutions. "Using digital identity intelligence can improve the omnichannel consumer experience by providing a unified and persistent view of associated risks, helping to drive conversion rates, customer satisfaction and loyalty. A solution approach deep in layers, combining behavioral biometrics with global digital identity data and risk-appropriate authenticators, enables businesses to confidently make risk-based decisions while delivering a friction-appropriate customer journey."
Challenges And Opportunities For Financial Services
The report also included a section focused specifically on financial services. “Scams are an increasing trend targeting financial services globally and can cause financial losses, undermining institutional reputation and eroding customers’ trust,” the LexisNexis Risk Solutions fraud report noted. Social engineering scams, including authorized push payment, romance, investment and impersonation fraud are among the fastest growing financial crimes. These scams represent an emerging global challenge due to the difficulty in detection. Payment methods have also increased among consumers during this time.
To detect and fight scams, the report recommended financial services companies need to adopt a targeted strategy involving multiple tools. Traditional defense strategies alone cannot prevent fraud as the user identity is verified and authenticated at most times. A holistic fraud solution with multiple layers of defense — including stolen credentials and active call detection, behavioral biometrics, beneficiary insights, scams modeling — is the answer.
Specifically challenging to financial institutions, as the shift to mobile banking continues, fraudsters follow suit. The mobile share of transactions has grown by 9% YoY while the mobile app attack rate has grown at 323% on logins and 249% on payments YoY, as fraudsters continue to shift their focus to the mobile channel.
In addition, financial institutions, and particularly digital banks, are likely to view distribution of funds as being most at-risk for fraud. However, actual fraud losses are distributed rather evenly across all customer journey stages.
Meanwhile the cost of fraud has risen for merchants and financial institutions in all regions, with financial services and lending firms experiencing the highest costs. Each fraudulent transaction costs the most for financial services and lending firms in select APAC and LATAM markets, as a rash of scams have targeted financial institutions and consumer account information. For U.S. financial services and lending, LexisNexis Risk Solutions places the cost at $4 per item. Financial institutions tend to have higher fraud costs; given the heavy account-based nature of their business and need to repay/recoup fraud to customer accounts, they often employ more internal and external labor for investigation, detection and recovery.