November 10, 2023

How does Fintecture actively combat money transfer fraud?

Bank transfers are reputed to be one of the most secure methods of payment. However, there is no such thing as zero risk in payment. While credit transfer solutions are "technically" secure, fraudsters are now practicing what is known as "social" fraud, by manipulating their victims.

What frauds are you exposed to?
What are the consequences for customers and merchants?
What effective measures has Fintecture put in place to protect you against these new practices?

All the answers in this article dedicated to the fight against fraud.

Contents

Add a header to begin generating the table of contents

Bank transfers and fraud

It's a fact. Bank transfers are one of the most secure means of payment. It requires strong authentication (unique code to be entered, fingerprint or facial print) at the time of payment validation.

What's more, transfers are subject to the powerful anti-fraud filters set up by banking institutions.

Another important point: SEPA transfers are irrevocable. Once the funds have been transferred, the transfer cannot be cancelled. This rule applies to both traditional transfers and transfers carried out via payment initiation, such as the Immediate Transfer from Fintecture.

But is it enough to protect consumers and merchants from the risk of fraud?

Transfer fraud on the rise

Bank transfer payments are no exception to fraud. In fact, transfer fraud is on the rise, particularly affecting individuals and small businesses, who are more exposed to identity theft.

Fraudsters use two main techniques to bypass strong authentication devices.

Bank advisor fraud (social engineering)

In this method, the fraudster poses as the victim's bank advisor. He contacts the victim claiming, for example, to have spotted suspicious transactions on his account.

He then asks them to validate the cancellation of these transactions by validating a strong authentication for a fraudulent payment. This type of fraud accounts for 53% of the amounts defrauded by credit transfers.

Sim swap fraud

In this approach, the fraudster accesses the victim's e-mail inbox. He resets access to his telephone operator's account, then orders a new SIM card and has it delivered. With this new SIM card, the fraudster can directly validate fraudulent payments using SMS authentication.

With these two methods, the fraud is not linked to the moment of payment itself (these are technical flaws), but to the strong authentication required to validate the transaction.

With the deployment of instantaneous credit transfers, the bank must validate the payment in near real time. With a conventional SCT transfer, the delay between sending the transfer order and actually executing it enables the bank to "manually" investigate a suspicious payment. In the case of an instantaneous transfer, the bank can no longer carry out asynchronous checks, and therefore cannot cancel the transfer.

These changes have 2 consequences depending on the policies of each bank:

the risk of letting fraudulent transfers through (some of which would have been identified as "classic" transfers);
on the other hand, the introduction of more restrictive anti-fraud filters, blocking transactions that are in fact harmless ("false positives"), thereby reducing merchants' conversion rates.

What are the consequences for merchants and businesses?

In the event of fraud, the victim's bank contacts the merchant's bank to request cancellation of the order and reimbursement of the payment. This is known as a "recall", to return the funds to the payer.

Since the transfer is irrevocable, the merchant is protected and has no obligation to accept these recall requests.

However, refusing a recall can have undesirable consequences, including:

A high risk of dissatisfaction on the part of the defrauded customer: risk of negative online reviews, very low probability of re-purchase
A risk for the merchant's reputation, especially in the BtoB sector, where customers interact with merchants and share their experiences.

In addition, the growing number of recall requests creates an additional workload for merchants. Each request requires a precise study and mobilizes several departments (Customer Service, Treasury, etc.). In the event of repeated attacks, this situation can quickly become unmanageable.

The fight against fraud, a priority for Fintecture

To complement the systems already put in place by banks, Fintecture has developed two complementary tools to detect and block fraudulent transactions.

The Transaction Monitoring System to analyze all Fintecture payments

The Transaction Monitoring System provides continuous, real-time monitoring of all transactions processed by Fintecture. As a payment institution, Fintecture is obliged to implement such a system, but has gone far beyond the regulatory requirements.

The TMS integrates complex business rules and is complemented by a dedicated team, internal processes for rapid intervention with merchants and meditation with banks.

This system examines data relating to identity theft, payer behavior and fingerprinting. More than 60 business rules, adapted to each sector of activity, are analyzed in real time to identify suspicious transactions.

The pooling of data and the power of our network are a real added value, considerably boosting the algorithm's performance. A fraudster identified at a network merchant is automatically identified at all Fintecture merchants. The more payments the TMS scores, the more it improves.

In the event of an alert, our customer service team proactively informs the merchant and assists him/her in making the right decisions.

Premium Fraud Shield: the only device on the market to block fraudulent transactions

To go even further in the fight against fraud, Fintecture has created a unique tool on the market that proactively blocks fraudulent transactions: the "Premium Fraud Shield".

When fraud is detected, Fintecture is able to proactively block the payment by automatically returning the transfer to the issuer's account. The payment and order are therefore not validated. As a result, the merchant does not receive the funds and is no longer faced with recall requests.

A genuine second line of defense, this system is specifically designed for key accounts and merchants particularly affected by fraud. Our teams work with each of them to define customized rules that strike the right balance between risk exposure and desired conversion rate.

To remember about fraud

However secure they may be, credit transfer payments are not immune to fraud. To ensure the protection of consumers and merchants, the regulator requires payment institutions to implement preventive measures. But Fintecture has gone much further, developing a dual system that effectively protects its customers from the consequences of recall requests.

In a context where instant transfer payments will become the norm, such devices become crucial to enjoy all the benefits of transfer payments within a secure environment.

Fintecture is committed to the fight against fraud, not only through the development of effective systems, but also through its involvement in associations and working groups dedicated to making payments more secure: CNMP (Comité national des moyens de paiement), AFEPAME (Association des Établissements de Paiement et de Monnaie Électronique), ETPPA (European Third-Party Provider Association).