Elkhan Nasibov, Chief Compliance Officer and MLRO at global financial service company Guavapay, discussed the rise of payment fraud and how it can be tackled.

Why is payment fraud so prevalent now more than ever?

Elkhan Nasibov: There’s an inherent irony in the fact that as technology advances and payment capabilities increase, so too do the tools that fraudsters and scammers have at their disposal. There is an ongoing battle between those who use payment technology and those who exploit users’ actions, behaviours and identities. Some attempts at fraud, including phishing, social engineering and the use of automated bots, are becoming increasingly sophisticated and it is absolutely essential that individuals remain vigilant at all times.

One area that is prone to payment fraud is ecommerce. The UK is home to 588,000 ecommerce websites, with a projected 62.1 million ecommerce users by 2025. While this rapid growth is impressive, it is also worth noting that in 2022, 81% of all UK card fraud came from ecommerce alone, with over 2.21 million cases of card fraud and £396m in losses. Put simply, the more reliant we are on online payment systems, the more wary we have to be of new scams and sophisticated fraud techniques.

Do financial institutions take payment fraud seriously enough?

EN: In a word, yes. They have to. All financial institutions heavily rely on their reputation – you only have to look at the major banks and how long they have all existed to see that to succeed in this sector you have to establish trust. If an institution lets their guard down and their customers fall victim to payment fraud as a result, then the reputational damage is significant. Keeping our users safe is our number one priority – and I know we are bound to say that, but it is actually the case. The systems we use in MyGuava Apps (MyGuava B2C App and MyGuava Business platform) to enable payments and provide a wealth of solutions have to be robust and fit for purpose; that can only be achieved by taking payment fraud seriously.

At Guavapay, our philosophy is that our work is never done – you cannot rest on your laurels. I mentioned above that it is an ongoing battle and it is; what works to prevent payment fraud today might not work in the future. Being mindful of that and continuously evolving to meet the challenges that fraudsters present is of paramount importance. We invest heavily in fraud detection and prevention technologies, and dedicate an enormous amount of time to implementing the most effective defences.

In cases where fraud originated on social media, should the payment provider or the social media provider be liable?

EN: There is no definitive answer to this question, as it would depend on the specific situation. However, something that should certainly happen is that the payment provider and the social media platform need to come together to find the most effective ways of mitigating this relatively new threat. PwC recently published its Global Economic Crime and Fraud Survey 2022 and it makes for fascinating reading. What the survey makes you consider is that social media is a platform in the same way as E-commerce platforms and enterprise platforms are.

I think a key point to make is that payment providers have been aware of the tools and techniques fraudsters use for longer than most, so it is their responsibility to educate people on what they can do to prevent fraud – irrespective of whether that is on social media or any other platform.

Having said this, there is an increasing need for social media platforms to start assessing their approach to preventing fraud and taking some additional steps to protecting and educating their users. While financial institutions must be – and are – held accountable, social media is by far the primary gateway through which scammers defraud people.

What’s the most important thing a person and company can do to protect them from fraud?

EN: Remain vigilant. However, that vigilance manifests itself, it is vital that people and businesses constantly consider the situation when making any kind of transaction. If something doesn’t feel right you should stop what you are doing. I have heard of cases of people contacted by scammers (who were extremely sophisticated and used the latest technology) and being persuaded to move all of their funds from their bank account to another account to prevent somebody from stealing their money. I strongly recommend that people take a breath and think about what they are doing.

Other things include using strong, unique passwords that are changed regularly, enabling multi-factor authentication (MFA) on all financial and personal accounts, and never sharing sensitive information. The final thing to say is that education is key: read up on the latest tools, tricks and techniques scammers use and you will be more likely to spot any red flags in the future.

What’s a policy change from the government that could reduce payment fraud?

EN: Information sharing between financial institutions and social media platforms should be considered to support better investigations into fraudulent activities. Where financial institutions are trying to understand the truth behind a fraud claim, having the actual communication records between victim and fraudster would serve as additional evidence to support a customer’s claims. But of course, this opens a can of worms in terms of privacy laws that would require government oversight, so changes in policy might be required to support steps in this direction.

Stricter penalties could be considered against customers who are identified as abusing systems designed to support victims of fraud, especially in cases of friendly fraud. More resources are required by local law enforcement to actually support the vulnerable and reduce fraud. Based on multiple sources, law enforcement often do not want to handle cases of fraud or pass these to other institutions to handle instead. Fraud is complicated as it crosses multiple police forces/jurisdictions and international borders but when law enforcement does not take action the problems will increase.

This post was sponsored by Guavapay, a global payments enabler based in London.

Already have an account? Log in