There is both an enormous amount of convenience and speed in using digital payment systems. For the general public, online payments through credit cards or even cryptocurrency enable customers to buy products worldwide that they might otherwise not have local access to. For businesses, online payments negate any possibility of fraudulent payment through counterfeit cash. Every transaction is a legitimate one that uses real funds.
However, just because the actual transactions are legal and legitimate doesn’t mean the person making the purchase is. This is where payment fraud through online transactions is on the rise due to breaches in cyber security.
Identity Theft and Account Takeovers Lead To Payment Fraud
The way payment fraud occurs today has shifted away from traditional strategies like printing counterfeit money and using that false cash to make purchases. Today’s digital criminals look for vulnerable accounts, seize control of them, and then use the funds or payment system associated with those accounts to make purchases. In other words, the money is real, and the account is legitimate, but the person using the account has stolen that access from the rightful owner or is using the account without the owner knowing it.
This results in the victims eventually receiving receipts and other proofs of payment for purchases they never made. It is the cyber security equivalent of someone having their wallet stolen and then the thief using that cash to make purchases.
Payment fraud is on the rise in a few key areas, most notably:
- Digital Wallets
- Payment Service Provider Transactions
- Cryptocurrency Transactions
- Buy Now, Pay Later Transactions
- Loyalty Reward Points
Billions of dollars in payment fraud occur every year, and one of the reasons for this is the inadequacy of legacy security systems. A single password-only security system, even with multi-factor authentication enabled, is incredibly vulnerable, especially if a careless customer uses an easily deciphered password. Even when a strong, single password is used, criminals use of “keylogging” can defeat this.
Multi-factor authentication is one addition way to “harden” a system against this type of identity theft. These cyber security measures use additional cyber security components, such as physical-digital “keys” or biometric authentication to add stronger layers of security. Even if a password is stolen, the password alone won’t grant access or control of an account without the additional authentication factors.
The challenge, however, lies in ensuring that cyber security measures provide protection without obstruction. If a security feature makes it too difficult to make a purchase, it does more harm than good. This is where initiatives like Nok Nok’s use of FIDO protocols play an important role. Read here to learn more.