The P2P payments sector is growing and innovating fast, and this activity is triggering a wider range of attack vectors
The peer-to-peer payments sector is booming, with total transactions worth nearly $1tn in 2022. That’s a full 25% increase on the previous year. Growth is being driven by innovative firms who are developing ingenious new ways to delight customers with faster, slicker and smarter platforms which dovetail with consumers’ fast pace of life and need for near real-time payments.
The sector may not suffer anywhere near the highest rates of fraud within the fintech industry, but its predicted growth has nevertheless attracted a significant uptick in criminal activity. Here are five of the biggest emerging risks confronting P2P payment services today.
Fraudsters can now create fake versions of popular payment apps and upload them to app stores or directly distribute them to potential victims. The goal is to gain access to personal information, payment details, or bank accounts so criminals can transfer funds without being detected. These fake apps often have the same interface as the legitimate version, but with malicious code embedded within them. They may also contain additional features that make it easier for criminals to steal data.
Fraudsters also create fake versions of legitimate billing websites and use them to trick their victims into providing their payment details. These sites usually have a professional design and feature the same logos, layouts, and other elements as the real sites. Fraudsters also send phishing emails with malicious links that take users to these fake billing sites. Once on the site, users are prompted to enter personal information, payment details, or both. The fraudsters then use this information to transfer funds to their accounts.
The criminal use of malware, such as bots, increased by 86% during 2022, according to analyst research. Criminals use botnets to deploy malicious code and gain control of thousands of devices at once. Botnet attacks allow fraudsters to set up multiple P2P payment accounts on different platforms and then transfer funds between them without being detected. This threat vector is so common that bots now generate most internet traffic.
A 98% check automation rate gets customers through in about 6 seconds.
Real-time end user feedback and fewer steps gets 95% of users through on the first try.
An unmatched 11K+, and growing, government-issued IDs are covered.
Up to 30% more customer conversions with superior accuracy and user experience.
Veriff’s data-driven fraud detection is consistent, auditable, and reliably detects fraudulent forms of identification.
Veriff’s POA can grow with your company’s needs and keep up with times of increased user demand.
Phishing is a long-time fraudster favorite, and criminals continue to evolve the way they perpetrate this scam. Pharming, for example, involves criminals using viruses to hijack a victim’s device without their knowledge, so they can be directed to a fake PSP website. Vishing, on the other hand, is a telephone-based phishing scam where criminals use VoIP technology to call victims pretending to be trusted employees from their PSP. Education should always be the first line of defense, but AI-powered identity verification is just important when it comes to spotting fake users and hijacked accounts.
Card cracking is a type of fraud in which criminals use stolen payment card information to transfer funds into a wallet without the cardholder's knowledge. Card cracking is often part of a larger scam, such as buying a cheap product and “accidentally” sending more money through P2P payments. Criminals then demand a refund for the difference, only for the seller to be liable for the total amount when it's discovered the card was stolen.
Identity verification should be the cornerstone of every P2P payment provider’s fraud prevention strategy. Historically, rigorous verification risked adding unacceptable friction, undermining customer experience, increasing drop-off rates during onboarding and ultimately costing companies money.
AI-powered identity verification (IDV) platforms such as Veriff’s, however, automate this process, verifying customer identity in an average of just six seconds at an accuracy rate of 99.99%. This enables PSPs to effectively close down many of the emerging attack vectors exploited by cyber criminals.
Our IDV platform makes identity verification simple. Plus, you can also tailor your process to suit your industry and brand.
If you’d like to learn more about how we can create an identity verification process for your business, get started with us today and book a personalized demo.