Virtually all financial and payments professionals believe payments fraud is only going to get worse in the near future, according to a new survey by TD Bank.
The survey, which polled attendees at April’s NACHA-The Electronic Payments Association conference in Austin, Texas, found that 91% of 392 payments system stakeholders at the conference said they believe payments fraud is going to become a bigger threat in the next two to three years. That’s up from 89% in 2016, the bank said.
“Companies need to be mindful that everyday tools from email to the Internet can pose risk to payment operations, and the criminal toolbox is expanding,” TD Bank Head of Corporate Products and Services Rick Burke said. “Corporate treasurers need to create layers of control for accounts and payments processing, both within their organization and in conjunction with their banking partners.”
About 64% of the respondents in the survey said they or one of their clients has been involved in a cybersecurity incident in the past year. Business email compromises and account takeovers were the most common types of incidents, each affecting about one in five respondents. About 15% said they or their clients had been involved in a data breach and about 10% were involved in ransomware.
Automating payments processing may be a way to mitigate some of the risk, according to the survey. About one in five attendees (21%) said fraud control and security was a top benefit of automation for payments processing, behind speed and same-day payment (27%) and efficiency (26%). Fewer than one in five pointed to cost savings (16%) or accuracy (11%).
In a statement on the TD Bank survey, Ryan Wilk, vice president of customer success at NuData Security, which is a biometrics and behavioral analytics company in Vancouver, British Columbia, said account takeover attacks on both mobile and web logins rose 630% between February and May 2017. Those attacks, according to NuData, often involve using automated scripts to create thousands of possible password combinations to get into accounts.
“Account takeover is the new credit card fraud. Automating payments could improve security, but it must involve a layered approach that includes passive biometrics and behavioral analytics to differentiate real customers and payments from impostors using stolen credentials,” Wilk said.
Some other findings from the survey include:
• The percentage of paperless businesses remains low. Just 23% were paper-free in 2016 and 21% were in 2017, according to the study. About half (48%) said it will take at least three years to go paperless, up from 42% in 2016. About 40% said same-day ACH is the most helpful tool in accomplishing this, followed by accelerated receivables (27%) and automated cash application (14%).
• About one in five (22%) respondents said the most likely reason their organizations would use a corporate reloadable prepaid card was to issue employee paychecks. Another 21% said they would most likely use them for bonuses or rewards, and 19% would most likely use them as generic expense accounts. Only 6% said they would use them for contractor payments or other uses, respectively, and 26% said their organizations would not use the cards at all.
