Successfully detecting and combating payments fraud requires much closer cooperation between the public and private sector. Data is often held in multiple locations and data stores, resulting in a siloed, layered and complex system that businesses and individuals can only navigate with the help of third parties. Efforts to collaborate on fraud in real-time transactions are also hampered by privacy laws such as GDPR, slowing down attempts to combat fraud as soon as it is being committed.
So warns P20, a UK/US-led payments forum in its latest report ‘Public-Private Data Exchange for Fraud Prevention: Best Practice Recommendations’ calling for enhanced public and private sector data exchange using new methods and technologies to fight against increasingly sophisticated fraud.
“Fraudsters are better organised than ever before and realise the importance of data to their efforts to defraud unsuspecting consumers and businesses. It’s becoming more difficult to defeat the criminals, but the industry’s defence efforts could take a huge step forward if it was able to marshal data sets and collaborate more across borders,” says Duncan Sandys, Chief Executive Officer at P20.
“Organisations could create pain points for criminals which will slow their activity down and allow firms to build stronger defences to keep fraudsters at bay. Data is critical in this battle, and we have worked with leading financial institutions, fraud experts and regulators to compile these recommendations which can help protect consumers from the deep financial and emotional impact of being a victim of fraud.”
The report urges the adoption of new privacy-enhancing technologies, arguing that artificial intelligence (AI) can not only help to resolve regulatory concerns of meeting privacy laws by protecting the consumer’s data but can also provide a further defensive armoury against modern cybercriminals. While increased engagement between public and private sectors on controlled data sharing could also help detect sophisticated fraud.
The report recommends governments develop and agree on a protocol and platform for the secure real-time exchange of data between financial institutions, government agencies, law enforcement, tech companies and telcos to help identify suspected fraud. It suggests the government issue regulatory guidance on responsible data sharing between entities and on standard data formats. For example, the industry could have For Your Eyes-Only access to law enforcement Suspicious Activity Reports.
The government should incentivise industries to expand and deepen AI machine learning technologies which can help detect fraud. This will allow the private sector to invest in more AI capabilities, and the entire ecosystem’s payments will be better protected. The report also notes how the public sector holds a significant amount of data, which could be a resource to help prevent fraud. The creation of a regulator-led forum to facilitate regular dialogue with the private sector on combating fraud could foster mutual understanding and build trust. It also suggests the government and industry should work together to develop a fraud prevention protocol setting out circumstances when it is acceptable to override privacy law provisions.
The report draws on key insights from a range of industry experts. Martina King, CEO, Featurespace, which partners its technology with the financial services industry, notes that using privacy enhancing technologies makes it easier to collaborate without using personalised data and achieve comparable results on behalf of the whole payment industry.
Fellow report contributor Michael Timoney, Vice President, Secure Payments, Federal Reserve Financial Services stresses the importance of improving education to combat fraud, while Eddie Cones, Head of Corporate Security & Executive Director, Fraud Fusion, argues AI has a fundamental role in beating the fraudsters. “AI enables fraud detection to use real-time intelligence to keep up with the fraudsters who are working together and pivoting their criminal activity in real-time.”
Ryan Schmiedl, Global Head of Payments Trust and Safety, J.P. Morgan concludes deterrence is also a vital component of success. “One of the best deterrents to prevent criminals making fraud attempts is to hold them accountable in a court of law.”