Process instant payments securely | PYMNTS.com
Managers reported a 73% increase in P2P fraud and a 44% increase in instant or real-time payment fraud over the past 12 months, according to PYMNTS data. In this month’s “Digital Fraud Tracker®,” DataVisor CEO Yinglian Xie explains why firms must incorporate security and automation by design, as there is no margin for error in real-time transactions.
Christian Santaniellosenior vice president and head of commercial deposits and treasury management at Axos Banktells PYMNTS how his bank ensures instant payments are safe and secure.
Instant payments have many advantages over older, slower payment methods. They are also a prime target for fraudsters looking for a quick way to defraud businesses, banks and consumers – sometimes out of millions of dollars. After hearing stories of instant payments gone wrong, some feel apprehensive about making payments this way.
“Some of it is just learning the nuances of instant payment rails and understanding how they can be different from [legacy payment technologies]”, said Santaniello. “There are certain [situations where] just the idea of immediate and irrevocable payments can be terrifying.”
It can help to build a strong technological infrastructure and educate businesses and consumers on how to use instant payments in a smart way.
Quality IT integration is one of the most important parts of successful instant payments. Some third-party software is still built with legacy payment systems in mind, Santaniello warned, so it’s important to make sure some of those programs are modern and ready for immediate payments. In addition, it is important to employ people and programs that are familiar with each customer’s payment habits and are trained to detect suspicious activity. Axos uses automated software to flag potentially fraudulent payments and then has staff familiar with the accounts review the payments to make a call on whether or not to slow them down.
“We use a combination of in-house and partner technologies that help establish controls around all aspects of the payment from the point [at which] the person or the system logs in until after the payment [is made],” he said.
By doing this, Axos Bank can investigate anomalies with regard to payment patterns, detect fraud or errors early in the game.
Axos integrates with third-party software companies that use application programming interface (API)-based wire origination to streamline payments and make them more secure.
“One of our specialties is plugging right into the ERP system to allow origination and time reporting through API-based services back into the registration system,” Santaniello said. “It makes existing payment rails a little more efficient and faster with regard to the user.”
For this secure infrastructure to work, everyone involved needs to be educated on how to protect themselves from fraud – especially from being tricked into sending money to bad actors.
“We can have the most secure pipe in the world between the business and the bank, but if you send good instructions to a bad person, it doesn’t achieve the goal.”
The most common form of instant payment fraud is when a company sends a legitimate payment through an app or wire transfer, but that payment goes to someone who has promised a good or service they don’t plan to deliver, Santaniello said. The key is to educate consumers and businesses about the realities of fraud and that instant payments are just that – instant – and cannot be revoked.
Santaniello and his team have made it a point to educate as many of Axos Bank’s customers and potential customers about these risks as possible, he said, offering in-person consultations and periodic webinars on topics such as cybersecurity. The problems can almost always be prevented through education, he said.
“We hear very little about these big payment rails getting hacked or having security issues. It’s more about scenarios where someone is tricked into sending a payment to someone they shouldn’t.”
