Sujit Kumar Mahato, Author at Digital Payments, Payment Security and Lending

UPI Fraud Trends and Their Possible Mitigation

March 16, 2023 / Sujit Kumar Mahato

With over 2 billion transactions worth over INR 4.5 trillion processed every month, India’s United Payment Interface (UPI) has revolutionized the digital payment ecosystem. UPI has been emerging as the most preferred payment method among Indians. However, at the same time, we are witnessing a rise in fraudulent transactions in recent times. A total of 1,46,495 unified payments interface (UPI) fraudulent activities were reported on the National Cybercrime Reporting Portal (NCRP) during the first and second quarters of 2022, as per the Ministry of Home Affairs (MHA). Up until now, banks and financial institutions have predominantly relied on educating consumers against fraud. But, in cases of fraud, the consumer is at the mercy of the grievance process, which adversely affects the consumer experience and dents customer loyalty. Fraud Trends and Their Possible Mitigation Impersonating Sellers and Customer Care It is more of a habit to google customer care contacts when facing issues with our online purchases. Fraudsters are flooding the internet with fake customer care details to lure in consumers. After gaining the trust of gullible customers over the phone, refund collect requests are shared via QR codes, SMS links, and so on. Financial institutions can integrate with technological solutions that detect and alert the customer in the event that a payment is made over the phone. Spoofed VPA IDs In the name of disaster relief or support, fraudsters created multiple spoofed VPA IDs that are remarkably similar to the original ones. In recent times, we witnessed an unprecedented rise in VPA IDs, similar to the PM Cares Fund. Maintaining a list of suspicious keywords such as support, relief, care, disaster, army, minister,” etc. and running risk rules over transactions being made to VPA IDs containing high-risk keywords have the potential to curb fraudulent transactions. Screen mirroring apps and malware Through malicious links, fraudsters get consumers to download screen-sharing or remote-access apps or malware. Once installed, the fraudster gains access to confidential UPI details, which are then used in combination with other modus operandi, such as SIM-swapping. Payment apps should have the capability to detect potential malicious apps already downloaded on the device and restrict payments from going through. Collect Request Through classified ads, fraudsters initiate conversation with sellers they are impersonating as potential buyers. Creating a sense of urgency, the fraudster intends to make a quick payment without much negotiation and sends a collect request, sometimes in the form of a QR code. The VPA IDs used by fraudsters are generally gibberish and at times have numbers or alphabets in sequence. Banks or financial institutions’ apps should have the capability to detect such patterns on beneficiary VPA handles. UPI has made digital payments more accessible and convenient for millions of people in India, and it is expected to continue to play a significant role in India’s digital payments ecosystem in the coming years. With continued efforts of educating consumers against frauds, banks and financial institutions should leverage the technological advancements against the mushrooming UPI frauds. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company BaaS

UPI Fraud Trends and Their Possible Mitigation Read More »

Moving beyond SMS OTP Authentication

November 10, 2022 / Sujit Kumar Mahato

If you have ever transacted or purchased online, you must have come across the OTP Authentication. The system-generated code delivered through SMS on your device serves as a verification of the claim that you are the actual owner of the device as well as the account/card/wallet through which the transaction is initiated. The authentication or verification of our identity as who we claim ourselves to be is a part of our day-to-day lives. Be it checking in at the airport or going past the security desk of an office, though we identify ourselves with our name, we authenticate ourselves with some other form of ID card. With growing security concerns, both in the physical and digital worlds, authentication methods have evolved not only to protect but also to provide a seamless experience to users. The ways in which one can be authenticated fall into three categories: · Knowledge: Something the user knows (eg. Password) · Ownership: Something the user has (eg. ID card) · Inherence: Something the user is (eg. Fingerprint) The above categories are referred as the Authentication Factors and the use of the number of factors in an authentication process derives its name. · Single-factor Authentication: Requires providing only one piece of verifiable information such as a password · Two-factor Authentication(2FA): Requires providing two pieces of verifiable information such as a password and then proof of possession of their smartphone (through an SMS OTP delivered on that device) · Multi-factor Authentication: Required to provide two or more pieces of verifiable information. As in the case of 2FA, where two categories (factors) of information are required, it is also considered an MFA. The idea of an OTP was first suggested in the 1980s by Leslie Lamport. With growing attacks and increasing authentication requirements, many patented OTP algorithms were developed. Today, OTPs are synonymous with two-factor authentication and are thought to augment existing passwords with an extra layer of security. Yet, fraudsters manage to circumvent it every day. SIM SWAP: In this scenario, a fraudster uses the stolen identity (name, email, government ID, etc.) to trick a mobile service provider into issuing a new SIM card for an existing phone number. Once the new SIM card is active, the original SIM card will be shut down, and the fraudster will try to gain access to the user’s financial application. Once the fraudster has gained access, the last line of defense—2FA or SMS OTP, is compromised. JAILBREAK or ROOT: Removing software restrictions put in place by manufacturers, to gain full access to the device’s operating system is called “jailbreaking” for iOS and “rooting” for the Android operating system. Generally, it is aimed at customizing the user experience or gaining access to a greater variety of unofficial apps. Jailbroken and rooted devices are susceptible to malware and viruses due to the weakened built-in security features of the devices. This eliminates security controls made by the manufacturer, which enables hackers to steal personal information, attack the network, or introduce malware, spyware, or viruses to circumvent the authentication measures in place. Investigating the feasibility of implementing a code by financial institutions that checks if the device is rooted or jailbroken prior to the installation of the mobile application and disallows the mobile application to install or function if the phone is rooted or jailbroken, can save its customers from possible fraud. Increasing layers of security is not a feasible solution for financial institutions when consumers prefer speed and convenience, even when it comes to accessing financial services online. User experience has become one of the determining factors when it comes to user adoption in any industry globally. Not receiving an SMS OTP, is one of the most painful experiences one can have as a user. Latency, in addition to the SMS cost, is a challenge for financial institutions in the exponentially growing digital era. Maintaining a balance between fighting fraud and improving the consumer experience is a challenge. Leveraging inherence-based authentication, such as biometrics, or ownership-based authentication, such as push notifications on the registered device, are some of the authentication measures that cater to both security and the consumer experience. Technological solutions with multiple authentication measures other than SMS OTPs and device binding are the way forward for providing a delightful customer experience without compromising security. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Authentication, Fraud Prevention, Global Digital Payments, Payments

Moving beyond SMS OTP Authentication Read More »

True Cost of Combating Payment Frauds

September 14, 2022 / Sujit Kumar Mahato

A quick recap of major players involved in payment transactions : 1. Customer 2. Issuer Bank — holding the customer’s bank account 3. Payment Networks — Visa, Mastercard, NPCI, etc 4. Merchant 5. Acquirer Bank — holding the merchant’s bank account In simple terms, Payments Fraud is the one where someone made unauthorized payments/purchases. Though the liability of fraud differs(customer/merchant/banks etc) on a case-to-case basis, someone in the payment system has to finally bare the brunt and mark the money as lost in their respective books. Fraud is a global issue that affects not only individuals but also organizations — merchants, banks, insurance companies, and who so ever is dealing with payments. Payments frauds have been crippling every country across the globe and according to recent studies, the epidemic of payment fraud has been growing over the recent years. When it comes to payments, there are 2 major elements – 1. FALSE NEGATIVE — when an act of fraud goes undetected and through the payment system 2. FALSE POSITIVE — when a faulty fraud detection system blocks a legitimate transaction. Anti-fraud solutions and fraudsters are caught in a cat-and-mouse game. Both have been leveraging technological innovations to meet their underlying need and eventually adding to the cost of combating fraud. Whenever we come across the term COST, our first thought is that it’s a mere cumulation of expenses incurred in producing or building a product or service. However, in financial terms, the cost is segregated into — Direct Cost and Indirect Cost. The majority of the time, indirect costs are neglected when it comes to deriving the actual cost of a project due to the difficulty associated with deriving a cost-effective methodology for the assignment of indirect costs. When it comes to defining the cost associated with fraud, organizations generally tend to consider the amount lost in the fraud process. These numbers are a significant percentage of the topline revenue. Moreover, it’s a concerning fact that even less than 20% of businesses are able to fully recover the amount from unauthorized transactions and other fraudulent activities. Apart from the obvious Direct Cost — fraud amount value — associated with the transaction, the Indirect Cost often goes unnoticed. Cost of Combating Fraud: Huge infrastructure and resources — manual as well as technological are deployed by organizations in payment authentication and authorization. The cumulative loss arising from both False Positive and False negative scenarios burn a larger hole in terms of operational efficiency. Cost to Reputation: Businesses incurs huge cost when it comes to building a reputation of trust through the marketing function which employs varied techniques to increase the perceived value of a product or service over time. Undetected frauds and consequent delays in grievance redressal often leave the customer/merchant with a bad experience with their respective banks and also with the payment entities involved in the process. Cost of declining Genuine transactions: High False positive rates can leave the customers/merchants frustrated. Organizations leave no stone unturned through sales and marketing and customer support to acquire and retain a customer. In the era of fierce competition, if one thinks Customer acquisition is hard, think about the retention of a frustrated customer. It is somewhat now possible to measure fraud and error losses but one needs to surely factor in the Indirect Costs in order to make a proper judgment about a proportionate level of investment to be made in reducing them through the deployment of anti-fraud tools. Direct costs associated with fraud are just the tip of the iceberg and give even less than half a picture of the menace lying underneath. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Anti Fraud Management, Digital Payment, Fraud Detection, Fraud Prevention, Online Payments

True Cost of Combating Payment Frauds Read More »

Account Takeover Frauds- Adaptive Protection Approach

August 31, 2022 / Sujit Kumar Mahato

Once a fraudster has gained access to an account, they eventually end with either or combination of the following : – Make fraudulent orders – Reload digital wallets – Use loyalty points – Sell the confirmed account – Extract customer data to sell The process of gaining access to a victim’s login credentials to steal funds or information is referred to as Account Takeover Fraud (ATO). Fraudsters can take over any account type — bank, e-commerce, etc and have multiple ways at their disposal to trick gullible victims. Account takeover fraud is not new, but it is becoming more common. In 2018, account takeover fraud losses totaled around $4 billion. By 2021, this figure had increased by more than 200%. (PaymentsJournal) Fraudsters are finding innovative ways to carry out their trade. Screen-sharing apps are one of the newest additions to their arsenal as more and more individuals adopted digital payments during the pandemic for daily transactions. These screen-sharing apps were developed with the intention to provide tech support using the screen-sharing feature. However, these apps are now being used by fraudsters to access the mobile devices of their targets and make transactions without waiting for victims to share OTPs. Often gullible consumers fall prey to fraudsters pretending as bank officials who create urgency on the pretext of account/card block and ask users to download screen-sharing apps for account retrieval. Once installed, fraudsters have a clear view of not only the account credentials but also the OTP messages received over the phone, and consumers eventually end up with debit messages of their hard-earned money. One of the growing concerns is that ATO frauds are happening through screen-sharing apps despite the constant efforts from government agencies and banks to educate consumers not to share sensitive financial information or download apps from suspicious sources. Apart from the recent Screen Sharing Apps, a few of the other methods deployed by fraudsters to conduct Account Takeover Fraud (ATO) are : – Phishing: Impersonating as representatives of well-known brands/ businesses, the fraudster persuades the individual to click on links that redirect to spoof websites or install malware that does the credential harvesting. – Credential Stuffing ( Brute-Force): Dark web provides bank account/card details at a cost as low as USD 15. Once the fraudster has sourced a list of stolen credentials from the Dark Web, bots are used to run automated scripts to guess the correct account password by making multiple login attempts with a different password each time Account takeovers can significantly damage customer trust and brand reputation. Often, businesses introduce tighter security measures and add verification steps, but too much of either can harm the user experience. The need of offering an experience that is welcoming to consumers and hostile to fraudsters can be addressed through an adaptive protection approach. Billions of transactions take place across the globe generating valuable data points which are utilized in the concept of adaptive protection and the ability to run through layers of controls in real-time — including consumer behaviors and network anomalies — to determine whether a user should be pushed through with no friction, declined or given an alternative experience. Differentiating between good users and fraudsters helps in avoiding account takeover fraud. Wibmo’s TRIDENT FRM, an enterprise fraud, and risk management solution, evaluate diverse data points across channels and devices for the risk associated with each transaction. Learning and adapting to evolving consumer behavior as well as fraud patterns, TRIDENT FRM helps to detect and predict fraud while ensuring a delightful user experience. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Account Takeover, Fraud Detection, Fraud Prevention, Online Payments

Account Takeover Frauds- Adaptive Protection Approach Read More »

RETURN FRAUD- The e-commerce way of Shop-Lifting

August 24, 2022 / Sujit Kumar Mahato

The pandemic changed the way consumers shopped. A black swan event changed consumer behavior and Online shopping is one of the segments to reap benefits. The pandemic and the exponential growth in e-commerce forced traditional brick-and-mortar shops to adapt to the evolution. Pre-pandemic brick-and-mortar shops kept a cautious eye on shoplifters but the e-commerce boom came up with its own shoplifting nemesis, say Hello to RETURN FRAUD. Fraudsters abuse the retailer’s fraud policy which was actually created for customer delight and it’s the smaller e-retailers who bear the brunt of Refund Fraud. The modus operandi of Refund Frauds differs from traditional frauds as it takes place post transaction — once the goods have exchanged ownership from the merchant to the consumer. A thriving ecosystem, Fraud-as-a-Service (Professional Refunders) has come into place to support those who wish to take advantage of lax return policies without actually having to go through the process. Reddit and Discord channels are leveraged as promotional grounds for these Illegal Life Pro Tips (ILPT) Modus Operandi 1. Everything is legitimate during the online transaction. Fraud is initiated once the good is received by the consumer. 2. Consumer goes to a Professional Refunder who charges a percentage cut on the refund value. 3. Refunder impersonates the Consumer 4. Refunder initiates the escalation with the merchant and uses the PERFECTED METHODS to get a refund without returning the product. A few of the Perfected Methods : a) Substance Leak — With doctored images/videos refunders report hazardous breakage such as monitor capacitor leakage, or battery acid leakage, thus making the product legally un-shippable. b) Partially Empty Box — Generally used for tracked shipping where the package is claimed to have arrived but has missing components. c) Fake ID Tracking Numbers — A properly weighed package is returned back without the actual goods. The shipping address is doctored to a new but incorrect address. Refunder then initiates a return claim with the merchant — to whose naked eye the package appears to be shipped and delivered back. d) Blood or Maggots — Claiming of finding questionable substances (again, doctored images/videos) in the product received and thus a reason for why one can’t possibly handle the opened package. Refund Fraud not only is a concern to merchants but also runs a risk of putting consumers’ virtual assets at risk such as email, passwords, card details, etc — as refunders offer Fraud-as-a-Service, access to the buyer account. Apart from the complicated methods listed above employed by professional refund fraudsters, consumers, with a Robin Hood mentality, too are learning about refund fraud and executing Refund Fraud as : a) Bricking: A working item ( generally electronic items) is purchased with the intention to be returned after stripping down the valuable component and rendering the item eventually unusable. b) Wardrobing: Majorly observed with expensive clothing. An item is purchased, used, and eventually returned. c) Switch Fraud: Returning a previously owned defective or damaged identical item with the aim of cashing on to the refund. Be it the retailers or the e-retailers have a return policy in place but a fine balance needs to be maintained — neither overly complex nor overly relaxed. The process of refund dents a blow to the bottom line not only in terms of labor involved in the process but also in refurbishing the returned items. Trying to avoid Return Fraud by adding manual resources will be a mountain task in this era of data where organizations are sitting on a mountain of data as well as leveraging data from other sources. Multiple data enrichment tools provide services as quick reverse checks on multiple data points for instance email addresses. Current innovations in fraud detection software over the recent years have made it possible to curb the menace of fraud even with very little technical knowledge. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Fraud, Fraud Detection, Fraud Prevention, Return Fraud, Risk Management

RETURN FRAUD- The e-commerce way of Shop-Lifting Read More »

Identification, Authentication, Authorisation — Know the Difference

February 21, 2022 / Sujit Kumar Mahato

We undergo the process of Identification, Authentication, and Authorization every day in both physical and digital worlds. Let’s first start with the physical world. You have been planning for a weekend vacation for a long time but have been stalling because of the busy work schedule. After months of long hours of work, you finally find a weekend for a getaway. After work hours you meticulously plan the vacation — the place to visit, the hotel to stay, the to-do activities, and whatnot. Finally, the getaway weekend has arrived and the first thing that you do after reaching your destination: is Check-in into the hotel 1. Identification — You walk to the hotel reception and mention that you have a prior booking at the hotel. The first thing the receptionist asks is for your name. The receptionist then checks through the register to confirm of your booking. By providing your name, you claimed your identity. Your name, more or less, is unique and used for identification. 2. Authentication — Once the receptionist has got your name in the booking register, you are asked to present an ID card. The ID card verifies that you are the person whose name is on the reservation Here, the ID card facilitates the process of authentication and verifies your identity. 3. Authorisation — After the receptionist has done the necessary authentication process/paperwork, you receive a guest keycard. The guest’s keycard grants you access to your room, the guest elevators, and the pool — but not other guests’ rooms or the service elevator. Hotel employees have a service keycard, authorized to access more areas of the hotel than guests are. You enjoy the next few days to the fullest and finally be well-rested and rejuvenated. It’s time to go back to your work and give your best. It’s time to check out and walk to the reception desk. You hand over your card to the receptionist to pay the bill. At this moment you have jumped into the digital world of identification, authentication, and authorization. 1. Identification — The receptionist puts your card through a POS terminal. The information stored on your magnetic strip/EMV chip enables the banking systems to identify your valid account details — a bank that has your account, your account details, etc. Here the information on your card’s magnetic strip/EMV chip is analogous to your name which you used during check-in. 2. Authentication — You are then requested to enter your card PIN. Your card PIN is confidential to you — only you know it (an ideal case). By providing the PIN, you establish the validity of you being the owner of the card, associated with the bank account. The PIN authenticates that you are the owner of the bank account, from which money would be transferred to the hotel for its services. 3. Authorisation — There are multiple stakeholders involved when you are making transactions through your card. The bank in which you have your account, the card networks — Visa/Mastercard/Amex/Diners, the bank which has the hotel account, the software provider for the POS terminal, etc. Each stakeholder has a specific role to play. For example, the bank — which has your account- confirms that your account has enough balance amount. It then authorizes the deduction of the bill amount from your bank account. It may seem that all three steps — identification, authentication, and authorization are inseparable. But that’s not true. Remember the last time you uploaded a file on your Google Drive/One Drive and shared a public link. Here, you have authorized anyone with the link to access that file without any prior identification or authentication. Probably, the value of the file is far less than the value of the money in your bank account. Hence, the banking world uses cutting-edge solutions to predict, prevent and detect fraudulent transaction attempts on your card. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Authentication, Authorization, Digital Payment, Identity Management, Security

Identification, Authentication, Authorisation — Know the Difference Read More »

Prediction, Prevention, and Detection of Fraud Attempts, the key to faster payment processing

December 29, 2021 / Sujit Kumar Mahato

The global digital payment market size is expected to grow from USD 89.1 billion in 2021 to USD 180.4 billion by 2026. The promotion of digital payments worldwide and the increasing penetration of smartphones are major contributors. Besides, the pandemic has accelerated the adoption of contactless and wallet payments. India, too, saw exponential growth. Thanks to 1 Billion cards and more than 2 Billion prepaid payment instruments like wallets and other digital payment modes. But, cyberattacks are a major roadblock in the growth of digital payment solutions. These global attacks are the most critical challenges that the payment industry has been facing. New and evolving cyberattacks affect businesses by breaking into payment systems to get cardholders’ data. The evolving frauds include : a) Friendly fraud — Fraudsters make the purchase on a credit card, receive the product or service. Then demand a refund for a lost or short-shipped order, or file a chargeback through their credit card issuing bank. With the intention of receiving a full refund of the purchase amount. b) Affiliate fraud — Refers to any unscrupulous activity conducted to generate commissions from an affiliate marketing program. Newer types of affiliate fraud include using stolen data for lead generation or stolen credit cards to generate sales. c) Botnets- Submit large numbers of transactions to test the viability of stolen payment card credentials. d) Phishing — Fraudulent communications, through email, text, or call, that appear to come from a reputed source. e) Velocity attacks — Multiple monetary authorizations seeking to detect an active account and decipher CVV/Expiry Date values of a set of cards within a BIN range. f) Triangulation — Fraudster is the middleman between a customer and an unsuspecting merchant. The customer places the order through the fraudster (impersonating as a merchant). Then the fraudster uses stolen credit card information to buy those goods from a legitimate merchant. It is estimated that 9 million identities are stolen each year in the US alone, with a new victim of identity theft every two seconds. Since many people do not report identity theft, no true number of victims exists. According to the Central Statistics Office (CSO), by 2021, loss from cyberattacks would rise to US$ 6 trillion from US$ 3 trillion in 2015. The growing number of cyberattacks is a hindrance to the adoption of digital payment services. In a recent study by YouGov and ACI worldwide, consumers are increasingly concerned about digital payments fraud. As a result, exercise greater caution when using digital payments compared to a year ago. 71% of consumers are more concerned about scams and fraud because of Covid-19, compared to 47 percent of consumers last year at the onset of the pandemic. The study also indicates that banks continue to be the preferred first point of contact in event of fraud. Around 60% of respondents would first call their bank to block their account or visit the bank branch to file a written complaint. Though worldwide initiatives towards customer awareness are on the rise, the banks will need to continue to lead the way not only by increasing customer awareness but also by deploying modern and robust enterprise-level fraud management solutions. For a delightful customer experience, banks need to predict, prevent and detect fraud attempts even before the payment processing to pave way for frictionless digital transactions. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Fraud, Fraud Detection, Fraud Prevention, Global Digital Payments, Online Payments

Prediction, Prevention, and Detection of Fraud Attempts, the key to faster payment processing Read More »

Faster and Convenient Authentication

October 29, 2021 / Sujit Kumar Mahato

Before the invention of the steam-driven railways in the 1800s, mankind was dependent on animal pulled wagons to transfer goods. The Tanfield Wagonway in England, the first large-scale railway, used horses to haul coal-filled wagons from the mining village of Tanfield. On the lookout for faster and more convenient forms of transportation, evolved from horses driven wagons to steam engines, from steam to diesel, and from diesel-driven to engines driven on electricity. Fast forward to the 21st century, the world is experimenting with hydrogen-powered trains. Consider the banking industry. Though there is no trace of the word ‘banking’ before the 1600s, the practice of safekeeping, saving, and transacting money can be traced back to the temples of Babylon. The Arthsashthra, written by Chanakya around 300 BC, has mentions of ‘hundis’ or letter of transfer. Had the banking industry failed to ride the technological horse, money transfer initiated through hundis would have taken days or at least hours, to reach the designated payee through the fastest railroad. Thankfully, the banking industry learned to ride the technological horse and today with the help of electronic transfer can facilitate the process of money transfer. Electronic transfer not only made money transactions faster but also convenient for the people, who were saved from the age-old hassle of going to a nearby branch and waiting for their turn in the long queues at the bank teller. Can money transactions be made faster and more convenient for the customers? The movement of the electrons, involved in the electronic transfer, cannot be made faster with current feasible resources nor the customers can have a more convenient experience in making transactions from the comfort of their homes. The only way to provide a better — faster and convenient- banking service could be through optimization of steps involved in internet transactions. A large part of the processes involved in electronic money transfer is dominated by Authentication or security — ensuring the money transfer takes place from the genuine customer. The introduction of OTP has been a major advancement in the banking industry. However, it is the one step that may be loved by the banks but hated by customers, especially when the OTP fails to arrive on time or when the user makes a mistake. Removing OTP altogether poses a serious threat to security and thus banks still rely on OTP services for user authentication. This brings us to the question — How authentication can be made faster and more convenient? Is it possible to have convenient security? The answer lies in DATA. Let’s consider a simple case of house-rent transfer. A genuine user would be transferring the same house-rent amount month after month to the same account, using mostly the same wifi connection (ISP), the same laptop/mobile, and may be even on the same day of the month. A fraudster, for sure, wouldn’t be so generous to take the pain of paying rent on the user’s behalf. All the parameters above can be easily tracked and monitored with data. The answer to a “Faster & More Convenient Authentication/Security” lies in identifying the right set of data and formulating them into risk assessment. Higher risk should demand stricter authentication whereas lower risk should lead to faster and convenient -frictionless transactions, paving way for customer delight. The pandemic has accelerated the adoption of cashless transactions across the globe and is forcing the bank, more than ever, to evolve in order to meet the demands of smartphone-led online shopping culture, with cards and digital wallets rising in prominence. Banks need to leverage data and segregate high and low-risk transactions in order to provide ‘faster and convenient authentication to their customers. The demand for a fast, reliable, secure, and frictionless payment experience by customers requires banks to adopt fraud detection systems, which leverage the power of data through advanced machine learning technologies. When it comes to detecting subtle patterns which help in the identification of fraud transactions, machines are more effective than humans. Today, irrespective of the field, the power to leverage data, to provide ‘faster and convenient service, is one of the biggest assets for any organization. The faster and higher the convenience, the greater is the customer delight. The greater the customer delight, the higher is the customer loyalty. Author: Sujit Kumar Mahato, Product Manager Wibmo A PayU/Naspers FinTech Company Authentication, Digital Payment, Fraud Detection, Payments, Paytech

Faster and Convenient Authentication Read More »