Fraud is somebody else’s problem – until it happens to you
Have you ever had the experience of not bothering with, say, home contents insurance, until your home was broken into? Us humans often bury our heads in the sand… until it’s too late.
We’re especially prone to this when we don’t fully understand the problem, and as fraud has become increasingly digital and invisible, many business owners are just ignoring the issue.
This is a bad idea, not least because it’s smaller businesses who are most at risk. With an average cost of over £19000 to deal with an incidence of fraud worth only £1000, it could be the difference between a great weekend and not opening back up on Monday.
And the landscape of threats is mind-boggling. You should assume that, at some stage, every digital element of value in your operational chain is going to come under attack. For example, in their Annual Fraud Report 2022, UK Finance, the banking industry trade body, reported that:
- Its members tallied 195,996 incidents of Authorised Push Payment (APP) scams (people being persuaded to voluntarily send money to scammers) in 2021, with gross losses of £583.2m
- Around 10% of those losses – £56.7m – came from invoice or mandate scams, in which a criminal intervenes into a legitimate payment process to convince the victim to redirect the payment to a different account.
Clearly, “it won’t happen to me” is just asking to become a statistic. But there are other reasons to give fraud some attention. Just as persuasive is the point that there are indirect impacts from fraud, or a business environment where fraud is prevalent:
- Customers routinely delaying payment in order to check details, or being obstructive in providing their bank details etc. because of their legitimate fears
- A broader impact on customer confidence (reduced willingness to buy) and customer experience (exasperation at endless checks, logins, passwords etc. – all with a price to pay in seamlessness).
- And you can double this concern if you’re trading across borders. Customers have plenty of doubts when their legal rights in the event of fraud are complicated by an international legal system.
So, it’s every business’ duty to help each other by making transactions safer for everyone.
Your approach should be multi-layered, and protecting against APP is only one tactic, but an important one. Today, 89% of UK financial services transactions are executed on mobile, and banks are continuing to optimise the balance between excellent in-app customer experience and fraud prevention – mobile gives fraudsters an increased attack surface for the future. In particular, requests for payment delivered as links can be seductive and credible. Finextra reports, “Given the high growth of authorised push payment fraud in recent years, the potential risk of ‘pay-by-link’ Request to Pay services (where a payment request is delivered, for example, via a link in an email to a personal email account) is a hot topic.”
There are plenty of solutions to minimise the APP challenge, but fraudsters are incentivised to respond with their own capabilities as fast as these piecemeal solutions are created. Request to Pay environments like Bluechain remove the avenue of attack by:
- Creating a secure connection between the payer and the biller
- Not including financial information as part of the Request
- Verifying billers and always showing full detail on what a transaction is for
Knowledge is power, and Bluechain makes transactions clear and transparent – not only giving you and your customers confidence in the bills you should be paying, but also making scams more clearly visible.
Tim Annis is the UK MD of Bluechain, a company that takes the friction out of Payables and Receivables. He cut his teeth in a stellar career at AmEx, leading in their B2B Working Capital Solutions operation and winning the President’s Award in 2016. He then led banking alliances at Tradeshift, the disruptive and ultra-high-growth business payment financing venture, before joining and now leading Bluechain.