The last two years have been hectic for the digital world. Businesses have reshaped their operations in rapid response to the pandemic. They have to either go digital or go dark. Consumers too have embraced this, with e-commerce sales breaking previous records to reach $4.9 trillion in the past year.
But as businesses and their customers get more comfortable navigating the digital world, fraudsters are also becoming increasingly skilled at finding ways to take advantage of their vulnerabilities. Here are four fraud trends businesses should keep a lookout for in 2022.
1. Fraudsters will continue dialing into mobile
Over 80% of the world’s population now own smartphones, and mobile apps have become an integral part of people’s everyday routines. Anyone can hail a ride, get food delivered, and make transactions using a mobile app. In a bid to secure a larger slice of the mobile app pie, companies are pushing out more services on a single platform. But there’s a trade-off: the more services an app provides, the wider the attack surface, and the harder it is to secure.
Given the low barriers to entry, anyone can defraud a mobile app. In 2020, fraudsters made headlines for using a single emulator to spoof over 8,000 devices, which gave them the ability to compromise user accounts and steal money at record speed. With malicious tools such as emulators and app cloners now easily available, we expect mobile app fraud attacks to rise in prominence beyond 2022. If mobile apps don’t dial up their anti-fraud efforts, they risk being defrauded across every service they offer.
2. Cross-border fraud is heating up as global travel recovers
As the travel market recovers, digital businesses should stay vigilant for signs of fraudulent activities on their platforms. Two years of travel restrictions have caused users to become less attentive when it comes to monitoring their travel accounts. This has made it easier for fraudsters to break into dormant accounts to drain loyalty points and stored value without users even realizing. Fraudsters are also taking advantage of the loosening border restrictions to defraud travel-starved users. They create fake accounts, apps, and websites to trick users into purchasing travel packages that don’t exist. Digital businesses have the responsibility to secure their platforms and protect their users from falling victim to fraud and abuse, or risk losing them to competitors.
3. Account takeover (ATO) fraud will continue to conquer
Battling ATOs is a never-ending whack-a-mole game. Years of massive data breaches have made it cheap and easy for fraudsters to acquire user credentials online. 2021 was a record breaking year for data leaks, with the total number of events exceeding that of 2020 by 17%. More ammo for fraudsters means we can expect the number of ATO attempts to surge in coming months.
The tactics used to take over accounts have also evolved rapidly. Fake photos, videos, and audio are becoming increasingly believable as deepfake technology advances, leading to more effective social engineering scams. Fraudsters are also using artificial intelligence and machine learning to engineer attacks. For example, bots powered with machine learning aren’t just used to automate clicks and auto-fill credentials, but to mimic real user login behavior and successfully perform thousands of login attempts in seconds.
More often than not, digital businesses only focus fraud prevention efforts on securing one checkpoint. But doing so leaves their platforms vulnerable to attacks that can happen at other points of the user journey. For protection against increasingly sophisticated fraud in 2022 and beyond, they should invest in fraud prevention solutions that are able to accurately profile risk and secure every user checkpoint.
4. Know Your User (KYU) takes the lead over KYC
From neobanks to Buy-Now-Pay-Later services, fintech products are all the rage amongst businesses and consumers. One thing they all have in common isKnow Your Customer (KYC) checks. KYC is the process of validating a customer’s identity and an essential component in the fight against identity fraud, financial crime, and money laundering.
There’s no doubt that KYC has been the main focus of financial platforms, but expect Know Your User (KYU) protocols to take the lead going forward. Coming in at a time where organizations are shifting towards a Zero Trust model, KYU requires a more comprehensive approach to identify digital users, new and recurring alike. While KYC usually requires proof of identity, residence, and national identity verification checks to onboard customers, KYU draws information from additional data sources such as the device, behavioral biometrics, account activity, and thousands of other parameters to provide multidimensional insights into personas behind the screen. This equips organizations with the ability to decipher user intentions and motivations across and throughout the entire user-lifecycle, which is a crucial capability to have when keeping up with fast-growing financial crime.
What these 2022 fraud trends mean for businesses
Heading into 2022, the digital landscape is ripe with new opportunities for both businesses and cyber criminals. Businesses that focus only on securing payments or account logins are missing the larger fraud prevention picture. As channels like mobile apps continue to expand and gain traction amongst users, fraud beyond those checkpoints can be just as damaging to revenue and reputation.
Never bring a knife to a gunfight. If fraudsters are already using increasingly sophisticated tools powered by AI and machine learning, then only using rule-based fraud prevention models will no longer cut it. It’s crucial that businesses recognize the need to embrace solutions that are accurate, nimble, and can secure their platforms from end to end.