Fraud Exposed: How Fraudsters Target Digital & Neobanks

In recent years almost every established bank has shifted to an online-first model. Thanks also to the recent explosion of neobanks, the days of visiting a bank in person seem like an old memory. But this shift has unfortunately opened many doors for online fraudsters. With highly valuable information stored on these platforms, protecting digital and neobanks from fraud is extremely important.  

The industry is seeing a drastic lift in the adoption of digital-only banking solutions. In fact, over 2.5 billion people are expected to be using online banking services by 2024. But digital banks are significantly more vulnerable to fraudulent attacks than physical banks. Banks want to give customers a frictionless experience, which often comes at the cost of security. And if an online bank implements an overbearing fraud detection and prevention solution, it may compromise the seamless user experience they intend to offer. 

Trends in Digital Banking 

Often said to be the future of fintech, open banking leverages big data to give consumers access to a plethora of services from different providers personalized specifically to them. Unfortunately it also poses new opportunities for fraudsters to adapt their methods and conduct malicious activities. Specifically, account takeover (ATO) fraud and payment fraud are set to rise as a result of open banking. 

The use of Buy Now Pay Later (BNPL) as a payment method is also an emerging trend in the fintech space. BNPL is a payment method that lets customers spread the payment of their item into smaller installments. BNPL companies cover the entire transaction and are paid back in multiple payments by the consumer over time. But this process presents many avenues for fraudsters to exploit. 

Suppose a fraudster creates a synthetic identity and pays for an item using BNPL. The BNPL company covers the whole cost initially and the fraudster pays them the first installment using stolen credit card details. The original cardholder notices the fraudulent payment and initiates a chargeback, causing losses to the BNPL company. The merchant also ends up losing inventory. In this situation no one wins, with the BNPL firm and merchant suffering financially and trust is lost on all fronts, including with the credit card owner.

Common Types of Fraud on Digital Banking Apps

1. Account takeover (ATO) fraud 

ATOs occur when a fraudster gains unauthorised access to a user’s account using stolen credentials. These are often obtained through social engineering scams or the dark web. Once in the account, fraudsters get direct access to the funds within. They can also change the login credentials to lock genuine users out, or resell the account credentials on the dark web. 

2. Fraudulent fund transfers 

Fraudsters often use malicious tools to cover their tracks when dealing with money obtained illegitimately. For example, a fraudster will use an emulator and an app cloner to top up an account or make a bank transfer to launder money. This is so they can spoof their devices to mimic real users.  

3. Loan application fraud

This happens when a fraudster uses a stolen identity to apply for a loan. Fraudsters can use stolen details such as social security numbers to pass credit checks and apply for loans with digital and neobanks. 

How SHIELD Can Help Protect Digital Banks

SHIELD’s technology helps digital banks and neobanks build customer trust and fight fraud. Driven by the latest AI technology, SHIELD uses device fingerprinting combined with its global network of over 7 billion users and 700 million devices to detect new and unknown fraud threats in real time. 

SHIELD helped SwiF, Malaysia’s fastest-growing fintech solution, stop all types of payment fraud and money laundering activity on their platform. And they were able to do this without declining legitimate payments and harming the experience of genuine users. This was achieved using the SHIELD ID, a unique device identifier that labels every single device on the platform with extreme persistence. The SHIELD ID ensured that any devices used to access or create multiple accounts were flagged in real time. On top of this, SwiF was able to use the SHIELD Risk Indicators to identify exactly which malicious tools were being used by fraudsters to conduct fraud. 

A major concern for SwiF was to make sure their platform wasn’t being used to launder money. To tackle money laundering, businesses need to be able to detect risk throughout the entire user journey - not just at the point of payment. SHIELD Sentinel, a feature completely unique to SHIELD, does just this. By continuously profiling for risk during the entire user session, SwiF was able to stop fraudsters before they had the chance to conduct malicious activity. 

By partnering with SHIELD, SwiF was able to secure their platform from payment fraud and money laundering. 

Learn how SHIELD can help protect your mobile app from fraud and abuse today.