Maya is the #1 digital bank app in the Philippines, with over 2.6 million bank customers as of December 2023. It is the first in the Philippines to combine a feature-rich e-wallet, advanced banking features, and hassle-free investments into one consumer app. Maya was named Best Digital Bank for the Philippines and Southeast Asia at the World Digital Bank Awards 2023.
Key Takeaways
- Prevented account takeovers from accessibility permission exploits (via screen sharing and autoclickers)
- Prevented promo abuse for platform and merchant partners
- Established Maya as a trailblazer for trust
Empowering Users Through Innovation and Trust
Maya’s mission is to empower users to take control of their finances easily by simplifying financial services. It is the first all-in-one digital banking app in the Philippines, combining a feature-rich e-wallet, advanced banking, and hassle-free investment into one seamless experience.
Maya offers the convenience and ease of an e-wallet combined with the security of a bank. Its e-wallet is positioned as the entry point for consumers to unlock advanced services, with everyday transactions becoming opportunities for users to earn higher interest rates on savings and access to a variety of credit products. The service has redefined money management through seamless bill payments and fund transfers, while also enabling businesses to offer versatile payment options to their customers.
At the same time, Maya’s security and privacy framework ensured that every part of the Maya ecosystem - perimeter, network, endpoint, application, and data - was protected around the clock. The framework is also rooted in a strong culture of privacy and security, resilient cybersecurity controls, and close collaboration with government agencies.
To unlock the full potential of cashless payments for all, Maya knew it had to overcome any obstacles to widespread adoption among consumers and businesses. E-wallets around the world regularly experienced promo abuse and account takeover attacks. On top of its security infrastructure, Maya utilized the latest AI technology from SHIELD to address fraud and build trust in its ecosystem.
The Rising Threats Against E-wallet Platforms
E-wallet platforms themselves are frequently the target of fraud attacks such as promo abuse. Fraudsters employ tools, including app cloners and emulators to create thousands of fake accounts. These accounts are then used to exploit platform incentives, including sign-up bonuses, referrals, and limited time-time offers. As a result, marketing budgets are wasted on fraudsters instead of rewarding genuine consumers and attracting new users.
Another fraud tactic is user-merchant collusion, where fraudsters collude with dishonest merchants to exploit cashback or reward points awarded by the platform. ‘Purchases’ are made by fraudsters, who are later reimbursed by those merchants. Throughout the process, no goods change hands, making the transaction fraudulent. Marketing budgets designated to encourage usage and adoption are instead drained by fraudsters.
Many consumers have also been recruited into becoming money mules for money laundering, where criminals ask users to transfer money from their account to another. Fraudsters have even convinced users to sign up for new accounts for such purposes.
Fraudsters Conduct Increasingly Sophisticated Account Takeover (ATO) Attacks
Fraudsters are constantly trying to gain access to users’ accounts and the funds stored within. Their tactics include abusing accessibility permissions, as well as the use of malware and malicious tools.
The exploitation of accessibility permissions has become a major part of ATO attacks. Fraudsters can manipulate users into downloading malicious apps and subsequently granting accessibility permissions to those apps. For example, fraudsters could then activate screen sharing and autoclickers without the victim’s knowledge. These make it easier for fraudsters to manipulate consumers, extract their money, and take over their accounts.
Another fraud technique enabled by malicious software is the creation of overlay screens when official banking apps are opened. These overlay screens are designed to look like they are part of the banking app while being part of a different app. This leads the user to enter their account credentials into the overlay interface rather than the actual banking apps, thus giving fraudsters account access.
Fraudsters also use social engineering tactics, such as job, romance, impersonation, or investment scams. The goal of such schemes is to trick consumers into giving fraudsters their account credentials directly or into making security mistakes like downloading malware.
Establishing Maya as a Trailblazer for Trust
Maya turned to SHIELD’s cutting-edge AI technology to prevent fraud threats on its ecosystem. Thousands of device, network, and behavioral data points are analyzed by SHIELD’s proprietary machine learning models and cutting-edge AI engine in real time to create a comprehensive picture of risk.
SHIELD’s actionable risk intelligence prevents the use of malware and tools commonly associated with fraud such as autoclickers, thus addressing the issue of fraudsters exploiting accessibility permissions to conduct account takeovers. Maya also tapped SHIELD’s device identification technology to help eliminate fake accounts and prevent account takeovers.
Armed with these insights, Maya can stop fraudulent transactions without declining legitimate payments and money transfers. This ensures a seamless user experience while providing users complete peace of mind with comprehensive protection from fraudsters.
“To help consumers and merchants embrace the benefits of cashless payments, we need to give them absolute confidence that their hard-earned money is in safe hands. Maya’s partnership with SHIELD gives our users the assurance that they are protected by world-class fraud prevention technology,” said Mitch Padua, Group Chief Product Officer, Maya.