The Clearsale Blog

How open banking opens the door for fraud

How open banking opens the door for fraud

Open banking has long been championed by some in the finance industry as a windfall for consumers, but there's another party quietly cheering it on from the shadows: fraudsters.

As a result of the “seismic shift” open banking promises, consumers and third parties will now have greater access to personal banking data — and they won’t be the only ones. Cyber criminals, already making big bucks in Australia, may soon find themselves on the doorstep of a data treasure trove. 

A tantalising prospect 

In all honesty, the launch of the open banking pilot project’s so-called seismic shift would have barely registered on the Richter scale. Within days, the federal government was left scrambling to address the inevitable data privacy risks, which have delayed the legislation’s passing. 

This is deeply concerning. Australia is, unfortunately already a prime target for scamsters. More than half a million was siphoned off local consumers by fraudsters throughout 2017. Meanwhile, a more recent study by KMPG revealed that there were 177,000 scam reports in Australia last year, costing Australians half a billion dollars, compared with 85,000 scam reports in the US and Britain combined.

What’s more alarming, according to KMPG, is the exponential increase in the volume of scams in Australia, compared with the rest of the world. Although spurred mainly by Australia’s increasing appetite for the convenience offered by digital payments and online shopping, this should set alarm bells ringing at a time when Australia is preparing to open the floodgates on data sharing.

So how exactly does open banking work? Essentially, banking product data can be shared by way of an application programming interface (API), the method by which apps and websites communicate with one another. In theory, the move will empower consumers to switch providers more easily. Over time, it is expected to encompass all sectors, from telecommunications, internet, and energy.

But as more data flies through the digital ecosystem, inevitably there is a heightened scope for breaches, frauds and scams. With millions of customers’ priceless data going through APIs, cyber criminals are looking at a tantalising new attack surface. The recent attack on Australian property valuer LandMark White, which occurred via an exposed API, demonstrated the need for cyber security vigilance in this relatively up-and-coming area of computing. 

Unauthorised access to that data has the potential to cause unmitigated harm to Australian consumers and businesses, either via large-scale fraud and use in a crippling ransomware attack. These are risks of which all parties need to be aware and prepared.


Pure scale

Granted, the federal government has taken steps to address the threats it faces, both in terms of fraud and cyber protection. The notifiable data breach scheme now forces organisations to notify individuals and the Office of the Australian Information Commissioner (OAIC) in the event of a significant data cyber breach. A consultation is meanwhile underway to help resolve the epidemic of online transaction fraud. 

But fraud protection in the digital transaction landscape was never going to be an easy task. As payment services are increasingly digitised, it is more natural and more common than ever to use financial service platforms without interacting with another human being. And, as more services become digitalised and fraud becomes more sophisticated, regulation can only go so far, and solutions have to evolve to keep pace. A business needs to be able to go beyond the obvious; spot and flag separate data points, which together may point to fraudulent behaviour. 

Machine learning alone could mark fraudulent transactions as safe if they seem to come from existing or previous customers who may have had their data stolen. That’s why human intuition is also required. But as the number of online payments grows exponentially, machine learning must be brought in to deal with the pure scale of transactions within a modern business.

Nevertheless, while these risks should remain top-of-mind for business leaders, that is not to say they should close the door shut entirely on open banking. When finally rolled out in full on 1 February 2020, it will present a wealth of opportunity and benefits across customer services, visibility, competition and frictionless transacting. 

It has been a long-time coming for Australia. Already overseas markets are well ahead in terms of adoption, through legislation in the UK and organic growth in the US. PSD2 meanwhile opened the floodgates across the European Union. Australia and the business community are in a prime position to learn from overseas examples, lay the foundations correctly now and ultimately embrace a healthy new ecosystem without fear of attack.

 

Original article at: https://www.fintechbusiness.com/blogs/1472-cybercriminals-to-embrace-open-banking

You may also like

The Data Balance: How to Deliver Privacy and Personalization

The Data Balance: How to Deliver Privacy and Personalization

As we rely more on digital commerce in our daily lives, customers are raising their expectations for both customer experience (CX) and data privacy. For example, 62% of customers prefer..

FeaturedCustomers Names ClearSale as Top Performer in Summer 2021 Report

FeaturedCustomers Names ClearSale as Top Performer in Summer 2021 Report

Innovative global fraud protection organization awarded as industry Top Performer in the Customer Success Report

Ecommerce Platform Profile: VTEX

Ecommerce Platform Profile: VTEX

When it comes to ecommerce platforms, VTEX is an enterprise merchant favorite. Robust and multi-functional, VTEX is the platform of choice for powerhouse brands like WalMart, Coca Cola, and Sony...

How Enterprise Ecommerce Merchants Lose Revenue Fighting Fraud

How Enterprise Ecommerce Merchants Lose Revenue Fighting Fraud

When we first talk to enterprise ecommerce merchants about fraud protection, we’re often told they have their fraud under control.

And they do – but at what cost?

The reality is, many enterprise..

Turning The Clock Back on Fraud

Turning The Clock Back on Fraud

How will companies be able to get fraud to return to pre-pandemic levels as we ease back into something more resembling normal? Rafael Lourenco, EVP at ClearSale, give his take

How Your Ecommerce Site Search Impacts CX, UX and Fraud Prevention

How Your Ecommerce Site Search Impacts CX, UX and Fraud Prevention

The humble search bar.

It’s hard to believe that that one field on your website could make such an impact, but your ecommerce site search (and filter) holds a lot of power.

First and foremost,..

New Fraud Prevention Issues for Retailers

New Fraud Prevention Issues for Retailers

Over the past year, merchants have experienced an increase in fraud volume as fraudsters employ new tactics to take advantage of businesses and consumers alike. At the same time, payments..

How the pandemic transformed the payments experience

How the pandemic transformed the payments experience

The pandemic remade the way we shop both online and in person. In the shops in 2020, consumers preferred to buy in touchless ways, and merchants had to get creative at times to keep up. Now, many..

Germany: Ecommerce Fraud Risk

Germany: Ecommerce Fraud Risk

Ecommerce in Germany is maturing quickly—and catching up to some of the other more developed ecommerce markets in Europe. This is partly driven by the fact that Germans, in general, are early..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog