MALAYSIA is expecting digital banking to grow significantly in the next few years. With a digitally savvy population and banking penetration of 92%, there is huge potential for digital banking adoption.
Research shows that the country is well on its way to boosting digital banking participation and digital financial transactions as part of the government’s plans to transform the financial sector and improve financial inclusion in the country. 62% of Malaysian consumers are using fintech or e-wallet services, a significant jump from just 15% in 2017, and the number of consumers having a digital bank account is expected to double by 2026, reaching almost 40% of the country’s population.
While the convenience afforded by digital banking has seen its popularity grow significantly during the pandemic, but this has also made it a honeypot for fraud. Scammers are attracted to the increase in money flows, growth in some inexperienced users and finding new ways to con consumers online where money is transacted. In fact, fraud-related cases have cost Malaysians a total of RM1.61 billion, with over 51,000 reported online fraud cases during the pandemic.
Top fraud threats in Malaysia
According to the country’s Commercial Crime Investigation Department, the top fraud threats reported this year include impersonation scams, e-commerce crime, and phishing – which could lead to account takeovers and unauthorised transactions. As customers in Malaysia embrace new digital payment systems and simpler ways to send money in real-time, they are faced with other fast-growing fraud threats.
In some cases, authentication checks may have limited efficacy when fraudsters manipulate consumers or individuals at a business to transfer money to a bank account controlled by the fraudster, also known as Authorized Push Payment (APP) fraud. The complexity of such scams is that victims are deceived into authorising these payments themselves, which makes it particularly difficult to detect and prevent.
What’s concerning is that not all customers may be aware of the risks involved in new banking services like real-time payments. As money is transferred near instantly, to a peer or to a merchant, it means that victims don’t have a window of time where they can try to reverse a payment once they realise they have been conned. Fraudsters also swiftly launder it through multiple accounts, making it difficult to trace.
As the volume and value of digital transactions in Malaysia are expected to continue increasing, it demonstrates the emerging threats that scams pose and the need for banks to up their banking security game and adopt real-time fraud prevention.
How to tackle existing and emerging scams
While it’s important to provide customers with the convenience of instant transfers, banks need to engender trust in these systems. To protect real-time payments requires analytics that look for changes in customer behavior such as using accounts or devices outside of their usual habits, as well as the usual anomalies such as the time of day or frequency of a transfer. The use of targeted profiling of customer behavior to spot
scams yields some impressive results with 50% more scam transactions detected.
Beyond these analytics, communication with customers at the right time is also essential. We know scammers rely on creating a sense of urgency so the ability to dynamically add a “break” into the transaction gives the customer thinking time and a way to back out of making the payment.
Consumer education is another important tool that banks can leverage to make customers more aware of this type of fraud. By regularly communicating with customers, banks can provide useful advice on fraud prevention and practical checks individuals can follow to protect themselves. It is also crucial that banks encourage customers to keep their contact information updated so that they receive timely fraud alerts.
While scams that trick customers into sending money are currently an area for concern, other types of fraud where criminals use people’s card details or takeover their accounts also have a significant impact.
The many and varied ways financial scams are executed, means that multi-layered security safeguards are necessary to protect customers, businesses, and banks. For example, sophisticated digital identity and authentication solutions create a stronger level of security across products and channels. In Malaysia, text message (63%) remains customers’ top choice to verify payments because of convenience. But this first-generation verification method can be easily compromised with scams such as “sim swap” where a fraudster gains access to your SMS one-time passwords by tricking your phone company into activating a SIM that they control.
As customers transition to other channels like third-party messaging and banking apps for payment verification, banks need to consider multiple factors of authentication for a layered approach to security. This includes using the tools available to them such as biometric authentication which consumers are increasingly familiar with, like fingerprint and facial recognition.
Another key recommendation is to reduce information silos. Effective fraud prevention depends on having a single view of the customer, their transactions, and behaviors. For banks that have different solutions for transaction monitoring and fraud, it is important to remove these silos and overlapping functionality and work collaboratively. Integrated solutions can move more quickly to spot suspicious transactions across different lines of business, accounts, channels and devices.
Using AI and machine learning to stop fraud
With the sophistication of scams evolving rapidly, banks need to strategically innovate with cutting-edge scam detection analytics to effectively combat fraud. Artificial intelligence (AI) and machine learning-driven analytic technologies include sophisticated behavioral biometrics capabilities and scam detection scores that can help spot and prevent fraud. By analysing customer and contextual data from a range of sources and behavioral biometrics, these technologies can significantly improve detection accuracy, identify types of fraud taking place and inform decision-making in real-time to stop fraud quickly.
It is becoming increasingly clear that siloed, on-premise, single-focus solutions are a significant loop hole exploited by criminals. They test everything from how authentication checks are made across products and channels to what types of activities and dollar amounts trigger verification checks.
An integrated, enterprise-wide fraud platform enables banks to design and adapt rules dynamically to emerging fraud types and execute machine learning models based on targeted profiling of customer behavior to determine what’s a scam and what’s normal banking activity.
Ultimately, this is a win-win situation as Malaysian banks can improve operational efficiency, reduce losses due to fraud, and achieve higher levels of customer satisfaction.
This article is contributed by Fico lead for fraud, security and financial crime in Asia Pacific CK Leo.
