Authorized Push Payment Fraud: A Complete Guide for 2024

In the dynamic world of digital transactions, a rising trend that is causing significant concern is Authorized Push Payment fraud. This type of scam, which manipulates victims into transferring money to a fraudulent account, is becoming increasingly prevalent.

As businesses increasingly leverage peer-to-peer payment systems and fast bank transfers, the risk of falling victim to APP fraud escalates. In this article, we delve into APP fraud, its various manifestations, and how businesses can mitigate these risks.

Authorized Push Payment Fraud

Here are some important information concerning Authorised Push Payments Fraud:

  • APP fraud is a social engineering assault in which fraudsters persuade victims to manually transfer funds to phony accounts.
  • Victims believe they are making legal payments for justifiable reasons. It’s a growing fraud that causes significant financial losses for organizations and people.
  • In the United Kingdom, financial losses due to APP fraud grew by 71% in the first half of 2021.
  • In 2022, the UK alone lost approximately £500 million due to authorized push payment scams.
  • It is responsible for 40% of overall fraud losses in the UK.
  • Globally, APP fraud is regarded as the most serious fraud concern.
  • It accounted for 75% of total worldwide digital banking fraud in the first half of 2022.
  • APP fraud uses fast payment systems like the UK’s Faster Payments, which enable single, non-reversible transactions of up to £1 million.
  • Common techniques include impersonating banks, corporations, or romantic partners to get funds.
  • Phishing, email spoofing, and phony phone calls pretending to be from banks or companies are common strategies used by fraudsters.
  • It is especially difficult to identify individuals guilty since victims make the transfers themselves.
  • Beginning in 2024, the UK’s Payment Systems Regulator (PSR) will impose new standards for APP fraud compensation, dividing responsibility 50:50 between sender and receiving institutions.
  • Preventive measures include client education, transaction monitoring, risk reduction, and the use of modern technologies like artificial intelligence and machine learning.

What are Authorized Push Payments (APP)?

Authorized push payments are transactions wherein the account holder instructs their bank or payment provider to send money directly from their account to another. This process is usually initiated via online banking, phone banking, or peer-to-peer payment platforms.

To better comprehend APPs, it’s beneficial to contrast them with pull payments. Unlike push payments, pull payments are initiated by the payee, who requests money from the payer’s account under a pre-authorized agreement.

The critical difference lies in control over the transaction. In a push payment, control rests with the payer, while in pull payments, the payee dictates when to pull funds from the payer’s account. This variance in control significantly influences the fraud risk associated with each payment method.

What is Authorized Push Payment Fraud (APPF)?

Authorized Push Payment Fraud is a form of payment scam where a criminal tricks individuals or businesses into making a push payment to a fraudulent account. The scam typically involves impersonating a trusted entity, such as a bank or a service provider, to manipulate the victim into authorizing a payment under pretenses.

A significant consequence of the push payment process is that once executed, it cannot be easily revoked. The bank, assuming the transaction is legitimate, completes it instantaneously. Once the money reaches the recipient’s account, reversing the transaction is usually impossible, especially if the recipient quickly withdraws or transfers the funds.

KYC Hub Payment solution

Types of Authorized Push Payment Fraud (APPF)

APP fraud can manifest in various ways, each presenting unique challenges for detection and prevention. The common thread across all types is the fraudulent manipulation of the victim into authorizing a payment to an account the scammer controls.

Here are some common types of APP fraud:

1: Purchase Scams

In this scenario, the victim pays in advance for goods or services that do not exist. The scammer disappears once the payment is made, and the promised goods or services are never delivered.

2: Advance Fee Scams

Victims are asked to pay a fee to access a service or prize, which never materializes. Once the payment is made, the promised reward never comes.

3: CEO Fraud

Also known as Business Email Compromise (BEC), this type of fraud involves impersonating a senior executive and persuading an employee to make a payment for business purposes.

4: Investment Scams

Frauds of this kind trick the victim into making an investment that does not exist. The victim transfers money to the scammer’s account, only to discover the investment was fictitious.

5: Romance Scams

The scammer pretends to be in a romantic relationship with the victim. They manipulate the bond to convince the victim to transfer money. Once the money is sent, the romantic partner disappears.

6: Invoice Fraud

The scammer pretends to be a supplier or service provider and sends fake invoices to the business. Alternatively, an invoice fraud scam might intercept a genuine invoice and alter the bank account details, causing the business to unknowingly make a payment to a fraudulent account instead of the actual supplier.

7: Property Purchase Scams

Property scams involve intercepting communications between customers and their conveyancers, realtors, and/or lawyers. The fraudster claims to represent a relevant party to the transaction, convincing the victim to transfer funds to a fraudulent account.

How Does Authorized Push Payment (APP) Fraud Work?

Authorized Push Payment scams, often known as bank transfer fraud, is a financial transaction in which the payer initiates the transfer. This distinguishes it from other transaction methods, such as direct debits or standing orders, in which the receiver (payee) manages the payment process.

In the instance of APP, the payer directs their bank to transfer a certain amount of money from one account to another. This transaction is widely used for various objectives, such as online purchases, paying bills, or giving money to relatives and friends.

The procedure starts with the payer supplying the bank with information on the beneficiary. This often contains critical information like the recipient’s account number and sort code. Armed with these data, the payer’s bank processes the initial payment request and transfers money from the payer’s account to the selected recipient’s.

This technique provides a high degree of ease by enabling people to handle their payments directly without needing third-party intervention. However, the ease of APPs has left them vulnerable to fraudulent activity. Fraudsters take advantage of flaws in this procedure, often duping people into authorizing transfers to criminals’ accounts.

Fraudsters’ techniques develop along with the digital world. As a result, users must be cautious, follow security procedures, and be aware of any hazards related to authorized push payment transactions. Now that you understand what constitutes approved push payment fraud, let us review the various APP techniques.

Methods used in Authorized Push Payment Scams

Push payment fraud is perpetrated using a variety of strategies, including:

  • Social Engineering:

Social engineers utilize psychological manipulation strategies, such as impersonation, to persuade account holders to submit personal information, authorize payments to fraudulent accounts, or even reveal login credentials. Impersonation fraud causes some of the most significant financial losses.

  • Phishing Scams:

Phishing occurs when a fraudster impersonates a trustworthy organization via email or text to trick the victim into clicking a link or downloading malicious software, gaining access to their personal information or accounts.

Account takeover fraud occurs when a criminal gains control of an account belonging to a person or organization to inflict damage or steal money. For example, they may pose as the victim on a stolen social media account and request money from friends.

  • Confidence scams:

These scams operate by winning someone’s confidence to access their account or trick them into giving over money. It may be a love relationship or a commercial opportunity.

  • Property Purchase Scams:

Property acquisition scams entail eavesdropping on consumer conversations with their conveyancers, realtors, and attorneys. When dealing with various new and unfamiliar persons throughout the home-buying process, it becomes simpler for a fraudster to intercept, pretending to represent a relevant party to the transaction.

KYC Hub transaction monitoring

Authorized Push Payment Fraud Examples

There are several methods that fraudsters might use to carry out these schemes, all of which include misrepresentation—or outright impersonation—to deceive the victim. Let’s look at the several forms of authorized push payment scams:

1: Invoice Scam

In invoice fraud, the victim is duped into paying a bogus invoice. Fraudsters use social engineering, impersonation, and fake paperwork to persuade the victim to pay a valid invoice.

‍For people, they often target recurring expenses such as energy, gas, internet, or cable services. For companies, this might include single bills, but it can also involve changing the payee in their systems, resulting in ongoing payments to a fraudster.

2: Romance Scam

In romance fraud, fraudsters create fictitious love connections to commit fraud, taking advantage of their personal connection with their victims to get cash and other assets.

While not always the case, most romantic scams end with a criminal engaging in APP fraud. Although fraudsters may want other items, they often request money through authorized push payments. Almost all romantic scams include fraudsters impersonating other people and using social engineering techniques to acquire the confidence and compassion of their victims. Once they believe they have established enough connections, they solicit real-time payments from the victim.

3: Personal Relationship Scam

In a ploy similar to romance scams, fraudsters imitate the victim’s family member or acquaintance and seek money via push payment.

To pull this off, the fraudster usually needs personal information about their victim to masquerade as a family or friend. This information is often obtained via various types of fraud and crime, such as phishing, hacking, or the black market. As with romance scams, scammers generally use a feeling of urgency to persuade the victim that the cash is critical and must be given immediately.

4: Property Funds Scam

Victims of property fund scams are duped into paying fraudsters for property purchase charges. The finances linked with real estate transactions are undeniably significant, and this fraud has major consequences for victims.

To enter this trade, fraudsters often need information about the home’s sale, which they may do via intercepting communications between the buyer, seller, real estate agent, or even the financial institution. Fraudsters employ fraudulent papers, impersonation, and social engineering to persuade the victim to change the payee on a property acquisition.

5: Account takeover fraud

Account takeover (ATO) fraud occurs when thieves acquire direct access to the victim’s account and use that access to carry out fraudulent activities.

‍In APP fraud, they use their influence over the victim’s account to make authorized push payments without obtaining permission from the account holder. This eliminates the need for the fraudster to use social engineering and persuade the victim to make the payments themselves, which is sometimes one of APP fraud’s most challenging and time-consuming aspects.

6: Contractor Scam

A home remodeling or contracting scam is simply a more intricate version of an invoicing scam in which the victim is deceived into paying the renovation fees to the fraudster rather than the actual contractor.

Fraudsters employ phishing and other investigative approaches to get information about ongoing house improvements. Once they have enough information on a task, they infiltrate the transaction by sending their invoice to the homeowner while acting as the actual contractor. When the victim pays the invoice, the fraudster leaves with the money. The scam isn’t uncovered until the victim gets an actual invoice from the contractor.

Mitigating APP Fraud Risks

Mitigating the risks of APP fraud requires a combination of technological solutions, educational initiatives, and robust operational controls. Here are some key strategies businesses can use:

1: Customer Education

Inform customers about the nature of APP fraud, how to recognize potential scams, and how to protect themselves.

2: Transaction Monitoring

Monitor transaction patterns to identify unusual activity that could indicate fraud.

3: Transaction Delays

Introduce time delays for high-value or unusual transactions to provide a window for additional checks.

4: Confirmation of Payee (CoP)

Implement CoP systems that compare the recipient’s name against account details, ensuring that the right person is paid.

5: Account Takeover Fraud Prevention

Addressing Account Takeover (ATO) fraud is often a precursor to APP fraud. An ATO prevention solution quickly detects and responds to potential account takeovers, preventing bad actors from initiating fraudulent transactions.

How to Detect and Prevent APP Fraud with KYC Hub?

KYC Hub excels in anti-money laundering and fraud-detecting solutions. Here is how businesses can safeguard their organizations with our platform:

  • Advanced fraud detection systems: Security needs to be improved, and advanced techniques like algorithmic systems are required to detect patterns that are malicious or contain a likelihood of fraud attempts. 
  • Robust transaction monitoring: Implement the use of software for the tracking of transactions on a real-time basis that would filter out those activities that are suspicious or very risky.
  • Proactive account takeover prevention: Implement controls of account access to protect users’ accounts from being accessed or controlled by other persons.
  • Comprehensive fraud management: Integrate KYC Hub’s suite to accomplish fraud detection, prevention, and response simultaneously.
  • Thorough customer onboarding: Be cautious during account registration to avoid customers using fake documents.
  • Transaction monitoring: To reflect this, constantly analyze the transactions to determine any signs of fraud or suspicious activities.
  • Event and activity monitoring: Monitor users and their actions and activities to determine whether they are getting into fraud mode. 
  • Periodic identity checks: Occasionally check account holders’ identity to prevent the account from being tampered with over time. 
  • KYC checks for transactions: Develop and implement the KYC measures for customer identification and validating the transactions and the payees. 
  • Automated security measures: Use designed solutions with incorporated fraud-detecting and combating features to justify the automation of security arrangements. 
  • Behavioral pattern monitoring: Scan the user behavior patterns to check irregularities, which might signify some scamming activity.

KYC Hub AML Solutions For The Payments Industry

Conclusion

Authorized push payment fraud is a significant threat in today’s digital payments landscape. However, with customer education, advanced fraud detection systems, robust transaction monitoring software, and proactive account takeover prevention measures, the risk can be significantly reduced.

KYC Hub’s AML solutions can help businesses mitigate fraud risks and tackle money laundering. Providing a comprehensive suite of tools, KYC Hub equips businesses with the necessary capabilities to detect, prevent, and respond to fraudulent activities, ensuring secure transactions and enhanced customer trust.

People are also reading:

Related Blogs

What is Financial Crime?

Explore the various types of financial crimes including money laundering, fraud, insider trading, and...

Read More

The Impact of Financial Crimes...

Understand the profound impact of financial crimes on economies, societies, and individuals, and the...

Read More

Preventing Financial Crimes: Essential Tips...

Explore how technology plays a pivotal role in preventing financial crimes. Delve into the...

Read More