Digitizing payments has increased ease of use and transaction volumes, but both check and ACH fraud are still commonplace. In this month’s “Digital Fraud Tracker,” PYMNTS talked with Seth Ruden, senior director of fraud operations for First Tech Federal Credit Union, about crafting a holistic approach that balances ironclad security with seamless payments and banking interactions.
Financial institutions (FIs) are no strangers to fraud: bad actors have been trying to pass off forged checks and money orders for decades.
The shift to digital banking and automated clearing house (ACH) payments in recent years has resulted in an uptick in fraud rates, however, as bad actors no longer have to be present to scam FIs and their customers out of data and funds.
“As we move forward with our digital banking shift, we want to ensure that people recognize that digital banking has created a significant uptick in the amount of fraud risk,” said Seth Ruden, senior director of fraud operations for First Tech Federal Credit Union. “Deploying these technologies like multifactor authentication, as well as getting greater visibility to all channels and cross-channel activity, is where we’re going to be able to deliver on the promise of significantly elevated and enhanced protection.”
Ruden spoke with PYMNTS in a recent interview about how bad actors use both checks and ACH payments in their attempts to defraud, and how First Tech leverages innovative technologies to keep itself and its members safe.
Common Fraud Tactics
Both digital and paper-based payments are vulnerable to fraud, but they are not targeted equally. Ruden explained that digital services are more vulnerable due to the volume of these transactions, especially as an increased number of consumers shifted to online banking amid the pandemic.
“Digital services are where most people perform most of their transactions, and those digital channels are the ones [that] tend to be receiving the bulk of the attacks,” he said. “Certainly, we have plenty of check deposits where fraudsters have made attempts, but we anticipate that as we become more digitally focused as a society, [digital channels are] where a lot of the risk has to be concentrated.”
Fraudsters deploy many different tactics against both targets, but some are more common than others. Account takeovers are the number one threat, according to Ruden.
“We certainly have seen very large increases in account takeovers in recent years, and it is not inconsistent with the compromises that occur across the entire internet ecosystem,” he said. “You share a password between different sites — and that’s a huge problem with passwords. We need to be far more diligent as organizations to ensure that we shore up those risks, as individuals are compromised every day.”
First Tech deploys a variety of tactics to this end, ensuring that customers are not entirely reliant on their password diligence to keep themselves safe.
A Holistic Approach to Fraud Prevention
Defending against fraud, both digital and paper-based, requires examining all areas of the customer journey, Ruden said. A single-layer cybersecurity system can be easily bypassed by a clever fraudster, so FIs must cover all avenues of approach.
“We use solutions that look at payments and journeys and [are] not just focused on the individual transaction,” he said. “We look at the full life cycle of an individual’s engagement with their financial institution by ensuring that our members have strong security hygiene, that they’re using the right kind of passwords, that they’ve got multi-factor authentication options that suit their lifestyles, and that we have the right kind of fraud [prevention] tools that provide the right kind of alerts that the member can engage with specifically.”
It is a constant challenge to balance ironclad security with the seamless banking interactions that customers crave, however. Threading this needle requires precise security controls that only interact with transactions when absolutely necessary, said Ruden.
“It’s important for us to be sure that we are creating the right amount of friction, specific to high-risk events and presenting the members with a positive experience that is measured to their risk appetite,” he said. “We look to ensure that we can identify [fraud] with precision tools and measurements that allow us to be very precise in how we apply controls and ensure that the members continue to realize an experience that is as seamless and friction-free as possible.”
Though fraud may never go away completely, constant vigilance is key to keeping losses to a minimum. Ensuring that customers are not adversely affected is crucial, or else their abandonment can cause far more damage than the fraud itself.