Fraud fears rise as Faster Payments takes off

More than £2bn has already been sent through the Faster Payments clearing system since its introduction at the...

More than £2bn has already been sent through theFaster Payments clearing system since its introduction at the end of May.

By 27 June, exactly one month after the launch of Faster Payments, banks had completed over four million banking transactions, worth a total of £2.26bn

Faster Payments allows banks to clear payments in hours rather than the three days needed for Bacs payments.

But the system has also attracted the attention of fraudsters who see an opportunity to steal and get away with money before they are detected. The banks have recognised the need to upgrade their anti-fraud systems in response.

"Security technology has always been a high priority," said a Barclays spokesperson. "For the Faster Payments project it is a particularly relevant concern because the high volumes of payments and the speed at which the funds are transferred could potentially allow fraudsters to take advantage of this system and transfer [money] away quickly."

Banks need to be able to identify attempted frauds at the point the transaction is made if they are to prevent losses.

Whereas banks have time to block the fraudulent URLs used in phishing attacks before any money is stolen, Faster Payments is so fast that the money will disappear unless the IP addresses being used for illegal transactions is rapidly identified and blocked.

Look to Oz

The experience of Australian banks, which have always had same-day clearing for electronic payments, offers a lesson for future developments.

In 2006 National Australia Bank suspended its real-time payment services for 24 hours after its systems were targeted by online fraudsters.

"All payment types were targeted but the payment types that allowed instant clearing were focused on heavily to allow the withdrawal of funds within minutes of internet banking transfer," said Brett Small, head of consumer banking fraud at National Australia.

Australian banks have since linked their anti-fraud systems together to share information about the IP addresses from which criminals made fraudulent transactions.

National Australia automatically records the IP address of the attempted fraud and immediately updates the central system. The system, which links to the other Australian banks, automatically blocks future fraud attempts from the same IP addresses.

The system used by National Australia was developed jointly by payments software maker ACI Worldwide and IP address data collector Eunexus.

Fraud killer

Small said the combination of real-time monitoring and data sharing reduced the banks' losses to 1% of what they had been 12 months earlier.

Until October, when Apacs releases its latest fraud figures, it will not be possible to know what impact Faster Payments has had on fraud levels. But enabling phone, internet and standing order payments to be cleared in a few hours, at the touch of a button, inevitably attracts the attention of criminals.

Banks understand the price of failure to secure electronic payments and are willing to invest time and money in preventing Faster Payments falling prey to fraud.

"Consumer confidence in electronic payments is critical to its ongoing popularity and success," said an HSBC spokesman. "That trust has been hard won, and the industry was not going to risk it."

Banks harness SOA for Faster Payments >>

Read more on IT risk management