Skip to content
All Blogs

Authorized Push Payment (APP) scams reimbursement

authorized-push-payment-scams-reimbursement

Around the globe, scams continue to increase with an alarming success rate. Authorized Push Payment scams (APP), where a fraudster tricks victims into sending money into a fraudster’s account, have generated losses of more than £355m in the UK alone in just the first six months of this year. However some banks are of the opinion that the six month losses of £355m may triple by the end of the year. Traditional fraud prevention methods and generic customer awareness and education programs to combat scams are clearly insufficient.

The inability of conventional fraud prevention systems to find and react in real-time to a true scam threat frustrates both the banks and their customers, who expect the banks to be one step ahead of the fraudsters.

In May 2019 the Contingent Reimbursement Model (CRM) Code was introduced to try and get institutions to reimburse customers who fell victim to APP Scams and in 2020 the UK’s six largest banks implemented Confirmation of Payee (CoP). These two services helped in preventing some types of APP scams, however the scale of current APP scam losses and the fact that scams are continuing to increase exponentially, indicates that despite the CRM code and the CoP services, further work is needed to make it harder to commit scams and ensure that customers are protected when using the UK’s payment systems. There has been much noise around making reimbursement from the bank's mandatory but recent news points to this becoming a reality in early 2022.

The Payment Services Regulator (PSR) has published several papers on this topic, which aims to do two major things:

  1. Support and require industry to improve intelligence sharing, to improve detection and prevention of APP scams.
  2. Make reimbursement for scam victims mandatory.

With mandatory reimbursement on the horizon shortly, the banks must now put better scam detection technology in place to prevent APP scams. They must also demonstrate this capability to PSR and limit the amount of successful APP Scam attempts effectively and rapidly.

Most scams leverage a form of time pressure, which coerces victims to act on the spur of the moment, because they have been led to believe that either their savings are at risk, or they need to act quickly to exploit a once-in-a-lifetime opportunity.

This gives the victim little time to reconsider and provides the banks with nothing more than the victim’s in-the-moment actions to help them detect the crime. Unlike almost all other forms of financial crime, scams do not involve a third party interacting with the bank’s systems or websites. It‘s actually the legitimate customer who undertakes actions such as money transfers and payments, so there is no direct interaction between the fraudster and the bank – as a result, the traditional fraud prevention systems used by banks today to identify fraudulent accounts, networks and IP addresses etc., cannot help them to detect scams.

PSR consultation paper agrees that all of us, including the card schemes, social media platforms, telecoms companies, internet related services, sending and receiving banks, the customer, fintech companies and so on, must do more to prevent scams. We therefore need to work together to create awareness of new and emerging scam types, educate our customers, share intelligence and relevant data in real-time to ensure that we do have a 360-degree view of a payment, the payee and the customer.

How Celebrus' First-Party Fraud Solution Will Help in Prevention of APP Scams

Some banks suggest that one of the most effective ways to detect scams is by using traditional fraud prevention systems and layering on top some advanced analytic capability for example, threat scores, device and location data, etc. and that this would provide enough indicators for the investigation teams to work to better spot patterns of behavior that lead to scams. It is somewhat correct that this will help to achieve a better understanding of the data and the customers whereabouts, however, unless the bank has a truly real time, biometric profiling capability to detect a simple swipe of a phone, typing pressure, mouse movements, device angles, whether someone is on a call and possibly being coerced at the same time as using the app and so on, investigation will be limited in their ability to detect scams and stop them in their tracks.

A true first party digital identity fraud solution like Celebrus enables banks to catch the fraudster before the fraud. It does this by leveraging the rich behavioral data captured by our mature platform. When a customer is drawn into a scam they behave differently, and this real-time data provides a unique opportunity for the banks to detect and prevent APP scams. Our complete real-time biometric profiling, instantly profiles all customer interactions and identities, by capturing and stitching all historic interaction and behaviors on banks website, mobile App and IOT devices.

Our anomalous activity detection capability automatically monitors and detects behaviors that are commonly exhibited by scam victims. The embedded AI and advanced scorecards based on pre-configured analyst friendly technology automate the detection of scam from the anomalous customer interactions and behaviors. Those anomalies are required and used to shut down sessions before the customers makes a transfers to the fraudster controlled account and lose money.

The recently launched, Sense and Trace capability provides identity search to trace compromised identities and allows the bank to set trip wires, that sets an alarm on known or sleeper mule accounts.

Celebrus' real-time behavioral analytics also provides banks with the tools they need to stay one step ahead of scammers. And there’s no need to replace existing Fraud Management, Identity Proofing and Authentication systems, Celebrus simply augments these applications to deliver greatly enhanced benefits. Celebrus activates existing Fraud Management Systems through direct integration. Celebrus does not take a black box approach and all data is available to the data science community in the bank through a comprehensive data model and therefore any detection and intervention is fully explainable. Celebrus can also be deployed in the banks infrastructure, thereby retaining control of all data, whether PII or not and bringing with it the benefits associated with being a true first party data capture system.

Celebrus will automatically discount non-fraudulent events & further reduce false positives and enables banks to have a 360 view of customer via an enriched, data driven, customer profile, which contains browsing history, contextualized behavior patterns, environmental information and more.

Celebrus enable banks to achieve excellence in customer experience by providing seamless protection from scams, while delivering frictionless, invisible and continuous authentication.

With Celebrus, banks are ensured that their customers are sufficiently protected when using the UK’s payment systems and that they can catch the fraudsters in the act, before the scam is committed.

Find out more: Sense and Trace

Celebrus: A True First-Party Digital Identity Fraud Solution

Subscribe to our blog for regular updates!