16th November 2020
By Fergal Parkinson – Co-Founder of TMT Analysis.
With smartphone technology improving rapidly in recent years, the decision to go mobile-first as a business is normally followed by the battle of convenience versus security. This is especially significant for a fintech, which has to solve how it can on-board a customer quickly, efficiently and securely.
ThreatMetrix data found that in the last three years, mobile transactions have tripled in share when compared to traditional desktop purchases. Inevitably, the pandemic has sped-up the evolution of mobile business and customer engagement as people use their phones for payments and transactions.
But with that, there are inherent risks associated.
The proof lies in the numbers
Mobile fraud is on the rise globally and given people’s mobile numbers have now become one of the – if not the – most important means of identifying somebody, numbers and associated SIM information have become even higher prized targets for fraudsters.
For example, a scam known as Sim-swap fraud – where a criminal tricks a mobile network into transferring a customer’s phone number to a Sim card in the criminal’s possession – have rocketed by 400% since 2015 according to reports to Action Fraud. Unsurprisingly, this has become even more of an issue during Covid-19.
SIM swap fraudsters typically target a weakness in two-factor (sometimes called two-step) authentication, where the second stage is an SMS or call placed to a mobile telephone. The fraud centres around exploiting a mobile phone operator’s ability to seamlessly port a telephone number to a new SIM.
Criminals pretend to be a subscriber of a mobile operator (either online or in person) to attempt to convince the provider that they, as the customer, need a replacement SIM for their phone. Once in control of the subscriber’s mobile number, they can potentially hijack their SMS flow, calls and the target victim’s online banking information.
Cases have risen dramatically particularly over recent months, with the FBI and Europol’s European Cybercrime Centre just two of the many agencies warning of its risk. Nobody is immune with even Jack Dorsey, co-founder and CEO of Twitter, having had his personal account taken over by hackers in 2019.
What are the solutions?
Fortunately, most larger institutions have units dedicated to tackling fraud but for most fintech’s this is not an option.
It is important to be able to verify who a customer really is without taking away from the user experience. If a company is looking to onboard customers online, there is a tricky decision around how much friction there should be in order to check identity. If ecommerce sites asked for a copy of a passport every time a customer signed up, nobody would. So, doing checks against phone numbers is an easy and low-cost way for businesses to verify customers immediately without slowing down customer interaction.
Our Mobile intelligence is playing an important role in reducing the risk to organisations and their customers overall. APIs connect fintech’s to a mobile database which can spot when a SIM swap has taken place. It can even cross-reference other live telecoms data to verify someone’s identity, alerting a fintech to fraudulent activity and preventing that dangerous account takeover.
Regulation has had an increasing impact on the world of ID verification too. There are important aspects around privacy and GRPR where businesses have to filter through their customer relationship management (CRM) cyclically, to check customers are still active and their credentials are right. There are the onboarding issue as well as the constant cycle of checking. Mobile intelligence can check if the phone number a customer has added is still active, and it triggers when it’s deactivated or ceases being used.
The benefit of being a fintech is the ability to be agile, so being on the front-foot with mobile-first tech will naturally be the best way to increase the numbers of customers on-boarded. But it is just as important to focus mobile risk and fraud mitigation. With the rise of fraud in 2020 growing exponentially, winning that battle of convenience versus security is even more prevalent for today’s fintech world.
For more information on how our real time telco data and number intelligence might help you drop us s a line at firstname.lastname@example.org