Authorized push payment fraud

What is authorized push payment fraud?

Authorized push payment (APP) fraud is a scam that tricks someone into voluntarily transferring money from their account to an account controlled by a fraudster. This can range from small amounts to life-changing sums of money. 

APP fraud is the most prevalent type of real-time payment fraud. It is expected to climb to nearly $7 billion by 2026 across six major markets (US, UK, India, Brazil, Australia and Saudi Arabia).

APP fraud is particularly insidious because it exploits the trust and willingness of the victim to make a legitimate payment. And with the advent of generative AI, this type of fraud is becoming increasingly common.

APP fraud can result in significant financial losses for its victims. Unlike credit card payments or direct debits, which have some level of protection and can often be reversed, push payments are usually instant and irreversible. Once a victim realizes they’ve been scammed, it’s often too late to recover the funds. Banks might not always be liable for reimbursing the lost funds, especially if the customer authorized the payment.

What are the benefits of combating APP fraud?

Fighting APP fraud is crucial for maintaining financial integrity, ensuring public trust and driving technological and legal advancements. The most significant benefits include:

• Protecting individuals and businesses from financial loss, ensuring personal and organizational financial stability
• Enhancing confidence in digital banking and online transactions, encouraging broader participation in the digital economy
• Fostering trust in financial institutions and businesses, promoting customer loyalty and engagement
• Disrupting criminal networks linked to APP fraud, including money laundering and other illegal activities
• Enabling financial institutions and law enforcement to allocate resources more effectively, focusing on innovation and other critical services
• Driving development of stronger laws and regulations to deter fraudsters and provide clear legal frameworks
• Spurring advancements in security technologies and practices, enhancing protection against various cyber threats
• Contributing to the integrity and stability of international financial systems, reducing the impact of financial crimes

How is APP fraud typically perpetrated?

The process typically involves three steps:

1. Deception. Using email, phone calls, text messages or social media, the fraudster poses as a trustworthy entity, such as a bank, service provider or even a friend or family member. 
2. Manipulation. Once the victim is convinced of the fraudster's legitimacy, the fraudster manipulates the victim into making a money transfer under the guise of protecting their money from a security threat, paying for a service or product or transferring money for what appears to be a legitimate reason.
3. Authorized payment. Believing they are making a legitimate transaction, the victim authorizes their bank to make a push payment (a direct payment from their account) to the account specified by the fraudster.

What can be done to combat APP fraud?

It's important for individuals to be vigilant and skeptical of unsolicited payment requests, even if they appear to come from a trusted source.

Also, the same technology that is being used to expand APP fraud, gen AI, can also fight it. Gen AI can develop predictive models to generate accurate, up-to-the-minute insights and flag suspicious activity in real time.