Announcements, Payments Security

Remote Authentication Fraud: Are You Who You Say You Are?

As e-commerce volumes continue to increase, the Federal Reserve has been working in collaboration with payments professionals over the past two years to research key remote authentication fraud challenges and mitigation efforts.

Heightening the need for greater attention to authentication fraud, the COVID-pandemic increased demand for more consumers to enroll in online or mobile (digital) accounts to make remote payments. In fact, average U.S. consumer e-commerce spending was 36% of total spending in December 2020, up from just 26% in March 2020.[1]

Unfortunately, fraudsters have noticed the shift, too – and they are changing the targets of their fraud attacks accordingly. To help address remote authentication fraud, the Fed recently published Remote Authentication Landscape and Authentication Methods (PDF), the first of three research briefs planned for this summer.

Identity verification and authentication both refer to the process of proving to a financial institution or business that you are who you say you are, so you can open an account, make a payment, or take out a loan. Identity verification usually occurs only when you open an account, while authentication should occur each time you access a system to perform a financial activity.

The payments industry uses a myriad of authentication tools to prevent remote fraud attacks – but many financial institutions, payment service providers, processors and merchants rely on outdated authentication and verification methods to prevent payments fraud. The Fed’s new research brief explores authentication strategies to address new account fraud (NAF), synthetic identity fraud (SIF) and account takeover (ATO) fraud.

To learn more, read this initial research brief in the series and watch for two more briefs to be published later this summer. The second brief will describe several remote payment use cases where payments stakeholders apply authentication during the enrollment and transaction process. The third and final brief will discuss payments industry approaches and tools to mitigate remote authentication fraud, as well as key findings and recommendations on next steps to build awareness and engage industry stakeholders.

[1] Deutsche Bank Research/The Future of Payments: Series 2. Part 1. Post Covid-19: What Executives are Thinking and Doing (Off-Site). January 2021.