The volume of mobile and digital payments has continued to grow, and fraudsters have adjusted their attack vectors accordingly. Financial institutions and merchants are working to improve the fragmented components of customer and payment method authentication without major disruption to their customers. To do this effectively, they must analyze thousands of data points and determine approaches to verify the customer and secure the payment process.
Continuing its mission to increase payment security awareness, the Federal Reserve has now published its third and final research brief in a series on remote authentication fraud. Authentication Fraud Mitigation Approaches, Key Findings and Recommendations (PDF) focuses on approaches and tools to mitigate remote authentication fraud, as well as possible ways the Fed and industry can work together to improve fraud mitigation, build awareness and engage industry stakeholders.
Mitigation approaches and enabling technologies can enhance payment authentication by facilitating additional checks on the validity of the user or payment method. Fraud mitigation approaches initially focused primarily on the transaction and have expanded to include data on the user’s behavior (e.g., on a mobile device when making a payment).
The present landscape is a patchwork of layered, multi-factor and risk-based authentication approaches, which require two or more factors from knowledge (something you know), ownership (something you have), and/or inherence (something you are, such as fingerprints, facial scans, voice prints, retinal or iris scans, or similar biometric identification systems). Shown below is how the future landscape of remote authentication fraud prevention and mitigation may evolve based on the best thinking of the payments industry.
Possible evolution of remote authentication fraud mitigation
Explore the full research brief series to learn more about remote authentication and the Federal Reserve’s continued engagement with the industry to advance payments security.