For over a decade, real-time payments have revolutionised transactions in the UK and around the world. Instant payments mean better cash flow, less risk of falling into the dreaded overdraft and speedier business decisions. However, this convenience has come at a steep price: app fraud.

Hundreds of millions of pounds stolen through APP fraud

Since the pandemic, fraudsters have gone into overdrive, taking full advantage of human biases and faster payment technology to steal £485 million from Brits in 2022. In the first half of 2023 alone, the figure is already at £239.3 million, indicating that a similar or greater level of APP fraud has taken place over the whole year.

Known as Authorised Push Payment (APP) fraud, this criminal activity is especially insidious as it relies on tricking the victim themselves into approving the transaction.

Romance scams increased by 22% in 2023, while the number of criminals pretending to represent the bank have more than doubled in the past months. We’ve also seen concerning episodes of deep fake AI used to convince relatives that they are sending funds to their loved ones in need.

According to one government paper, “bank accounts can be emptied in minutes” and the fraud “results in people taking their own lives”.

Balancing speed and security

Finding the right balance between speedy payments and careful security will be delicate. On the 12th of March, the UK government responded with a draft bill that would allow financial institutions to delay transactions that they believe are suspicious. Instead of receiving the funds within one business day, the timeframe could be extended by up to four, which is even longer than the pre-2008 BACs scheme.

Understandably, the draft bill has been met with mixed reviews. The frustration of fintechs keen to keep up the pace is palpable. But the extra time gives banks some much-needed breathing space to contact customers personally over their suspicious transactions, potentially saving entire livelihoods.

It’s worth noting that APP fraud is also a menace to fintechs, who could also benefit from heightened security. Two of the UK’s 14 hardest hit financial services are challenger banks.

Instant information-sharing provides a competitive edge

So how could companies use this precious extra time? One solution is with collective information sharing. The more banks and fintechs know, the faster they can react to suspicious situations. After all, criminals work in networks. So, to anticipate and prevent them, financial institutions should too.

With the right technology in place, financial services can follow and recover funds as they move down the payment chain. They can also quickly send alerts about the scams to other financial services to create a protective net for customers.

Rapid information-sharing and transparency can be extremely effective. Our own technology, Salv Bridge, for example, has improved the recovery of lost funds by up to 80%. Of course, with the more partnerships we create, the more effective the recovery can be.

With the renewed focus on security over speed, competition for both will probably heat-up for financial services. After all, people have become accustomed to instant payments, they will not tolerate glacial transactions as they did pre-2008. The most successful institutions, we believe, will be the ones who integrate the highest levels of security within the fastest turnaround times. This is where AI, automation and machine learning come into play.

Is the future hybrid?

The future of payments, we believe, will be a hybrid model of automated instant payments, but personal outreach if a suspicious activity is detected. Armed with the correct information, human specialists will be essential for understanding the situation and explaining it compassionately to customers.

While the new legislation may feel like four steps in the wrong direction for some fintechs, we believe it has the potential to be the competitive catalyst needed in the industry. If enacted, it could separate the strongest institutions from the weakest, pushing those with fastest and best security far ahead of the pack.

For those banks or fintechs who want to get ahead, now is the time to implement rapid information-sharing models. As the new laws would also put the burden of repayment onto the institutions themselves, those with efficient fund-recovery technology will be best-placed to stride ahead. From October 2024, financial services will be required to pay back victims of APP fraud, for up to £450,000 each. Investing in high-speed information-sharing security now could save millions of pounds down the road.

Improve the recovery of lost funds by up to 80%

bridge product mockup
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.