Unauthorised fraud losses
Unauthorised fraud is when your card details are used by someone else without your permission. However, throughout 2023, UK Finance revealed that fraudsters did not physically need a card in order to attempt unauthorised fraud.
The report found that card ID theft increased, with losses up 53 per cent to £79.1million, as many criminals reverted to stealing ID and falsely applying for new credit cards or account takeovers, were they not able to trick someone through APP.
While this is a worrying stat, UK Finance also revealed that banks were able to prevent £1.25billion in unauthorised fraud; an increase on the previous year. Furthermore, of those impacted by unauthorised fraud, 98 per cent were fully refunded.
Looking at this type of fraud beyond card ID theft, UK Finance announced that losses due to unauthorised transactions across payment cards, remote banking and cheques were £708.7million this year, down three per cent compared to 2022.
What has caused unauthorised fraud to drop?
One of the main contributors to the overall fall in payment card fraud losses was a nine per cent fall in remote purchase losses, the fifth consecutive year of declines in this fraud space. The roll-out of strong customer authentication (SCA) over the past two years has helped to reduce this type of fraud by verifying customer’s identity.
Commenting on these findings, Worldpay’s head of business development, EMEA, Silvia Mensdorff Pouilly said: “It’s encouraging to see UK card-not-present [remote] fraud losses falling to their lowest in almost a decade in today’s figures released by UK Finance.
“While the data shows that e-commerce card fraud losses in the UK have decreased by nine per cent, thanks in part to the implementation of SCA, fraud remains an ever-present challenge with criminals continuing to evolve the ways in which they target both consumers and merchants.
“The payments industry needs to continually innovate and invest in systems to help mitigate the threat of fraud. In this regard, the industry has been leveraging AI and machine learning capabilities for more than a decade now and we are seeing a clear benefit to our customers in areas like payment authorisations, real-time fraud analysis, fraud detection and reducing false positives.”
Where crime has increased
Mensdorff Pouilly continued: “UK Finance data tells a different story at Point-of-Sale, where face-to-face card payment fraud losses have increased by a quarter. Our data indicates that card payments account for over 76 per cent of transaction value at POS. As consumer demand for convenience is leading shoppers to expect more seamless ways to pay, the industry has a fine balance to strike in ensuring that both consumers and merchant are protected to retain trust in a varied payments ecosystem.
“Here, digital wallets, with their enhanced security through biometric authentication, could hold the key to helping reduce instances of fraud. In addition to this, it’s imperative the industry comes together to educate both consumers and merchants and bolster fraud prevention without impeding innovation.”
Authorised Push Payment (APP) fraud losses
Authorised push payment (APP) fraud losses were £459.7million, down five per cent compared to last year. This comprised £376.4million of personal losses and £83.3million of business losses.
Over 81 per cent of APP fraud losses were from personal accounts, equating to £376.4million. In total, APP fraud was the cause of £459.7million being lost (including business losses too: £83.3million). Similarly to unauthorised fraud, while the figure still seems extortionate, it is down five per cent from 2022.
Purchase scams
Although less money was stolen, the total number of APP cases was up 12 per cent to 232,429. The main driver behind this was purchase scams. This is where people are tricked into paying for goods that never materialise.
The total number of these cases rose 34 per cent to over 156,000, while the amount lost rose 28 per cent to £85.9million making it the highest loss and case total ever recorded. Purchase scams accounted for 67 per cent of the total number of APP cases.
Romance scams
However, this type of scam isn’t the only cause for concern. Fraudsters abusing romance scams also utilise APP, tricking victims into believing they are in a relationship before stealing their money. This type of fraud also hit all-time highs in terms of losses and cases, which were up by 17 per cent (to £36.5million) and 14 per cent respectively.
Impersonation scams
There has been significant investment made in warning consumers that a bank will never ask someone to transfer money over the phone in a panic with the looming threat that a criminal is in their account, trying to steal funds. As a result, the number of fraud cases where criminals impersonate a bank or the police and convince someone to transfer money to a ‘safe account’ fell by 37 per cent and the amount lost to this type of fraud fell by 28 per cent.
In total, £287.3million of APP losses was returned to victims in 2023 or 62 per cent of the total loss. This has increased from 59 per cent in 2022.
One reason more users have been able to be reimbursed is due to the Contingent Reimbursement Model (CRM) Code launched in 2019.
A spokesperson from the Lending Standards Board, the UK regulatory body, said: “The Contingent Reimbursement Model (CRM) Code has been instrumental in driving up reimbursement rates for Authorised Push Payment (APP) fraud and building a consistent approach to preventing and detecting scam across its signatory firms.
“Overall reimbursement rates for APP fraud have more than doubled since the Code was introduced, while the Financial Ombudsman Service has said it receives more complaints about APP fraud from non-Code firms – partly because Code signatories have better prevention measures in place.
“We’re proud of the role the Code has played in improving outcomes for people if they do fall victim to APP fraud – and in stopping people from becoming victims in the first place.”
Authorised Push Payment enablers
APP fraud losses continued to be driven by the abuse of online platforms and telecommunications. Not only do criminals take advantage of these platforms to encourage the transfer of money through investment, romance or purchase scams but criminals also use scam phone calls, text messages and emails to trick people into handing over personal details and passwords.
Over the past year, criminals have fallen into a pattern. They will initially focus on obtaining personal information from their victims, and then try and persuade them into sending money. If this initial APP scam doesn’t work, they will then utilise the data they have gathered and attempt to take control of the victim’s existing accounts or apply for credit cards in their name.
UK Finance data on the sources of APP fraud shows:
- 76 per cent of APP fraud cases originated from online sources. These cases tend to be lower-value scams, such as purchase scams, and so account for 30 per cent of total losses.
- 16 per cent of cases originated in telecommunications and these tend to include higher value cases, such as impersonation fraud, and so account for 43 per cent of total losses.
