The True Cost of Transaction Fraud

Published in

Sumsub

4 min readJan 9, 2024

According to Sumsub’s 2023 Identity Fraud Report, advances in technologies are increasing fraud risks for a wide range of industries, putting businesses and customers alike in danger. Digital transactions are becoming particularly vulnerable to fraud, as commerce increasingly moves online. In this article, I dive into the specifics of transaction fraud, how it’s related to identity theft, and ways to prevent it.

What is transaction fraud?

Let’s start by providing a simple definition: transaction fraud is the process of making an online purchase using stolen payment details. However, stolen debit card numbers aren’t the only means of committing transaction fraud. Fraudsters can also steal personal information — names, addresses, passwords, ID numbers, etc. — through phishing, data leaks, or the darkweb. This information can also be used to perform illicit transactions, underscoring the connection between identity theft and transaction fraud.

Identity fraud landscape

In our 2023 Identity Fraud Report, the rate of identity fraud has been increasing for the last several years, nearly doubling from 1.1% in 2021 to 2% in 2023. In 2023, the most popular identity fraud types included:

AI-powered fraud (mainly deepfakes)
Money muling networks
Fake IDs
Account takeovers
Forced verification

How businesses lose money to transaction fraud

Transaction fraud often results in substantial fines and direct losses for businesses and customers.

Let’s take a look at the case of Zelle, which is an app that lets people send money to each other from their bank accounts using peer-to-peer (P2P) transactions. In 2021, Zelle processed $490 billion in payments. In 2021 and the first half of 2022, 192,878 there were payment fraud complaints involving Zelee transactions totaling $213.8 million. However, banks claim they are not required to reimburse these fraudulent transactions. Therefore, only 3,500 clients were refunded in total.

New Account Fraud — How to Protect Your Business

Transaction fraud and company reputation

Financial losses aren’t the only issue companies need to worry about when it comes to transaction fraud. Companies that regularly suffer from transaction fraud risk ruining their reputation among customers and partners. Moreover, failure to confront transaction fraud can result in various penalties, such as fines, license revocation, and scrutiny by regulators.

Meanwhile, countries keep implementing stricter rules, making transaction monitoring mandatory for many businesses. As a result, companies now spend a bigger chunk of their revenue on transaction monitoring. In 2022 alone, the global transaction monitoring market was worth $8.4 billion, and experts believe that the number will grow up to $34 billion by the end of this year.

While transaction monitoring expenses increase, so are the financial penalties for non-compliance. Banks and other financial institutions were fined almost $5 billion in 2022, highlighting the importance of compliance with regulations in preventing fines and fraud.

How to detect transaction fraud

Companies should be aware of the most common types of transaction fraud, which include:

Account theft
Buy now, pay later
Fraudulent merchants
Gift cards

Businesses also need to analyze behavioral patterns throughout the entire user journey. This includes looking out for suspicious behavior patterns, such as:

Unusual size of orders
Unusual rate of orders (including repeat orders)
Missing personal information
Errors when providing sensitive information (e.g., CVV number)
Little interest in saving money
Discrepancies in geolocation
Mismatched names

The presence of one or several red flags doesn’t necessarily mean that the user is a criminal. However, it does highlight the need for the company to conduct a thorough check before allowing the transaction to proceed.

How to prevent fraud

There is no single, universal fraud prevention solution. However, there are certain steps a company can take to minimize the risks:

Implement KYC protocols
Mandate robust Know Your Customer (KYC) procedures for client onboarding
Regularly update and validate customer data
Utilize identity verification services to cross-check client details
Invest in technology that can identify deepfake videos and audios
Secure data storage
Use encryption for sensitive data
Regularly update and back up databases Limit access to sensitive information
Implement strong authentication methods
Use multi-factor authentication (MFA) for accessing company systems
Regularly update and strengthen password policies
Regular training & awareness programs
Educate employees about the latest fraud tactics
Conduct regular cybersecurity drills
Monitor transactions
Implement real-time monitoring of transactions to spot suspicious activities
Set up alerts for unusual patterns
Vet vendors
Ensure third-party vendors follow strict security protocols
Regularly review and audit their security practices
Update security systems
Keep all software, especially security software, updated
Regularly patch vulnerabilities in the system
Implement incident response plan
Have a plan in place for potential breaches
Regularly review and rehearse the response plan ·
Employ physical security
Ensure secure access controls to company premises
Use surveillance systems like CCTV cameras
Perform regular audits
Conduct security audits regularly
Review and update security policies as needed
Get feedback
Encourage employees to report suspicious activities
Create an anonymous reporting system if necessary

Suggested read: Sumsub Identity Fraud Report 2023

In addition, companies can implement various tools that can help them to detect devious patterns. These include:

IP geolocation and device location
Device fingerprinting
Negative database
Social network data analysis
Fraud scoring services

Suggested read: The Complete Guide to Transaction Monitoring

Sumsub covers the whole user journey, from onboarding to transactions. These include a wide range of verification solutions, including ID and Address Verification, Non-Doc Verification, AML Screening, Fraud Monitoring, and more. This comprehensive approach goes beyond the onboarding stage, enabling companies to detect and prevent fraud at every step of the user lifecycle.