Trulioo is the latest security provider to warn about scams that take advantage of COVID-19. The company collaborated with PYMNTS on a new Anti-Money Laundering and Know Your Customer report that tracks fraudulent activity during the pandemic, and notes that cybercriminals are increasingly targeting payment apps now that more transactions are taking place online.
With that in mind, Trulioo advises financial services providers to implement stronger authentication measures like biometrics and One-Time Passcodes, which will make it more difficult for fraudsters to execute account takeover attacks. The company warns that providers that fail to comply with consumer protection requirements could be exposing themselves to significant financial penalties, both in the form of lost confidence (and lost customers) and official fines. The report specifically cites the example of the Westpac Banking Corp. in Australia, which racked up more than 23 million AML violations between 2013 and 2019 and has now set aside $570 million to pay its anticipated sanctions.
“Cybercriminals launch a variety of attacks against mobile payment app users, including scams to trick honest customers into sending them funds under false pretenses and attacks that leverage stolen data to take over users’ accounts,” the report states. “App providers must be ready to fight back by imposing robust authentication measures, programming automatic pop-up alerts and performing customer outreach about common schemes.”
To their credit, several digital security providers have conducted that kind of outreach during the pandemic. The behavioral biometrics specialist NuData has compiled a list of common COVID-19 scams, while BioCatch has repeatedly called attention to the growing threat of account takeover fraud.
For its part, Trulioo has emphasized the importance of customer onboarding during a recent webinar geared towards the online gaming industry. The July AML/KYC Tracker goes on to suggest that financial institutions will need to be particularly vigilant in the months ahead, largely because Brexit could further disrupt the regulatory environment in Europe and make people more vulnerable to the machinations of cybercriminals.