Authentication & Security

The Value of Fraudulent Activities in Online Banking Will Reach $7 Billion by 2020


Online banking is the rising star of the financial services industry. In 2016, there is a range of successful players offering superior online banking experience; even traditional players seem to be making a push towards forms of online experience rather than physical branches. Nonetheless, each innovation comes with its own catch. While some drawbacks are not significant enough to pause the efforts, others may create considerable obstacles.

Certain drawbacks of the modern trend towards online banking have been recently popping up here and there. Although one of the most important issues is related to consumer trust rather than online banking technologies themselves, it is still an issue that could inhibit growth and development.

Modern online banking is a powerful vehicle for building customer loyalty and engagement in the banking industry since it offers convenience, a range of services like automated bills and other payments and service renewals, the extension of credit lines and instant applications for loans. The ability to arrange automatic payments for all services from the Internet provider to gym membership is a significant effort and time-saver. In 'exchange,' online banking providers get to accumulate a vast amount of data about customers, their habits, lives, etc. This rather sensitive information is an important asset that requires appropriate security systems.

Security of personal and financial data

Earlier in May, a consumer survey by Better Business Bureau (BBB) revealed that regardless of all convenience and benefits, three-quarters of American consumers shy away from online banking. What is more impressive, 18% of respondents told pollsters they’d rather suffer a broken bone than have their personal information compromised. It appears that security concerns are a major barrier for consumers when it comes to online banking.

Aside from security concerns, one in four consumers is worried that automatic bill payments can result in unauthorized debits to their bank accounts.

In addition to security concerns, consumers expressed mistrust to the way their information is handled. Only 1–2% of consumers trust that their personal information will be protected by big corporations, smartphone manufacturers, social media sites and search engines. An outstanding 51% said they don’t trust anyone with their data.

No need to hack the whole system, just find one weak cyber link

Customer mistrust is not unfounded. As the banking industry focuses on the digital experience, cybercriminals follow the money to cyberspace as well. In recent weeks, professional world has been shocked by the boldness of modern criminals that caused significant damage to Swift, the cross-border payment messaging system owned and used by 9,000 member institutions around the globe that handles transfers worth more than $6 trillion every day. Hackers have forced their way into member banks’ systems and gathered their Swift passwords and other authenticating protocols.

When connectivity can be a Trojan Horse

The most puzzling detail of the whole story with large sums being stolen from the network is the smoothness of this case, the ease with which criminals were able to get their hands on what is effectively a bank’s own checkbook. The case did not even require them to take over the whole internal systems of Swift, but just to take control of one of the terminals giving access to Swift’s network. Swift demonstrated that for cybercriminals to hack into the whole system, they just need to find one weak cyber link.

Given that the modern banking ecosystem is a large network of various interconnected participants, the same effect reached with Swift can be reached by finding one connected weak member of the ecosystem. In fact, as reported by the FT, the developed world’s largest financial institutions now face “tens of thousands” of attacks every minute.

Disconnected jurisdictions as a threat to international banking networks

Having strongly interconnected networks brings advantages as well. However, in the modern world, disconnected jurisdictions lead to an opportunity for cybercriminals to slip through international cracks. It allows cybercriminals to relatively freely move stolen funds from one country to another and withdraw from local access points.

Cross-border payments are at a particular risk for online services users since weak connections of national ecosystems make it difficult to tighten the screws on potentially fraudulent transactions right away. The most recent estimations suggest that the value of online fraudulent transactions is expected to reach $25.6 billion by 2020, up from $10.7 billion in 2015. This means that by the end of the decade, $4 in every $1,000 of online payments will be fraudulent. What's more important is that the three main areas to suffer from online fraudulent activities include e-retail (65% of fraudulent transactions, or $16.6 billion), banking (27%, $6.9 billion) and airline ticketing (6%, $1.5 billion).

Research also suggests that “although banks can counter online banking fraud by deploying new technologies such as 3D-Secure, which requires an additional step during the authentication process, and device fingerprinting, these measures often only provide only temporary relief as fraudsters rapidly discover new schemes”.

That is why it is not enough to have strong national cybersecurity systems but important for every member of the network to follow the same practices for the whole international system to be resistant.



MEDICI Team is a group of content writers, bloggers, journalists, researchers, and editors from the MEDICI who collaborate to create FinTech insights.

Apply to Become a Contributor