Digital wallet use is on the up. For merchants, they offer an easy way to meet customer expectations and provide a frictionless shopping experience. But fraud is never far behind. Learn how fraudy actors try to use digital wallets to their advantage.
Enabling digital wallet payments is an easy choice for merchants looking to make online shopping easier and more rewarding. But let’s not forget - new payment options mean new avenues for fraudsters.
Greg Lisiewski, vice president of Global Pay Later Products at PayPal, points out that “now more than ever, consumers want to be in control of how they pay, and they have a desire for friction-free, seamless digital shopping experiences.”
Most digital wallets can connect with traditional bank accounts. So users don't need to enter payment details or create an account to shop. Concern about handing over payment information can lead to cart abandonment. Allowing customers to pay with digital wallets gets rid of this extra step.
Digital wallets often support two-factor authentication (2FA) and strong customer authentication (SCA) requirements. Removing this extra layer of 3D Secure makes for a more frictionless experience. This creates a more seamless shopping experience and leads to higher conversion.
Today’s consumers value convenience above all. With digital wallets, your customers aren’t rummaging around looking for cards. What’s more, they’re incentivised to come back. Win-win.
Digital wallets offer a lot of promise for transforming customer experience and increasing conversion. But they also present new opportunities for fraudsters.
Difficulty identifying stolen cards
Nearly a quarter of merchants say that Google Pay and Apple Pay are top vehicles for fraudsters using stolen credit card details.
When a customer makes a payment, the merchant receives a token instead of the payment card number. This makes it impossible to identify the card used. Even if you block the offending wallet, fraudsters can move the stolen card to a new wallet. This digital wallet scam is one of the most commonly used right now.
This isn’t helped by the fact that cards are often not fully authenticated when added to a wallet. We conducted a series of independent checks adding new cards to Apple Pay and Google Pay wallets. We found that only a few banks will verify new cards individually.
As the UKleads the way in Europe for digital payments, fraudsters have found an exciting new playground. Fourthline identifies Greater London as the counterfeit ID hotspot for digital wallet opening attempts in the UK.
Trouble fighting friendly fraud
We have seen an increase in friendly fraud during the pandemic. This is customers making purchases then raising a dispute with their bank themselves, claiming it was fraud.
Many are discovering that traditional methods for managing disputes just aren’t as helpful when dealing with digital wallets. Our Online Payment Fraud report found that chargeback challenges on digital wallets are less likely to be successful. Merchants were successful 56% of the time with traditional payment methods. This number plummets to 5% with digital wallets.
This is because the customer payment information is obscured, so merchants don’t have the evidence they need. Asking customers for less information might make their experience more frictionless but it can work against you when it comes to fraudy actors.
Account takeover on digital wallets
Like traditional payment methods, digital wallets are vulnerable to account takeover. Last year saw a record-breaking number of data-breaches and the highest percentage of bad bot traffic in years. Most of this data is swiped through phishing attacks, credential stuffing, data breaches and card skimmers.
Stolen credentials can be used to identify other accounts with the same logins. Of course, this includes digital wallets.
Ideally, you'd able to identify the individual cards in the wallet and ensure that a customer is who they say they are. Unfortunately, outside of your own platform, you have no control over how a wallet is verified. But there are a few options you could consider:
Adding stronger authentication on top of the wallet authentication
Working with your payment service provider to introduce card fingerprinting
Conducting more in-depth customer behavioral analysis
Using machine learning to predict fraud patterns in a digital wallet transaction
Reach out to our team for more information on how you can identify and tackle digital wallet fraud.
Digital wallet fraud happens when a fraudster makes an unauthorized transaction using someone else's digital wallet. Usually, that involves hacking into someone's account and using funds or adding stolen cards to a digital wallet that the fraudster owns.
Digital wallet fraud involves unauthorized access or manipulation of a user's digital wallet to carry out fraudulent transactions or gain sensitive information. It can occur through various means, including phishing, malware attacks, and identity theft.
An e-wallet scam is a fraudulent attempt to steal money or personal information from someone using an electronic wallet, also known as a mobile wallet. Scammers use common types of scams like phishing, smishing, vishing, fake apps, QR code scams, social engineering, and man-in-the-middle attacks to achieve their goal.
However, it is still possible for a criminal to gain unauthorized access to someone's account, which is why digital wallet fraud is often enabled through more traditional methods of cybercrime, like phishing or a malware attack.
If proper security is not in place, hackers can hijack the payment information while it's being transmitted. Although most eWallets use some form of encryption to avoid data loss in the event of a hack, we recommend avoiding using unsecured public Wi-Fi without a dedicated VPN.
A: While it's unlikely someone can steal cryptocurrency with your wallet address alone, crypto wallets can be hacked through other means, such as phishing, malware, or social engineering tactics.
As with other Interac scams, once the scammer accepts your e-transfer, your money is deposited into their account - and it's not possible to get it back. To avoid this type of scam, make sure to check for a business license, as this is a verified sign that the seller is legit.
An eWallet transaction can be reversed as long as the money has not yet been withdrawn at an ATM, so you can get your money back if you are fast enough. FNB will charge you, though. Here's how to reverse a FNB eWallet payment from your cellphone, or by phoning the bank.
An eWallet (electronic wallet) is a digital version of a traditional wallet that stores payment card information and facilitates electronic transactions. A Mobile Wallet is a digital wallet that resides on a mobile device and allows users to store payment information and conduct transactions through a mobile app.
Similarly to card skimming, card scanning is a type of payment card theft where the fraudster with a scanning device gets close enough to your bag or wallet to scan your card number. This type of fraud is enabled by the fact that today's payment cards typically work on Radio Identification Frequency (RFID) technology.
Contactless forms of payment such as digital wallets are always more secure than swiping a card, he added, noting that scammers are still known to put card skimmers on credit card readers to steal the customer's information.
Attackers gain unauthorized access to a digital wallet. They might do this through phishing or the use of compromised credentials. This allows them to make purchases, steal payment information, change account details, or sell login information.
Set up a new wallet and backup your secret phrase (commonly called a mnemonic, seed, or recovery phrase) securely. This is critically important because anyone who has your secret phrase has full access and control of your funds. Transfer any remaining funds in the compromised wallet to your new wallet's address.
By using stolen personal information and guessing security answers correctly, fraudsters can divert and deposit e-Transfer transactions to their accounts. Protect your accounts by understanding your responsibilities as a sender and recipient. Notice anything suspicious? Let us know.
Phishing: One of the most common types of digital attacks, this involves malicious actors sending emails that lure crypto owners into divulging sensitive information or downloading malware which could allow the hacker to access their crypto wallet and steal their coins.
Apple Pay only stores encrypted data. Only Chase Bank has the key to decrypt the card information. So, even if Apple Pay were to be hacked, the hackers couldn't use the data they stole. You can contact Chase Bank 24/7 365 days a year by calling the phone number on the back of your credit card(s).
Security risks for e-wallets and online payments range from weak authentication processes to vulnerabilities within the payment systems themselves. One such risk involves hackers exploiting security gaps to gain access to users' financial information.
Introduction: My name is Annamae Dooley, I am a witty, quaint, lovely, clever, rich, sparkling, powerful person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.