Even before the pandemic — and the stimulus bills that sent trillions of dollars via check into consumers’ (and not a few fraudsters’) hands — the alarm bells were tolling.
The FTC said way back in February (feels like a lifetime ago!) that check scams were on the rise. And even before then, as evidenced by an earlier conversation between Karen Webster and Drew Edwards, CEO of Ingo Money, mobile deposit fraud was increasingly becoming a favorite vector for criminals.
Back then, Edwards noted that mobile check fraud was escalating so much that some banks were shutting off the feature entirely.
Even as more people are migrating to mobile, he said, some marquee names in banking (not on Ingo’s platform) have severely limited access to mobile check capture services. “Several are down to about 5 percent of their customer base having access to it,” Edwards told Webster.
But it may be time to re-examine mobile check deposit, and how it can fit within financial institutions’ (FIs’) drive to provide a financial services experience that is seamless, digital and also safe.
Overall, check fraud is costing banks billions of dollars annually, noted Edwards. Check fraud may seemingly be old-fashioned, and arguably overshadowed by criminals’ more digitally oriented efforts to steal funds. But the digital features of the mobile cashing or depositing of checks have proven to be attractive to fraudsters (and the paper checks, of course, are exceedingly vulnerable to fraud).
The issue is thrown into stark relief when, as Edwards stated, “we guaranteed a gazillion dollars’ worth of COVID-19 stimulus checks from March and April for our partners like PayPal and Netspend and Green Dot.” And the firm is still seeing those checks get returned as fraud seeps into the system. Edwards estimated that in the last few months , Ingo got over $500,000 worth of those checks back in returns, many as recently as last month.
As to the fraud itself: There are the counterfeit COVID checks, and there are duplicate deposits where checks are cashed multiple times. There are stolen checks and there is friendly fraud where people cashed them but told the government they didn’t. Edwards contended that it takes a while for the government to return them and for banks to uncover who is liable for duplicates.
Ingo has increasingly been seeing disputes over checks — and only half of them are legitimate, Edwards said: “Half of the time, it’s dead people and stolen checks.”
The inherent challenge of check fraud: Check payments are not real-time in nature, so it takes a while for them to work their way through the system. Conversely, mobile check deposit capture is real-time — and, depending on bank technology solutions, may provide real-time access to at least part of the funds. Reversibility of payments remains a feature, too.
Edwards told Webster: “You can use modern technology to attack this fraud” and also ensure greater confidence in making services available digitally to good customers.
That includes using machine learning and the other emerging high-tech efforts to combat payments fraud seen in other areas — especially if, in the future, banks and banking brands all tap into a standardized database to help stop duplicates and other fraud efforts or honest mistakes, where people thought they didn’t get paid, but actually did. Having a standard data repository in place could cut down on all of the data chasing. So, of course, would eliminating paper checks entirely, but that’s another story.
“A lot of challenger banks got their proverbial butt handed to them because they hit a positive pay file and assumed the government said it was a good check,” Edwards noted.
In the meantime, “because there’s an offline component, there are ways around positive pay files,” he added. “You’ve got to have a broader point of view.” Edwards cited the fact that Ingo is debuting application programming interfaces (APIs) to help streamline mobile checking offerings and make them more secure.
Consumer Insight API
Edwards pointed to a “consumer insights API” service that allows firms — even those not on Ingo’s platform — to ping Ingo and receive insight into multiple data points surrounding a consumer before opening an account, completing a new peer-to-peer (P2P) transaction or taking a check for mobile deposit.
“If you’re really paying attention and you have a national point of view, you can follow these people,” he said. “It may be a new name, but it’s the same phone we just saw. It may be a name and a new phone, but it’s in the same apartment we just saw. We’re going to open that up to the market, in a regulatory compliant fashion of course, and let people access a score via an API, which we’ve never done before.”
Soon after that API debuts, said Edwards, the firm will introduce an API that does the same thing for check makers, so that Ingo can issue warnings if needed. This goes way beyond the traditional hallmarks and watermarks woven into checks that seek to, for example, thwart high-tech photocopiers.
These are necessary efforts as fraudsters have moved beyond the confines of prepaid cards and other criminal efforts (where, noted Edwards, they’ve already been squeezed out by Ingo because it has such a wide footprint nationally and is vigilant about rooting out fraud in what seems a never-ending game of “whack a mole” as the criminals are constantly moving onto the next new scheme).
Ingo can help banks plug the holes in the proverbial boat where they’ve been taking on water. Vulnerabilities are created because the banks don’t see what’s going on outside the banks, but Ingo does. Many of these bad actors start outside the banks before they take on the banks.
“That’s why we’re setting up the API, so we can give the market visibility into what we’ve experienced already and stick our finger in that hole,” maintained Edwards. “So at least you get that warning: ‘Hey, this may be your very best customer, but we’re telling you they score low with us because they’re standing in an apartment right now that is a fraud den or they are using an email or a mobile device we’ve seen involved in fraud, elsewhere. “
Plugging the hole doesn’t mean banks must abandon services altogether simply to shut down fraudsters. But the ultimate goal should be to get all the good transactions through while minimizing the bad ones, said Edwards. Good people are seeing important services like mobile check deposit removed from their experience and what Ingo is trying to do here is enable firms to better serve their customers by being more surgical about the bad actors, he said.
The urgency is there to root out check fraud and use high-tech means and available data to do so, as it’s almost certain that new stimulus and funding rounds are on the horizon.
As Edwards told Webster: “As long as 20 billion checks a year are floating around, the bad actors are going to keep exploiting the holes in the system.”