Growth of Digital Wallets and Key Challenges in 2024

Digital Wallets are growing exponentially since we shift from traditional bank branches to digital payments but cyber security threats are equally growing and total cost of cyber crime estimating ￡27 billion per year hence let us analyse some of the key challenges in this article.

Phoneless Scenario

According to the recent surveys, 53% of surveyed users worried if their phone go drained or lost, they loose the capability to make payment. 57% among them are preferred to pay via digital wallets:

Meanwhile 61% worried about the possibilities of their phone being stolen hence not storing sensitive information in the phone:

Account Takeover Fraud

Among the cyber threats, account takeover is a leading challenge to digital wallet space and still not many solutions available to prevent such situation when users penetrated by complex vulnerabilities such as 'Man in the Middle Attacks' according to getfocal.

Cash Machine Traps

Despite several security measures taken by banks and fintechs, cash machine's traps are not getting over anytime soon!

Common Attacks on Digital Wallets

1. Phishing

• Exploits trust, using fake messages to trick users into revealing credentials.
• Common in emails, text messages (SMS), and social media.

2. Credential Stuffing

• Fraudsters use stolen credentials, often from data breaches to access accounts.
• Bots automate login attempts, relying on password reuse.

3. SIM Card Swapping

• Exploits mobile carriers' SIM card services to transfer numbers to a fraudulent SIM card.
• Facilitates unauthorized access to banking apps and transactions.

4. Malware

• Installs malicious software on devices to capture banking credentials.
• Distributed through untrusted apps or disguised as updates.

5. Mobile Banking Trojans

• Overlay attacks place fake screens on legitimate banking apps to capture credentials.
• Can modify transaction data during banking sessions.

6. Man-in-the-Middle Attacks (MITM)

• Fraudsters intercept, edit, send, and receive communications unnoticed.
• This can occur through malicious Wi-Fi networks or insecure mobile banking apps.

Source: Link

Note: There is no solution to the MITM in the I.T industry. If you know any workarounds, please share in the comments section.

BioCatch Survey

Fraudsters are learning AI better than anyone else in the recent years and there are interesting survey results in recent years:

• AI (Already) an Expensive Threat:?More than half of the organisations represented in the survey say they lost between $5m and $25m to AI-powered attacks in 2023.
• Financial Institutions Also Using AI:?Nearly 3/4 of those surveyed say their employer used AI to detect fraud and/or financial crime. 87% say AI has increased the speed with which their organisation responds to potential threats.
• We Need to Talk:?More than 40% of respondents say their company handled fraud and financial crime in separate departments that did not collaborate. Nearly 90% of those surveyed say financial institutions and government authorities need to share more information to combat fraud and financial crime.
• AI to Help with Intelligence-Sharing:?Nearly every respondent says they anticipate leveraging AI in the next 12 months to promote information-sharing about high-risk individuals across different banks.

How to Tackle Cyber Frauds over Digital Wallets?

Let us see some useful options here.

Behavioral Biometric Intelligence

Finger press and mouse movements are major predictor of Automated Bots of fraudsters when comparing to normal users. But BioCatch is one of the pioneer in ranking those abnormal behaviors and help blocking such Bots in real time:

ThreatMetrix Risk Narrative

TMX is one of the best among my experience in recent years. This tool not only detects the fraud but also enables us to update rules to follow automated actions to react to the instance of live risks across wallet interactions:

Henceforth, both BioCatch and Threatmetrix gives us two morale values to follow. Let us look at them in the section below.

Build Trust

Trust and Integrity are top two pillars in expanding user base since security is the top most priority in the digital wallet usage. Hence enabling high trust on the digital wallets with adequate steps enable retainment of longer user traction to wallet usage.

Having security prevention mechanism helps preventing fraud but building trust via multiple branding options help stabilising customer tractions:

Accessibility Certification

Having accreditation on the website and apps with AbilityNet for accessibility creates increased trust by users with #disabilities

PCI certification

This certification of Wallet, Server includes authenticating the security of the Wallet application and environment.

PCI Data Security Standard (PCI DSS)

This standard is developed to enhance the control over the cardholder data and also to minimize the fraudulent acts, which may happen through the card’s exposed data.

PCI PIN Transaction Security Standard (PCI PTS)

This Standard is designed to safeguard the consumer’s PIN information from theft. It is also envisioned to implement the security of hardware devices that accept consumer PINs and also store confidential encryption keys of the acquirer.

PCI Point to Point Encryption Standard (P2PE)

This standard safeguards encryption of payment card data at the point-of-interaction (POI).

PCI Payment Application Security Standard (PA-DSS)

This standard secures payment applications. When an application is executed in a PCI DSS compliant environment, it will help in reducing the prospective breaches of security that may lead to compromise.

As a part of the certification process, it is a must to use PCI accredited labs like SISA, UL and get security assessed as per PCI 3.2, which is the latest.

Having these certifications enable business to build increased trust among the user base to survive with longevity.

Customer Service Still Matters

Even through there are tight competition among the digital wallets in UK, there are three key differentiators that makes the winners clearly different from rest of the crowd:

1. Fees Transparency
2. Customer Service
3. Timely Transfers

#LinkedInNewsUK?#FinanceLeadership

Like this article? Subscribe to Engineering Leadership and Digital Payments Hub to enjoy reading useful articles.

Disclaimer: Contents, posts and media used in this account of the author do not represent any organisation of any sort. Under no circumstances will the author be held responsible or liable in any way for any claims, loss, expenses or liabilities whatsoever.