Top 5 Digital Fraud Prevention Trends and Predictions for 2022

David Vergara, January 10, 2022

As we start 2022, we can reflect on another memorable year. Businesses, government, and other organizations that built remote processes in response to the COVID-19 pandemic have spent the past year optimizing and strengthening these systems to ensure a positive and secure customer experience.  Whether identity theft, payment fraud, synthetic identity fraud, phishing, or other fraud types and financial crimes, the work of digital security is never done. Security experts are looking ahead to find new ways to protect their customers and users from scams, digital fraud, and cybercriminals.

Every year has its surprises, but the trends in security and fraud detection solutions are clear. In this blog, we’ve gathered the five predictions that will shape the security landscape in 2022.

Top Digital Fraud Trends and Predictions

1. Digital identity initiatives will increase for governments, states, and private sectors

Governments around the globe are launching digital identity initiatives that enable users to access a range of services via online or mobile applications. Singapore, UAE, and Australia have already issued a digital identity scheme, and the EU is moving in that direction too with the revision of eIDAS and the announcement of the European Digital Identity.

The availability of digital identities on mobile devices will facilitate the onboarding and authentication to digital applications and help combat account takeover fraud attacks. Once a consumer is verified, they can use their digital identity anywhere at any time online to onboard or authenticate to any application using digital identity verification.

Any application dealing with digital identities will need to adapt and support the new governmental digital identity schemes in order to be relevant in the market. Example sectors include energy suppliers, banks, postal services and telco providers. Furthermore, the usage of qualified electronic signatures will become more relevant: citizens can use their digital identities to legally sign contracts online.

The Role of Digital Identity in Account Opening & Onboarding
Webcast

The Role of Digital Identity in Account Opening & Onboarding

Learn how digital identity can reinvent your digital account opening and onboarding process. Reduce abandonment rates and application fraud while converting more happy customers.

Watch Now

2. Security measures and fraud prevention for embedded finance offerings

Non-financial enterprises are able to offer tailored financial products to their community, such as payday loans for easy and reliable access to credit or specialized digital platforms for truckers offering credit for fuel financing or vehicle insurance. Analyst firm Juniper Research expects that the value of the embedded finance market will exceed $138 billion in 2026, from just $43 billion in 2021.

Both consumers and organizations have become more open to working with non-financial institutions. These companies have better access to consumer data, which helps in providing an optimal user experience and leads to greater brand loyalty. However, though these embedded finance offerings present value to consumers and opportunities for financiers, they also attract the attention of cybercriminals. Because financing apps often include payment transactions and connections to bank accounts, these fintech applications will become even more interesting for hackers as they gain in popularity.

Security will play a key role as the market matures. Only the companies that combine a frictionless user journey with a secure environment will stand out in the crowd. Functionality and usability will be important to be sure, but organizations that fail to protect their websites and mobile apps will quickly lose their brand reputation and customer base.

3. Privacy by design becomes imperative for organizations to remain competitive

Privacy by design refers to the idea that the future of privacy cannot be assured solely by compliance with regulatory frameworks. Rather, privacy assurance must ideally become an organization’s default mode of operation and personal information should be protected from the start – at the design phase.

Although GDPR put this concept in the spotlight, it was first discussed in the 90’s. At that time, Ann Cavoukian, former Canadian Information & Privacy Commissioner, defined seven principles that are considered the foundation of privacy by design, including enabling privacy settings by default, being proactive, and transparent motives for data collection. Those principles still remain valid today.

In today’s age of constant data breaches and fraud risk, privacy will be used to differentiate from the competition and create a business advantage. It will be critical for companies to demonstrate they understand the principles of privacy by design and integrate them at all levels of their organization to offer their employees, partners, and customers the warranty they are taking privacy seriously. Companies that are not able to demonstrate these principles will lose market share. According to Trace Fooshee, Senior Analyst at Aite Group, "interactions [between the financial institution and customer] must be consistent and predictable; inconsistency breeds uncertainty and uncertainty undermines their sense of security." 

Customers expect to be offered a clear explanation about security strategy and privacy of their personal data, and in the event of unauthorized or fraudulent transactions, customers may hold their financial institution responsible. If they lose trust in the institution, they will move to an FI  that does offer such transparency and accountability. Recently, even Google has started to offer more transparency about the way data is being used.

4. Cryptocurrency fraud will skyrocket

Crypto exchange platforms have been developed very rapidly from open source without taking their security ecosystem or fraud management seriously. Since the platforms are unregulated and not secure, there's no guarantee that customers get their money back after a hack. At least 32 incidents of hacks and fraud have already taken place in 2021, for a total value of almost $3 billion. Without a doubt, the number of cryptocurrency hack incidents and fraud losses will break records in 2022.

The most common types of crypto hacking are phishing and social engineering attacks, even though the technology to protect customers against those attacks has already existed for years and has been in use by traditional banks. Push notifications instead of one-time passwords sent via SMS can prevent SIM Swap attacks. Also, application shielding can protect wallet applications from cloning and secret extraction.

The only way to mitigate these attacks is to bring in more regulation and rules, like PSD2 and the requirement for Strong Customer Authentication. For customers, on the other hand, it is critical to select a stock exchange platform that offers premium security capabilities.

Cryptocurrency Regulations and Banking in 2022
Blog

Cryptocurrency Regulations and Banking in 2022

The coming year may be the most crucial yet in solidifying crypto standards in the U.S., which could bring significant benefits to banking institutions.

Read More

5. Artificial intelligence will lead the regulatory agenda in 2022

The use of artificial intelligence and machine learning in finance has expanded massively in 2021, and it will only increase in the coming years. According to a recent OneSpan survey, 32% of FIs are already putting AI in place to comply with regulations. Jurisdictions across the world are eagerly looking to develop AI-based solutions while also considering the ethical implications of its use, such as addressing racial bias that creeps into facial recognition algorithms. Policies and legislation pertaining to the use of artificial intelligence will lead to regulations in 2022 and beyond.

In the US, for example,  financial regulators issued a Request for Information in March 2021 to get input from financial institutions on their use of AI. The regulators wanted to understand how AI is used in their provision of services to customers and for other business and operational purposes. These insights will likely lead to a Notice of Proposed Rulemaking, which is a precursor to a regulation. We expect these to be published in 2022. Federal regulatory action should not surprise financial institutions. Based on recent research conducted by Arizent, 43% of US FIs noted that anticipated federal AI regulations are a top concern.

Likewise, the European Commission’s proposed Artificial Intelligence Regulation seeks to encourage the development of AI while classifying and regulating AI solutions according to risk. The regulation is currently progressing through the legislative process. If the legislation passes, it won’t occur until late 2022 or 2023. We expect the first regulations to be published in 2023, so it can go into effect in 2024.

Fraud Prevention Trends of 2022: AI, Crypto, and Digital Identity

As you develop your yearly plans, remember the old saying. Security is a process, not a destination. While there are some elements, like AI regulation, where we will have to wait to see what the final legislation entails, we have the tools today to fight fraud in 2022. Digital financial services are rapidly growing in popularity, and that will continue to attract increased attention from fraudsters. However, digital identity, app shielding, push notifications, and multi-factor authentication with biometrics can all be implemented to protect customers from fraudulent activity without creating a cumbersome user experience. 

David Vergara is Senior Director of Security Product Marketing at OneSpan and has over 15 years of experience in cloud platforms/SaaS, predictive analytics, and advanced MFA technologies. His current role is focused on GTM strategy and execution across all authentication and risk analytics product lines. Prior to OneSpan, he led product and GTM strategy for tech companies, including roles as VP Marketing for Accertify (An American Express Company) and Sr. Director Product Marketing at IBM.