Authorized Payment Scams: Why Banks Are So Slow to RespondBanking Security Expert David Pollino on Why Zelle Scams Are So Hard to Solve
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, where scams have increased 109% in the United States in the past year, says David Pollino, former divisional CISO with PNC Bank.
Ironically, Pollino says, Congress is looking into Zelle fraud and possibly contemplating new regulations, and that may be slowing down Zelle's plans to add detection capabilities and controls. Zelle, owned by a consortium of large banks, is probably trying to see what regulations emerge before changing "the rules of the system - that might be throwaway work."
Authorized payment scams aim to trick customers into making authorized payments. Banks currently are not required to refund these types of transactions, but Pollino says he wouldn't be surprised to see banks agree to a chargeback to protect customers hit with scams.
“I think the financial institutions will figure it out. They will manage it down in such a way that it's a minimal inconvenience to them on their bottom line and customers will feel safe utilizing those mechanisms,” Pollino says.
In this video interview with Information Security Media Group, Pollino discusses:
- The current fraud and scam models affecting a wide range of sectors from banks to cryptocurrency exchanges;
- Why traditional fraud models built around account takeover do not work for authorized payment scams;
- How banks can tackle the problem of authorized scams.
Pollino has over 25 years of experience in information security, fraud prevention and risk management. He has focused on financial services for 20 years and was the chief information security officer of Bank of the West and a divisional CISO at PNC Bank. He has held multiple leadership positions in security and fraud at institutions including Wells Fargo, Washington Mutual and Charles Schwab. Pollino is an ISMG contributor and has authored multiple books and white papers on cybersecurity and fraud.