The revolution of instant payments, also known as real-time payments (RTP), has been gaining momentum in Latin America in recent years, completely changing the daily financial management of people and companies.
The emergence of SPEI in Mexico, Pix in Brazil, and Transfer 3.0 in Argentina has driven the expansion of this type of payment system in the region, and according to the 2023 Prime Time for Real-Time report, RTP transactions in Latin America are expected to grow from 33 million in 2022 to 1.2 billion in 2027. representing an annual growth rate of 29.3%.
The three countries mentioned above will be the major economies that will make huge gains over the next five years. Argentina and Brazil would offer seven to ten times more economic benefits and economies driven by instant payment systems.
For international companies, the expanding activity in Latin America can be a valuable source of new customers, talent and business development; projecting itself as the region with the highest growth in RTP transactions and electronic payments, which would reach a share of 56% by 2027.
Among the countries that have followed in the footsteps of Brazil, Mexico and Argentina, which have launched and/or are working on instant payment systems, are: Bolivia with BCB QR; Peru with interoperability of portfolios; Colombia with interoperable RLS and QR; Panama with Wallet 2.0; El Salvador with Transfer 365; Costa Rica with Sinpe.
Risks in instant payment systems
Real-time payment systems are being leveraged to quickly move the source of a crime between accounts, frustrating financial institutions’ efforts to identify and track illicit funds.
Money laundering and mule accounts also happen in this scenario. Mule networks are the set of linked accounts, belonging to individuals or legal entities, which are used to move the proceeds of illicit activities. In some cases, this happens without the knowledge of the account owner.
This possibility allows the proceeds of crime to be moved through a network, hiding its origin and extracting resources, making recovery with financial institutions almost impossible. Once a payment leaves an account through an RTP system, you have a limited view of the entire payment flow, making it impossible to see payments once they enter the system. This also makes it difficult to see and track patterns that point to cybercrime.
Fraud prevention strategies at RTP
Enhanced authentication: Additional levels of authentication are designed to ensure that unauthorized persons cannot access high-risk actions that involve sensitive information and transactions.
Unlike advanced authentication, multi-factor authentication is a security process that uses multiple authentication methods, such as a password combined with facial and/or fingerprint biometrics to verify a user’s identity. This type of authentication is not contextual, and when implemented, the user must complete both steps, for example, for each time they sign in to the bank’s mobile app.
Advanced authentication, on the other hand, is a security process that uses multiple authentication methods that is enabled only in a certain scenario; such as actions that alter data and information or reveal secret information. Institutions must implement these two types of authentication to have a strong and optimal security system.
Device fingerprint : refers to the set of information about the software and hardware of a remote computing device, which can be identified through aspects such as cookies, IP address, geolocation, browser and operating system settings, etc. The collection of all this information is also known as device fingerprinting.
This device fingerprint creates a unique ID, which analyzes users’ software and hardware settings. This recognizes client connections and detects warning signs of suspicious phishing activity.
The fingerprint of the device facilitates the detection of fraudsters and cybercriminals, thus improving the security system to mitigate account taking, fraud in digital payments, among others.
Endpoint management: About 70% of successful data breaches start at endpoints. Remember that an endpoint is that point that is connected to the end of a network; such as company computers, laptops, mobile phones and/or tablets. These endpoints are exploited by cybercriminals to infiltrate the network and extract private information from companies.
To prevent these cyberattacks, it is essential to use software that integrates the management of all devices on the network, in both desktop and mobile versions, from a central location. This measure not only protects the terminal devices of the business and monitors them, but also automates control and security processes, installation of patches, which avoids falling into irreversible consequences for customers and / or employees.
Identity verification: Know Your Customer (KYC) protocols contain the necessary measures to ensure that the customers of a financial services institution or company are legitimate. In addition to monitoring risks, they help detect and prevent illicit monetary activities that, if not identified and reported correctly, are imposed severe sanctions by the control bodies.
Today, technology enables the implementation of high-quality digital identity verification tools, which benefits the company and its customers, because in addition to protecting its infrastructure, information and reputation, it offers an agile and fluid customer experience that generates trust.
Leveraging identity verification across the entire customer journey across digital financial channels enables financial, phishing, and compliance risk management.
Cybersecurity is one of the highest priorities for financial solutions institutions around the world. It is important to recognize that fraud prevention is not only about implementing the best technology, but about integrating technologies to cover the aforementioned strategies that allow you to assess the different types of risks in real time, only then is it possible to combat threats successfully.
Cobis Topázio, the market leader in digital financial solutions in Latin America, offers easy-to-integrate components into your institution’s system to prevent fraud in an innovative and efficient way, in transactional channels, digital services and e-commerce.
Our solutions have endpoint protection in a complete ecosystem, analyzing risks in real time and implementing technologies such as artificial intelligence, machine learning and big data. In addition to monitoring and identifying the identity of your customers, we prevent money laundering and make digital businesses safer, more predictive and more efficient. Learn more about our highly integratable and scalable solutions here.