The good news is that risk and compliance solutions work. The bad news is that, in response, criminals have taken the payments path of least resistance, shifting into systems with less oversight and more anonymity.
“Transaction laundering is mutating,” said Dan Frechtling, CPO at G2 Web Services, in a recent interview with PYMNTS’ Karen Webster. G2 Web Services provides merchant risk intelligence solutions for acquirers, commercial banks and their value chain partners.
A recent G2 whitepaper investigated the routes cybercriminals have taken and the strategies they now use in response to increased security oversight in the traditional online payments space.
As payments and commerce increasingly move online, the industry has focused heavily on creating powerful risk and compliance solutions to stave off illicit activities. G2 found that, in response, cybercriminals have shifted their illicit transactions to alternative payments systems, new entrants and cryptocurrency. Fraudsters’ relentless search for vulnerabilities in these systems has spawned a new threat G2 calls “payment laundering.”
Traditional payments institutions have grown up with strict rules, regulations and standards for processing, said Frechtling. He noted that alternative payments, while innovative, fast and time-saving, haven’t had the same compliance, risk and security processes built into their core like traditional payment methods.
“If you don’t have a card network looking over your shoulder, then you don’t go through the same risk procedures,” Frechtling said. “You don’t have the same risk tolerance — so you may unknowingly enable illicit commerce.”
G2 has found that alternative payments providers — including P2Ps, mobile payments, money transfers and eWallets — are increasingly providing sponsorship and access to high-risk merchants. Often, these payment brands are unknowingly enabling this commerce because, as Frechtling said, they haven’t had to look for it before.
Frechtling outlined ways that G2’s whitepaper found cybercriminals have managed to take advantage of alternative payment systems and cryptocurrencies to run illicit activities.
One such method is what Frechtling called a “redirect.” G2 found a criminal network operating illegal online pharmacies in Europe. To bypass processing transactions through their merchant accounts, they redirected customers at checkout if they selected a credit card as their payment method. Customers were prompted to use a bitcoin exchange to convert their payment, rendering the transaction anonymous and nearly unrecorded.
For G2, bitcoin has become an increasingly good indicator of criminal activity, said Frechtling.
“We’ve seen the presence of bitcoin grow dramatically over the past three years on sites selling prohibited content otherwise prevented by card networks,” he said. “In 2014, we saw it on 2 percent of the violating sites. In 2016, we found it on 11 percent of violating sites.”
Additionally, Frechtling said, Europol investigations found some 40 percent of criminal-to-criminal payments were bitcoin-funded.
Another method G2 found is what Frechtling called an “alibi.” G2 and its clients found and terminated the merchant accounts for a website connected to an online drug syndicate.
Instead of folding, Frechtling said, the violators posted a message on the websites claiming their credit card processing was down and that alternative payments would be accepted. On a separate occasion, the website contacted customers directly via email, requesting they use a peer-to-peer network, thereby bypassing the need for a traditional merchant account.
Frechtling noted that many alternative payments providers may often be unaware their systems are being exploited.
“Somebody might be stealing your brand and putting it on their website to make it look as though you’re accepting your blue chip payment method,” he said. “You may not know your brand is being used as a payment method on the website, and it may not be on the website at all. It could be an alibi.”
While the current situation may seem dire, Frechtling said there are actions to combat the fraudsters that alternative payments providers can take. Monitoring their customer base and the businesses associated with them is an important step for alternative payment providers. “If you want to be an alternative payment provider,” he said, “know your customer and do your proper due diligence.”
But that’s not where the story ends. Frechtling said that brands need to survey and monitor the web on a global level to see where they’re being mentioned, where they’re being used and where they haven’t authorized their use. With a few exceptions, Frechtling said, the task of monitoring the web is too large to do in-house — even for providers with web-crawling capabilities.
“We’re talking to some of the largest payment providers, and they’re asking for our help,” he said. “Even if you can say you have a web-crawling capability, you won’t be able to do this. It’s about the back doors, the payment methods that you and crawlers can’t see on the visible web.”
Identifying repeat offenders and prior perpetrators is also a key step, Frechtling noted. “It’s the very same guys getting kicked out of merchant accounts who are going right into alternative payments. They know there’s a soft underbelly.” By taking these steps, alternative payments providers can work to ensure that they prevent fraudulent transactions and inadvertently enabling criminal activities online.