Cybersecurity Cloud & Data

Digital banking fraud: 55% of frauds in India were third-party account takeover frauds

As per the 2024 Digital Banking Fraud Trends in India report by BioCatch a digital fraud detection platform powered by behavioural biometric intelligence, account takeover represents more than half of all fraud cases for its customers in India. The findings come on the heels of a recommendation by the Reserve Bank of India (RBI) that financial institutions in India are abandoning text-based one-time-passcodes as a method of secure authentication.

The existing OTP-based authentication doesn’t protect customers against new-age frauds, including customer-initiated fraudulent transactions

Charanjeet S.Bhatia, counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank

“The existing OTP-based authentication doesn’t protect customers against new-age frauds, including customer-initiated fraudulent transactions,” counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank, Charanjeet S.Bhatia said in response to the RBI recommendation. “With the right technology and implementations, banks can do a lot more than what they are currently doing to protect customers.”

Read more: Enhancing security through technology: The future of safety measures

The report also notes a concerning bump in mule accounts in India, in line with what BioCatch data shows as a growing global threat. At one partner bank in the country, BioCatch found nine out of every 10 mule accounts went undetected.

A “money mule” or a mule account is established with a stolen identity. Money mules, individuals who are witting or unwitting participants, are then used to transfer illicit funds to other accounts. They become part of a logistical network that moves money to the pockets of criminals. Mules remain a massively underreported plague with every device found to participate in mule activity in India logged into an average of 35 accounts each.

BioCatch customers saw more mule activity (14% of the total) in Bhubaneswar than anywhere else in the country. Lucknow and Navi Mumbai accounted for 3.4% of recorded mule activity, two cities in West Bengal, Bhagabatipur and Gobindapur, 1.7% and 2.6% respectively, Mumbai 2.2%, Bengaluru 1.8%, and Cuttack 1.6%.

The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space

BioCatch Director of Global Fraud Intelligence Tom Peacock

“The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space,” BioCatch Director of Global Fraud Intelligence Tom Peacock said. “The mule accounts banks succeed in identifying almost certainly represent just the tip of the iceberg. Indian financial institutions must employ more robust security measures to both detect and then shut down these sprawling mule networks.”

Read more: Cyber state: APAC business organizations & home networks face sophisticated cyberattacks

Account takeover attacks still dominatein India, accounting for 55% of all fraud. Third-party account takeover fraud still represents a bigger slice of the fraud pie than the social engineering scams.

Indian banks must pull up their socks and bolster their fraud defenses.

The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region. All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day

BioCatch’s APAC Vice President of Sales Richard Booth

“The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region,” BioCatch’s APAC Vice President of Sales Richard Booth said. “All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day. To combat this onslaught of fraud and financial crime, BioCatch continues to believe that banking and financial institutions need as much intelligence on the criminals, their tactics, and their fraud arsenals as possible.”

Fraudsters are likely accessing Indian mule accounts from outside the country. While 86% of the first session of documented mule account activity came from within India, after a month that number fell to just 20% – and 16% of those sessions used a VPN.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

Can you really find parking in 5 minutes? Tech promises a breakthrough in Delhi-NCR

If you’ve ever circled endlessly in Delhi-NCR’s crowded streets, searching for a parking spot while…

22 hours ago

Decoding the future of advertising: How blockchain is solving ad fraud, privacy & engagement challenges

Advertising has never been about anything other than connection — brands connecting with people through…

23 hours ago

AI goes global: Best universities abroad offering world-class Artificial Intelligence degrees

As we navigate a world with algorithms predicting consumer behaviour, robotic-assisted surgical procedures, and intelligence…

5 days ago

Ness Digital Engineering launches ATONIS: An AI-powered engineering workbench to accelerate product innovation

Bridging intelligence and engineering maturity for a digital-first world Today’s engineering teams face mounting pressure…

1 week ago

War by algorithm: As AI & robotics enter our defense budgets what will our battlefields look like?

As Artificial Intelligence (AI) and robotics redefine the battlefield, how should we feel about it?…

1 week ago

Funding alert: Tech startups that raked in moolah this month

The Tech Panda takes a look at recent funding events in the tech ecosystem, seeking…

2 weeks ago