Digital banking fraud: 55% of frauds in India were third-party account takeover frauds

As per the 2024 Digital Banking Fraud Trends in India report by BioCatch a digital fraud detection platform powered by behavioural biometric intelligence, account takeover represents more than half of all fraud cases for its customers in India. The findings come on the heels of a recommendation by the Reserve Bank of India (RBI) that financial institutions in India are abandoning text-based one-time-passcodes as a method of secure authentication.

The existing OTP-based authentication doesn’t protect customers against new-age frauds, including customer-initiated fraudulent transactions

Charanjeet S.Bhatia, counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank

“The existing OTP-based authentication doesn’t protect customers against new-age frauds, including customer-initiated fraudulent transactions,” counter-fraud expert and former Head of Group Fraud Risk and Investigations at First Abudhabi Bank, Charanjeet S.Bhatia said in response to the RBI recommendation. “With the right technology and implementations, banks can do a lot more than what they are currently doing to protect customers.”

Read more: Enhancing security through technology: The future of safety measures

The report also notes a concerning bump in mule accounts in India, in line with what BioCatch data shows as a growing global threat. At one partner bank in the country, BioCatch found nine out of every 10 mule accounts went undetected.

A “money mule” or a mule account is established with a stolen identity. Money mules, individuals who are witting or unwitting participants, are then used to transfer illicit funds to other accounts. They become part of a logistical network that moves money to the pockets of criminals. Mules remain a massively underreported plague with every device found to participate in mule activity in India logged into an average of 35 accounts each.

BioCatch customers saw more mule activity (14% of the total) in Bhubaneswar than anywhere else in the country. Lucknow and Navi Mumbai accounted for 3.4% of recorded mule activity, two cities in West Bengal, Bhagabatipur and Gobindapur, 1.7% and 2.6% respectively, Mumbai 2.2%, Bengaluru 1.8%, and Cuttack 1.6%.

The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space

BioCatch Director of Global Fraud Intelligence Tom Peacock

“The prevalence of mule accounts potentially represents the most under-the-radar trend in the entire fraud space,” BioCatch Director of Global Fraud Intelligence Tom Peacock said. “The mule accounts banks succeed in identifying almost certainly represent just the tip of the iceberg. Indian financial institutions must employ more robust security measures to both detect and then shut down these sprawling mule networks.”

Read more: Cyber state: APAC business organizations & home networks face sophisticated cyberattacks

Account takeover attacks still dominatein India, accounting for 55% of all fraud. Third-party account takeover fraud still represents a bigger slice of the fraud pie than the social engineering scams.

Indian banks must pull up their socks and bolster their fraud defenses.

The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region. All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day

BioCatch’s APAC Vice President of Sales Richard Booth

“The fraud threats we see in India are a mix of both common threats seen globally and unique threats we find only in this region,” BioCatch’s APAC Vice President of Sales Richard Booth said. “All around the world, we’re seeing explosive growth in mule activity, fraud attacks, and scams that grow more sophisticated by the day. To combat this onslaught of fraud and financial crime, BioCatch continues to believe that banking and financial institutions need as much intelligence on the criminals, their tactics, and their fraud arsenals as possible.”

Fraudsters are likely accessing Indian mule accounts from outside the country. While 86% of the first session of documented mule account activity came from within India, after a month that number fell to just 20% – and 16% of those sessions used a VPN.