P20, the voice of the global payments industry, today announces publication of its latest report, titled “Payee Verification: Overview of Approaches used by Credit-Push Payment Systems”. This interim report from P20’s Regulation Working Group which focuses on Criminal Transactions and Fraud examines the early approaches being used to reduce authorized push payment (APP) fraud and compares the methods being used in the United States, United Kingdom, and Australia.
This report will be discussed at P20’s upcoming virtual fourth Global Payments Conference on September 29-30, details of which are to be announced soon.
P20 is in a unique position to conduct a review of payee verification methods given its global remit and industry-leading Board and Working Group members, including FIS, American Express, China UnionPay, Discover Financial Services, Mastercard, Visa, Paysafe, J.P. Morgan, Fiserv, Hogan Lovells, NatWest, Pollinate International and Elavon.
The report looks at how payee verification aims to reduce APP fraud by giving the payer confidence that the payee has not misrepresented who they are. It contrasts the two methods of payee verification: Payee Institution Verification, which directly queries the potential receiving bank regarding the name of its customer (by sending the payee name given by the payer); and Directory Verification, which queries a common directory of payees against similar criteria. The former procedure is used in the UK, the latter in Australia and USA.
Early P20 findings suggest the adoption of Payee Institution Verification is better suited to markets composed of limited numbers of banks holding the vast majority of deposit accounts, such as the UK, and a Directory approach is best for markets made up of larger numbers of banks.
The report identified at least one drawback to the Australian Directory system. Account holders must go through a process of selecting a unique alias from several options, including mobile number, account number and email address. Upon successful verification of the account holder and their chosen PayID, the financial institution registers the PayID on the platform for use by all participating banks. Then, however, during the verification process, the actual payee name associated with the alias is provided back to the payer. This could be easily resolved though, by the bank responding not with the account holder name but rather a confirmation of a match/close match, similar to the UK Confirmation of Payee system.
The P20 review comes as data reveals that COVID-19 has caused payment fraud to spike. Research shows that the global rate of attempted payment fraud has increased by approximately 50% since the beginning of the year. First, card not present transaction volumes have jumped significantly as people all over the world have been unable to shop in brick and mortar stores, creating more potential targets for fraudsters. Second, G20 countries alone have pledged $3.5 trillion of direct government spending, which criminals are attempting to intercept fraudulently.
Duncan Sandys, CEO of P20, comments: “P20’s working groups are driving cross-industry collaboration and tackling pressing issues affecting global payments. This review has highlighted key findings that will inform the industry on how to more effectively reduce fraud.”
The P20 Regulation Working Group will release its final report on Payee Verification in 2021, once it has had the opportunity to assess the early operation of Confirmation of Payee in the UK. Payee Verification: Overview of Approaches used by Credit-Push Payment Systems – Interim Report can be downloaded here.