Payments trends report 2024
Discover how AI-driven innovation, blockchain advancements, and evolving consumer behaviours are reshaping the payments industry.
January 3 2025
by Payments Intelligence
What’s the article about?
A roundtable discussion among merchants addressing the evolving challenges of fraud in their operations across various sectors.
Why is it important?
It highlights the necessity of advanced fraud detection and greater industry collaboration.
What next?
Improving regulations, using technology for detection, and fostering industry-wide cooperation.
On 19 November 2024, merchants from across sectors gathered in London as part of The Payments Association’s Financial Crime 360 (FC360) series to address the ever-evolving challenge of fraud in their operations. From payment fraud and chargebacks to cybercrime and emerging AI-driven threats, the roundtable provided a dynamic platform for merchants to share their experiences, strategies, and concerns. This session drew participants from diverse industries, including retail, travel, telecommunications and hospitality, each grappling with unique yet interconnected fraud challenges.
As fraud continues to grow in sophistication, merchants are increasingly at the forefront of the battle against financial crime. Fraudsters, armed with advanced technologies and professional networks, are exploiting gaps in systems and consumer behaviour. The discussion underscored the pressing need for end-to-end visibility, improved fraud detection technologies, and greater collaboration across sectors.
Participants:
The discussion began with a stark overview of fraud trends, highlighting how criminals are continually adapting their methods to exploit new vulnerabilities. Participants noted that while unauthorised fraud, which accounted for annual losses of £709 million, such as remote purchase, remote banking and lost and stolen cards, has remained relatively steady, authorised fraud—particularly investment, purchase, impersonation and romance scams—has surged in recent years to £460 million.
Mark McMurtrie (TPA) opened the session by presenting data showing how fraud tactics have shifted from physical card theft to more sophisticated digital scams. “Criminals are professionalising their operations, constantly evolving to exploit the weakest links in our systems,” he explained. This sentiment was echoed by Murray MacKenzie (Virgin Media O2), who described the rise of international scam call centres: “The level of professionalism is astounding—they operate with precision, from persistent call-backs to escalations, offering a ‘service’ better than many legitimate businesses.”
The unique challenges of certain sectors came to light during the conversation. Lin Tao (Prezzee) highlighted the disproportionate risk her industry faces: “Gift cards are inherently attractive to scammers due to their high liquidity and minimal traceability. Balancing fraud prevention with maintaining a good service to customers is a constant struggle.” Similarly, David Kershaw (TFL) described how fraudsters constantly look for vulnerabilities. “We are investing in new technologies to prevent fraud taking place on our network,” he said.
Chargebacks emerged as a shared pain point across sectors, with merchants expressing frustration at how the process works. Katherine Bailey (Valor Hospitality Europe Limited) explained how customers manipulate chargeback systems to claim refunds for services they’ve already consumed: “The guests enjoy a stay or experience and then dispute the charges. The card issuers often side with the customer without consulting us, which is unfair and costly.” Gitika (TFL) shared a similar concern about how customers can manipulate the process for double compensation: “Sometimes, customers raise a refund and then also initiate a chargeback, essentially getting compensated twice. This is a loophole that needs to be closed.”
The topic concluded with participants agreeing that fraud is no longer limited to traditional theft or hacking. Instead, it encompasses increasingly complex schemes that exploit systemic gaps, from first-party fraud to sophisticated AI-driven scams. As Tao summarised, “Fraudsters are becoming more creative, and so must we. The challenge is not just detecting fraud but anticipating its evolution.”
A recurring theme during the roundtable was the challenge of balancing robust fraud prevention with a seamless customer experience. As consumer expectations for frictionless payments grow, merchants face the dilemma of introducing security measures that can inadvertently disrupt the user journey, risking customer dissatisfaction or abandonment.
MacKenzie highlighted this tension: “Customers demand a zero-friction experience, especially in e-commerce and retail. But the same customers expect us to safeguard their transactions from fraud. Meeting both expectations is like walking a tightrope.” He shared how his organisation had implemented a daily fraud review forum, bringing together directors from every department to ensure fraud measures were aligned with customer needs.
The conversation delved into the concept of “appropriate friction.” Kershaw emphasised the importance of tailoring security measures to the specific risks of each transaction. “We can’t treat a low-value bus fare the same as a high-value travel pass,” he explained. “It’s about introducing friction only where it’s warranted, like adding verification for transactions above certain thresholds.” Several participants agreed that selective, dynamic friction could both deter fraud and preserve the customer journey.
However, Bailey noted that industry-specific challenges often complicate this approach. “Hotels require pre-authorisations, which can confuse or frustrate customers, especially if it ties up their funds unnecessarily. We try to educate guests, but there’s always pushback when standard procedure to protect our revenue is perceived as a hassle,” she said.
Tao pointed out the role of technology in achieving this balance. “Orchestration layers that unify fraud detection systems are key,” she explained. “With a single capability evaluating risk across the entire customer journey, we can apply friction precisely when needed, rather than bluntly across all interactions.” Others echoed the need for integrated systems, which reduce redundancies and ensure fraud prevention tools work in harmony without disrupting the customer experience.
Education also emerged as a critical area for improvement. Bailey stressed the importance of educating both customers and internal teams: “Customers need to understand why certain measures are in place, and staff must know how to explain these processes effectively. Otherwise, friction is seen as incompetence rather than protection.”
The group also discussed the potential of consortium data platforms to enhance fraud detection. Bailey noted that while such platforms exist, they are often limited by narrow definitions of fraud or sector-specific focuses. “For example, what’s considered fraud in hospitality might not align with what retailers or transport operators experience. To be truly effective, consortiums need to accommodate the diversity of fraud types,” she said.
The need for greater collaboration and data sharing was a central focus of the discussion, with participants acknowledging that fraudsters operate as highly organised networks, often outpacing individual businesses’ efforts to combat them. To counter this, merchants can collaborate more effectively, leveraging shared intelligence to close systemic vulnerabilities.
McMurtrie highlighted the current gaps in data sharing: “Fraudsters share information better than we do. They exploit our siloed systems while we struggle to connect the dots across sectors. We need to mirror their model of collaboration if we hope to keep up.” This view was widely supported, with participants pointing to examples of successful industry-level initiatives, such as fraud consortiums, which pool resources to identify and mitigate threats.
Tao described the difficulties of navigating the legal and organisational hurdles that often impede data sharing. “From the fraud team’s perspective, sharing data with partners seems logical, but businesses are often hesitant, citing privacy concerns and lengthy legal processes. Overcoming these barriers is essential for a united front against fraud,” she explained.
The group also discussed the potential of consortium data platforms to enhance fraud detection. Bailey noted that while such platforms exist, they are often limited by narrow definitions of fraud or sector-specific focuses. “For example, what’s considered fraud in hospitality might not align with what retailers or transport operators experience. To be truly effective, consortiums need to accommodate the diversity of fraud types,” she said.
Adding to the challenges of effective collaboration, Rohilla shared TFL’s proactive approach to dealing with issuers over problematic chargebacks: “We’re collaborating closely with issuers to address chargebacks, particularly for codes like ‘service was not provided,’ where we can verify that services were indeed used by the customer, and we are successfully winning these disputes. Additionally, for the chargeback code ‘not authorised,’ we have adhered to the authorisation rules under the transit model. Given the high volume of such chargebacks, we are actively challenging unfounded claims.”
Kershaw raised the challenge of ensuring that shared data translates into actionable insights. “It’s one thing to share data; it’s another to make it meaningful. We need systems that can process shared information in real-time, flagging risks without overwhelming teams with false positives,” he explained. This sparked a broader conversation about the role of technology in bridging the gap between collaboration and action.
Participants also touched on the potential for government-backed initiatives to facilitate data sharing. Tao suggested that public-private partnerships could help standardise processes and foster trust between organisations. “A centralised repository for fraud data, supported by the government, could provide the transparency and neutrality needed to encourage participation across industries,” she proposed.
The section ended with a unanimous call for a cultural shift towards collaboration. As McMurtrie summarised, “Fraud is a collective problem, and it demands a collective solution. The more we share—data, insights, and strategies—the stronger our defences will be. It’s not just about protecting individual businesses but safeguarding the entire ecosystem.”
The role of technology in combating fraud was a key topic of discussion, with participants debating both its potential and its limitations. Emerging tools such as artificial intelligence (AI), machine learning (ML), and biometric behavioural analytics were highlighted as game-changing innovations, though concerns about implementation challenges and fraudsters’ use of similar technologies tempered optimism.
MacKenzie set the stage by emphasising the transformative impact of AI in fraud detection: “Ten years ago, analysing fraud patterns took weeks of manual effort. Today, AI can process the same volume of data in real-time, identifying anomalies we’d never have spotted on our own.” Several participants echoed this view, pointing out that AI is particularly effective in detecting complex fraud schemes that evolve faster than rule-based systems can adapt.
However, concerns were raised about the dual-use nature of these technologies. Kershaw observed, “AI is a double-edged sword. While it helps us improve fraud detection, it also enables fraudsters to enhance their scams. Their AI tools are often faster and more agile than ours because they aren’t constrained by regulation or ethical considerations.” This sparked a discussion about the importance of staying ahead in the technological arms race against criminals.
Education around these tools also emerged as a priority. Bailey pointed out that many organisations invest heavily in technology without adequately training their teams: “If staff don’t understand how to use the tools effectively, the technology’s potential is wasted. Training is just as important as the software itself.”
As the section concluded, participants agreed that while technology is essential to staying ahead of fraudsters, it must be implemented thoughtfully and supported by skilled teams. As Kershaw summarised, “Technology gives us the edge, but only if we use it intelligently. It’s not a silver bullet—it’s part of a broader strategy.”
The roundtable concluded with a robust discussion on the regulatory landscape and its impact on fraud prevention for merchants. Participants highlighted both the opportunities and challenges posed by existing frameworks, emphasising the need for clearer guidelines and greater alignment between regulatory bodies and industry practices.
McMurtrie opened the discussion by underscoring the limitations of current regulations. “Regulatory frameworks like PSD2’s Strong Customer Authentication (SCA) have helped establish baseline protections, but they often fail to keep pace with the evolving nature of fraud,” he remarked. Several participants noted that while SCA has reduced some forms of fraud, it has also introduced new challenges, such as increased friction for legitimate transactions.
Kershaw shared his concerns about inconsistencies in chargeback rules, which disproportionately affect merchants. “Card issuers often make judgment calls on service disputes without consulting merchants or understanding the nature of our transit business, leaving us to bear the financial and operational burden,” he explained. Bailey added that this issue is particularly acute in the hospitality industry, where subjective service claims frequently lead to chargebacks: “It’s frustrating that card issuers act as arbiters of disputes when they lack the context to make informed decisions.”
Tao highlighted the UK’s lack of a national digital identity system as a significant regulatory gap. “Without a unified approach to identity verification, fraud prevention becomes exponentially harder,” she explained. Several participants agreed that establishing a secure digital identity framework could mitigate many fraud risks, though they acknowledged the political and cultural resistance to such initiatives.
Looking ahead, the group explored potential solutions for enhancing regulatory collaboration and enforcement. McMurtrie suggested creating a dedicated task force to align industry stakeholders with government priorities. “Public-private partnerships are key,” he said. “We need regulators, merchants, and financial institutions working together to create practical, enforceable standards that reflect real-world challenges.”
Education around these tools also emerged as a priority. Bailey pointed out that many organisations invest heavily in technology without adequately training their teams: “If staff don’t understand how to use the tools effectively, the technology’s potential is wasted. Training is just as important as the software itself.”
The session closed with a shared sense of urgency to evolve regulatory frameworks in step with technological and criminal advancements. As McMurtrie summarised, “Fraud is not static—it’s constantly adapting. Our regulations must be just as dynamic if we’re to stand a chance of staying ahead.”
Discover how AI-driven innovation, blockchain advancements, and evolving consumer behaviours are reshaping the payments industry.
APP scams cost UK victims over £340 million in 2023, exposing systemic vulnerabilities and the urgent need for stronger fraud prevention and collaboration.
Open banking faces rising fraud risks, demanding industry-wide collaboration and smarter security solutions to build trust and resilience.
The Payments Association
St Clement’s House
27 Clements Lane
London EC4N 7AE
© Copyright 2024 The Payments Association. All Rights Reserved. The Payments Association is the trading name of Emerging Payments Ventures Limited.
Emerging Ventures Limited t/a The Payments Association; Registered in England and Wales, Company Number 06672728; VAT no. 938829859; Registered office address St. Clement’s House, 27 Clements Lane, London, England, EC4N 7AE.
Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.
We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.
Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.
Please click the button below which relates to the issue you’re having.
Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association
Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.
For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.
The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.
Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.
Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.
For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.