mobile fraud victim

Pay by Link is a growing trend in the financial services industry around the world. One of the simplest technology implementations, Pay by Link happens when a payer is asked to complete their bill payment by clicking on a link within a mobile app. Seems straight-forward enough. And some vendors in the tech industry argue that—with appropriate safeguarding (such as two-factor authentication of apps)—there’s nothing wrong in asking consumers to pay for things via a link.

Not that everyone agrees. Mobile payment fraud is growing, and is growing faster in the mobile ecosystem than anywhere else. The introduction of WhatsApp and text message fraud (new attack vectors that consumers are unfamiliar with) has added to the ones of regulators, scratching heads to prevent fraud from occurring at scale.

Just last month, OFCOM published data that, in 2020, more than 65% of the country received a suspicious or scam call or text over the three-month period. They report that text was the most used method, with 71% receiving a suspicious text and 61% of people aged 75 and over receiving a potential scam call to their landline.

 Interested in the debate? Download our White Paper

The challenge with prohibiting mobile fraud is that many individuals have been thrust into using digital devices to handle communications with suppliers, and pay bills—not through choice, but because providers are keen to cut their back-office costs and reduce call volumes. Generations of consumers beyond the years of digital natives find themselves grappling with mobile app interfaces and working hard to remember passwords they rarely use.

Against this backdrop, Pay by Link appears a simple solution to a complex problem for the app development teams of financial services companies. It’s not difficult to ask a consumer to click on a link—they already know how to do that. The problem is, that the broad consumer community lacks the digital awareness to know when a link is legitimate, and when it isn’t.

Join in the debate! Book your slot at the ‘To Click or Not to Click’ Roundtable event—23rd November, 1.00 PM

What we know is that financial services providers aren’t going to relent in their mobile app development plans. Eight out of ten banks expect real-time payments to drive revenue growth and displace payment cards over time. With that level of market opportunity, financial services providers are ramping up their in-house digital teams, seeing tech innovation as a key instrument in their competitive armoury.

Finbarr Joy is a serial CTO in the Financial Services industry. He thinks that Pay by Link is seen by many digital champions as a simpler route to achieving faster time-to-value on mobile bill payments apps, but that’s not necessarily a good thing for the industry. “It would be a struggle to argue that, with appropriate safeguards, Pay by Link ‘CAN’ be a safe route to making payment instructions from a mobile device. The challenge is, that the information security industry has been at pains to preach the message to users that clicking links is a bad idea; and now what we’re telling that audience that it’s sometimes okay to click on a link. That is a terribly confusing message.”

 Looking for alternatives to Pay by Link?

Explore Request to Pay

The information security industry is ramping up its narrative of not returning to the use of links in applications recognising the long term behavioural impacts could create a huge hike in payments fraud, already on the up. Phil Cracknell, former Cabinet Office Cyber Security Lead, finds this new trend alarming.

“What are customers meant to believe—when they’ve being told not to click on links in emails for years, now to be advised by their bank or supplier that it’s okay to click on links when providers make the re-quest on SMS or WhatsApp?”

It remains to be seen where the industry goes from here. With so much attention being given to financial vulnerability and fraud, it seems likely that regulators will have to step in if the industry continues on this path.

Join in the debate! Book your slot at the ‘To Click or Not to Click’ Roundtable event—23rd November, 1.00 PM

Ian Tomlin

Ian Tomlin


Ian Tomlin is a marketer, entrepreneur, business leader and management consultant. His passion is to help make great ideas happen. Relentlessly optimistic about the potential of technology for good, Ian’s 30+ year career has focused around the intersect of strategy, technology and marketing. He writes on subjects including workforce management, future of work, talent acquisition technology and organizational design.
Ian has written books, articles and guides on brand, digital transformation, enterprise applications, data science, and organizational design. He can be reached via LinkedIn or Twitter.