Is a tide of Pay by Link adoption adding to payer vulnerability?

mobile fraud victim

Are Pay by Link solutions facilitating increased fraud risk?

One of the simplest technology implementations, Pay by Link is a growing trend in the financial services industry. Pay by Link describes the process of a payment request that happens by clicking on a link. Seems straightforward enough. Some in the tech industry argue that—with appropriate safeguarding (such as two-factor authentication)—there’s nothing wrong with this method.

However, it’s not always the case. Payment fraud is growing faster in the mobile ecosystem than anywhere else. The introduction of WhatsApp and SMS fraud has added to the ones of regulators, scratching heads to prevent fraud from occurring at scale.

Just last month, OFCOM published data that, in 2020, more than 65% of the country received a suspicious or scam call or text over the three-month period. They report that text was the most used method, with 71% receiving a suspicious text and 61% of people aged 75 and over receiving a potential scam call to their landline.

The challenge with tackling mobile payment fraud is that many individuals have been thrust into using apps to handle communications with suppliers, and pay bills—not through choice, but because providers are keen to cut their back-office costs. Older generations of consumers find themselves grappling with mobile app interfaces and remembering passwords they rarely use.

Against this backdrop, Pay by Link appears a simple solution to a complex problem for the app development teams of financial services companies. The problem is, that the broad consumer community lacks the digital awareness to know when a link is legitimate, and when it isn’t.

What we know is that financial services providers aren’t going to relent in their app development plans. Eight out of ten banks expect real-time payments to drive revenue growth and displace payment cards over time. With that level of market opportunity, financial services providers are ramping up their in-house digital teams, seeing tech innovation as a key instrument in their competitive armoury.

Finbarr Joy is a serial CTO in the Financial Services industry. He thinks that Pay by Link is seen by many digital champions as a simpler route to achieving faster time-to-value on mobile bill payments apps, but that’s not necessarily a good thing for the industry.

“It would be a struggle to argue that, with appropriate safeguards, Pay by Link ‘CAN’ be a safe route to making payment instructions from a mobile device. The challenge is, that the information security industry has been at pains to preach the message to users that clicking links is a bad idea; and now what we’re telling that audience that it’s sometimes okay to click on a link. That is a terribly confusing message.”

The information security industry is ramping up its narrative of not returning to the use of links in applications, recognising the long term behavioural impacts could create a huge hike in payments fraud, already on the up.

It remains to be seen where the industry goes from here. With so much attention being given to financial vulnerability and fraud risk, it seems likely that regulators will have to step in if the industry continues on this path.

Ian Tomlin

Ian Tomlin

Author

Ian Tomlin is a marketer, entrepreneur, business leader and management consultant. His passion is to help make great ideas happen. Relentlessly optimistic about the potential of technology for good, Ian’s 30+ year career has focused around the intersect of strategy, technology and marketing. He writes on subjects including workforce management, future of work, talent acquisition technology and organizational design.
Ian has written books, articles and guides on brand, digital transformation, enterprise applications, data science, and organizational design. He can be reached via LinkedIn or Twitter.

 Looking for alternatives to Pay by Link?

Explore Request to Pay

 Interested in the debate? Download our White Paper