“Front Door” fraud – for instance App Malware on a consumer’s phone – is well documented, but in many markets “Back Door” fraud is an even greater problem.
From its anti-fraud deployments across 4 continents, Empello is increasingly seeing significant Back Door fraud, and in some countries it has reached alarming levels and has outstripped App Malware.
Back Door fraud
Back Door fraud is when a fraudster discovers how to infiltrate the value chain and execute payments without a consumer or device being present.
For instance, a fraudster may create visits to a payment page from a fake, non-existent device, or may mimic a dynamic URL used by a payment aggregator.
This creates fake requests for a payment transaction, but there is no consumer request and not even a consumer device.
Backdoor fraud exhibits the following features:
– A fake payment journey may be created at various stages – at the merchant stage, the payment aggregator stage or direct to the mobile operator. There is no actual consumer phone present.
– The fraudster is usually connected in some way to the value chain, for example via an advertising network, merchant or aggregator
– Weaknesses in the payment process are exploited, typically at the aggregator level.
– Anti-fraud measures to stop Front Door fraud – such as App Malware – are often not effective at stopping Back Door fraud
Growth of Back Door fraud
In many markets anti-fraud measures and operator policies have been introduced to bear down upon various forms of fraud in Carrier Billing.
In some countries there is not enough “good” business to sustain the current ecosystem, and so the risk of merchants and/ or payment aggregators being subject to Back Door fraud is increasing.
Back Door fraud should be prevented by the payment processor (in Carrier Billing, usually the “aggregator”), but for various reasons this is not always effective. In recent weeks, Empello has identified major breaches affecting many thousands of consumers.
Empello White Paper detailing instances of Back Door fraud
Further details of security breaches and specific scenarios of Back Door fraud have been compiled in a White Paper, which Empello is issuing this week to tier 1 Mobile Operators.
Preventing Backdoor fraud
Backdoor fraud can be prevented by Empello’s antifraud solution, which includes protections such as issuing secure tokens, to ensure that transactions processed by the Mobile Operator only include genuine consumer requests.
We are happy to provide detailed information for confidential discussion with Mobile Operators.