Authentication represents a critical security challenge for digital businesses of all kinds, with unauthorized access accounting for 43 percent of successful data breaches at companies in the United States in 2020. Consumer losses from identity fraud totaled $56 billion last year, and 53 percent of U.S. federal, state and local government agencies have observed a rise in account takeover fraud over the last two years.
Cryptocurrency exchanges are a prime avenue for various types of fraud and thus have an acute need for secure authentication to guard their platforms against bad actors. Cybercriminals stole roughly $300 million from crypto accounts last year through phishing schemes, phone number hijacking and fake crypto exchanges. Making matters worse is the fact that exchanges historically have been almost wholly unregulated, but growing fraud threats are bringing them under heightened regulatory scrutiny.
In the July/August edition of the Authenticated Payments Report, PYMNTS explores the latest in the world of payments authentication, including the unique cybercrime threats facing cryptocurrency exchanges. It also examines the authentication measures they are deploying to keep themselves and their customers safe and how regulatory entities around the world are cracking down on these exchanges to prevent digital fraud and money laundering.
Developments From The World Of Authenticated Payments
One major reason that regulators are keeping a close eye on cryptocurrency exchanges is their role in cybercrime and money laundering. Known crypto payments to and from illicit entities fell by about half in 2020 but still totaled $10 billion, with various scams accounting for $2.6 billion of this total. Identified ransomware payments also jumped 311 percent, but such cybercrime tends to be underreported and the actual growth is likely even higher.
Financial sector authorities around the world have responded to these increases in cybercrime by cracking down on exchanges with deficient know your customer (KYC) and anti-money laundering (AML) procedures. The United Kingdom recently banned leading player Binance from regulated operations after the firm refused to register with the Financial Conduct Authority (FCA), and banks Barclays and Santander blocked customers from making payments to Binance as a result. Crypto exchange Kraken, meanwhile, increased KYC requirements for margin trading for U.S. accounts to comply with Securities and Exchange Commission (SEC) rules.
The European Banking Authority’s (EBA’s) strong customer authentication (SCA) mandate has been a game-changer for the entire financial industry since it went into effect under the revised Payment Services Directive (PSD2). The new SCA rules mandate multifactor authentication (MFA) by payment service providers (PSPs) to safeguard card-based eCommerce transactions and other customer-initiated digital payments. A new report from the EBA shows substantial progress on the SCA front, with 99 percent of EU merchants now able to support SCA and 94 percent of all payment cards in the bloc being SCA-enabled. The EU has also announced plans to launch a digital identity framework that could upend the existing identity authentication landscape.
For more on these and other payments authentication news items, download this month’s Tracker.
How Coinbase Keeps An Eye On Regulations And Authentication Needs In The Evolving Crypto Exchange Space
Cryptocurrency is making waves all around the globe, with even mainstream financial heavyweights beginning to take notice of the space. Regulators are also paying more attention to crypto, however, and more closely scrutinizing the industry in an attempt to halt illicit activity. In this month’s Feature Story, Marcus Hughes, managing director of Europe and international general counsel at cryptocurrency exchange Coinbase, explains why cryptocurrency exchanges must create the framework to deal with the growing number of regulatory requirements in the space and details why robust authentication is a must to keep customers safe and satisfied.
Deep Dive: How Consumer Authentication Preferences Can Guide European Crypto Exchanges As They Combat Fraud
The EU has been cracking down on cryptocurrency compliance in recent years, and the exchanges located there have had varying degrees of success in meeting these new regulations. The new SCA rules require MFA, but this should be only the starting point for effective identity verification strategies. This month’s Deep Dive looks at exchanges’ high-stakes fight against identity fraud and how research into consumer authentication preferences can help these firms design and implement solutions that not only curb fraud but also improve user experience.
About The Report
The Authenticated Payments Report, a PYMNTS and LoginID collaboration, is the go-to monthly resource for updates on trends and changes in payments authentication.