Authorised Push Payment Fraud – Everything You Need To Know and Why You Should Care

3 types of retail fraud_featured image

One of the many challenges in our post-COVID world has been a steep rise in financial fraud, and one of the most common types of fraud facing consumers is Authorised Push Payment fraud.

In this blog, we'll cover everything you need to know about APP fraud, from how it works to how your business can begin combatting it to protect your customers.

What is Authorised Push Payment fraud?

Authorised Push Payment fraud, or APP, is a type of fraud where the fraudster can persuade a victim to transfer funds to them. Also known as bank transfer fraud, APP works by convincing the victim that the fraudster is a legitimate party.

Depending on the approach, the fraudster will impersonate a loved one, a lawyer, a business associate, an accountant, and so on. Unlike some other types of modern fraud, APP fraud doesn't rely on complex technologies or procedures.

Instead, it uses social engineering tactics. It can occur over email, text, or phone but it’s most common right now in online spaces.

How does APP fraud work?

While no two Authorised Push Payment scams are conducted exactly the same way, here’s how it generally works.

Asset 3The fraudster will do a bit of pre-work, gaining information that will help convince their victim that they are a legitimate party. This could mean extracting the victim's name, events, and bits of personal history via various techniques.

Asset 2Then, depending on who the fraudster is planning on imitating, they’ll take measures to appear legitimate. This could mean appropriating logos, creating a fake website, etc.


Asset 1Then, it's time to contact the victim and execute the APP fraud. The fraudster uses all the information they've collected, presents their false credentials, and urges the victim to send them money promptly.


APP fraud by numbers

Of course, it's one thing to hear about Authorised Push Payment fraud in the abstract and another thing to see its real-world impact. To give you an idea of why APP is a severe threat that should be on your radar, let’s look at the state of APP fraud in the UK.

200,000 UK cases

In the UK alone, there were nearly 200,000 reported cases of Authorised Push Payment fraud, in 2021 alone. These were a mix of attacks against personal and non-personal accounts, with 7,000 being against non-personal accounts.

In other words, the overwhelming majority of APP fraud victims are not corporations or high-level employees. They're everyday people who are unfortunately targeted by these scams.

£583.2 million in losses

According to UK Finance, £583.2 million was lost to APP scams in 2021.

This shows that these sorts of scams are not only commonplace but also highly effective and concerning — especially because most of the targeted victims were consumers rather than large corporations.

39% growth year over year

Authorised Push Payment fraud is growing at a rate of 39% year over year. This means that more and more citizens are prone to becoming victims of one of these scams.

It also means that companies can no longer ignore the threat of APP fraud. It's up to businesses and organisations to protect their customers, employees, and users so that they do not fall victim to an Authorised Push Payment fraud attempt.

How to combat Authorised Push Payment fraud

Fortunately, we know that it’s possible to move forward and start preventing the rise of Authorised Push Payment fraud. By embracing the steps below, you can protect your customers against APP fraud.

Shifting from reimbursement to prevention

The first step businesses need to take to protect themselves and their customers is shifting their focus away from reimbursement and prevention.

Rather than thinking that the solution to APP fraud is a reactive one, start investing in proactive measures. Recent studies into the issue have found that issuing effective warnings is a strong preventative step.

Build a layered security profile on your customers

Next, businesses need to create layered profiles for their customers. The more information you can use to correctly identify a customer and reassure them that they're having legitimate interactions, the harder it will be for fraudsters to exploit them.

It’s crucial to invest in fraud protection services

Your business can protect its customers against Authorised Push Payment fraud by investing in fraud protection services. These are robust enterprise-grade security measures specifically designed to counteract threats like APP.