Blog article
See all stories »

Can Pay-By-Bank apps stop payment fraud ?

Pay-by-Bank solutions are suddenly the fashion in the payments world. Solutions are available from HSBC, JP Morgan, Barclays, JP Morgan, Mastercard and World Pay to name a few. How do they work and do they help or hinder fraud? They promise convenience at the point of sale. But, what about fraud? Do they help combat that?

Billers whose consumers already pay from their bank can choose to integrate Pay By Bank solution on their existing payments page. At checkout, consumers select ‘Pay-by-Bank,’ where they will be prompted to find their bank. There they will verify themselves using their own bank’s familiar authentication process, a biometric scan, for example, and securely share their bank account information with the bank to complete the payment on behalf of the biller.


The Pay-By-Bank product can utilise Open Banking protocols in the background to reduce payment fraud. As the service gets taken up by more merchants it has the potential to reduce fraud across the payments landscape as it uses the bank’s security systems to verify the user and the payment. The key benefits of the product are that no third party intermediaries are involved and the customer does not need to key in their card details, pin numbers or passwords to make the payment.  The user experience is different depending on the device the customer is using but it is very intuitive and customers should not experience any problems.

Consumers have peace of mind as they never need to share their payment information and security with the merchant, there is nothing to download, no new passwords or payment details (all of which could be compromised by a bad actor. The consumer sees the before and after account balance almost instantly. Finally, they can quickly find all connected retailers within their banking app.

Merchants benefit as all transactions are authenticated by the customer’s own bank app – therefore fraud liability is shifted to the customer’s bank resulting in fewer chargebacks and payments being near instant. An obvious limitation is that merchants want that want to use PaybyBank App, will need to partner with an acquirer bank or payment service provider that can process MasterCard transactions. They will also only be able to process PaybyBank App transactions if a payer’s bank also supports Pay by Bank App.

The card issuer benefits as Pay-by-Bank puts the trusted bank brand at the center of consumer payments. This gives the customer the confidence they are looking for when making a purchase.

It appears therefore that the technology behind Pay-by-Bank reduces the likelihood of unauthorized transactions and frees merchants from the need to retain, and the responsibility to securely maintain consumer banking information.

An ongoing concern of mine is the rampant growth of APP (authorized push payment) payment fraud where a payer, often an individual consumer, instructs their payment service provider (PSP) to send money from their own account to another account. PSPs can include banks, credit unions, and electronic payment institutions etc. The payments happen instantaneously so are difficult to prevent. The payments are typically executed via CHAPS or Faster Payment System (FPS).  APP fraud occurs when the payer is deceived into making an APP to an account controlled by a fraudster. Once the money has left the bank account it is gone!

But, be under no illusion fraud isn’t totally eliminated with Pay-By-Bank. One avenue is closed as the merchant doesn’t see the card/ bank details and they are re-keyed by the customer. However, the device/ computer may be controlled by a bad actor - in which case the account owner will still be liable for the purchases/ money transfers made from the account. The bad actor could use your phone, or computer to make purchases at multiple stores using Pay-By-Bank and clean the account out before you are even aware.

History teaches us that as banks and card issuers prevent one method of fraud, the bad actors quickly devise new more advanced methods to bypass rules-based and ML technologies. With dark marketplaces, fraudsters purchase compromised accounts and emulate legitimate fingerprints via the use of bots and browser plugins.

Pay-By-Bank does provide an additional level of security. This initiative and others like it by other major banks are to be welcomed. By using technology, AI, and other tools available we as an industry are narrowing the window of opportunity for scammers.  This is not a time to rest for the industry we need to redouble our efforts and create new innovative products that protect customers and their money.


Comments: (2)

Melvin Haskins
Melvin Haskins - Haston International Limited - 18 November, 2022, 09:121 like 1 like

Please tell me how Pay-By-Bank differs from  a Variable Amount Direct Debit, which has been available from UK banks for 30 years or more. I cannot see any difference.

Gian Mahil
Gian Mahil - The FinTechGuys - London 18 November, 2022, 14:46Be the first to give this comment the thumbs up 0 likes

Hi Melvin, the two are different beasts all together. With a iVariable Amount DD it is something you would set up with say a utility company to pay a bill regularly - but don't know the amount it is going to be each week/ month/ quarter etc. The Pay-By-Bank is very different it isn't recurring - its a one off payment (useaully a Faster Payment)  that you authorise - without revealing to the merchant your bank details. So you protecting yourself at the point of sale (or website) by not revealing your bank details in any way to the payee (merchant). 

Gian Mahil

Gian Mahil


The FinTechGuys

Member since

08 Mar 2021



Blog posts




This post is from a series of posts in the group:

Payments strategies 2015-2020-2030

Payments systems visions, strategies, trends, pilots, forecasting, and planning for the short-, medium-, and far-term.

See all

Now hiring