Legacy systems feed rising fraud threats
Customers of banks and payment providers are increasingly falling victim to scams. In 2023, nearly 36% of all banking customers in the US experienced some form of fraud, with over $10 billion lost, up three times on 2020. Scammers exploit vulnerabilities in outdated systems using phishing, account takeover, and payment diversion techniques.
Legacy infrastructure, designed decades ago, lacks the real-time processing capabilities necessary to detect and mitigate cyber-attacks effectively.
This outdated technology also stifles innovation, preventing banks from offering the seamless, secure payment experiences that customers now demand. McKinsey, a consultancy firm, found that 70% of banks’ tech budgets are spent on maintaining core systems, limiting their ability to quickly respond to emerging threats and innovate to meet changing customer needs. And this is costing banks more than just maintenance. Banks paid over $10.4 billion in fines for non-compliance in 2020 alone, with a significant portion attributed to inadequate systems.
Bank customers want faster, more secure payments
Customer preferences for faster payments and better payment experiences are on the rise. In the US, real-time payments are gaining traction. A Federal Reserve and PYMNTS study found that 62% of consumers would opt for instant payments if given the chance. Adoption of real-time payment systems like The Clearing House’s RTP network has also experienced a surge in transactions. The network processed over 82 million payments in the second quarter of 2024, a rise of over 30% year-over-year. Zelle, a peer-to-peer (P2P) payment service widely used in the US, reported $806 billion in payments in 2023, reflecting the increased demand for faster and seamless payments.
However, many banks still lag due to their reliance on outdated infrastructure. Legacy systems prevent these institutions from meeting customer expectations. As a result, fintech and challenger banks like Chime and Venmo are filling the gap with more modern and user-friendly payment platforms.
Another disadvantage of these systems is the inability to support digital products and services, leading to poor customer experiences such as slow transaction processing and limited payment options. This making it crucial for these institutions to upgrade their systems. Banks that offer better customer experience have the potential to grow three times faster than competitors that don’t. One survey found that over half of the customers said they would switch to a competitor if they experienced an unsatisfactory interaction.
A modern tech stack enables faster, more secure payments
The advantage of modernization is the ability to integrate AI and ML to improve cybersecurity and fraud prevention. Fraud can be detected in real time, identifying suspicious patterns before fraudulent activities occur. For example, JPMorgan Chase has invested in AI-powered fraud detection systems that monitor transactions in real time to detect anomalies and suspicious patterns.
AI-driven tools are crucial in mitigating the risk of payment fraud, which remains one of the most significant pain points in the industry. LexisNexis reports that North American financial institutions incur an average of $4.41 in fraud-related costs for every dollar lost to fraud, underscoring the need for robust anti-fraud measures.
Modernization also enables the deployment of analytics to prevent fraud: this has helped banks see a 50% reduction in false positives compared to traditional detection methods. Data-driven strategies enhance operational resiliency, enabling institutions to pivot quickly in the face of evolving threats. This allows banks and payment providers to take pre-emptive action, minimizing downtime and improving customer satisfaction. Mastercard, for example, uses AI to detect when stolen debit and credit card details are being used.
Positively, banks are investing heavily in these technologies. Research from Infosys shows that AI and cybersecurity account for nearly 60% of bank tech budgets. And this number is growing. A proactive approach that embeds security throughout the product development lifecycle is crucial.
Balancing cybersecurity with customer experience
The challenge for US banks and payment providers is to balance the need for robust cybersecurity with delivering a seamless customer experience. As fraud risks rise, customers demand both security and ease of use. An overly complex, security-heavy process can alienate customers, while lax security opens the door to fraud. A proactive, integrated approach to security can address this challenge without stifling innovation. The following five-step approach provides a framework for banks and payment providers to embed security into every stage of product development:
- Assess the current state of security: Evaluate existing security controls and identify areas for improvement. Regular security assessments can uncover vulnerabilities in legacy systems and guide the implementation of robust security measures.
- Align strategy and culture: Security must be a core element of an organization’s culture. Banks should align their security strategy with business objectives to ensure that it enhances, rather than hinders, customer experience. Engaging employees across all departments in cybersecurity training and awareness programs is essential to creating a security-first mindset.
- Adopt a risk-based approach: Not all systems and data require the same level of security. Banks can allocate their cybersecurity budgets more effectively by prioritizing resources based on threats’ likelihood and potential impact. For example, systems that handle customer data or large financial transactions should receive more rigorous protection.
- Leverage secure by design: Secure-by-design is a key foundation of cybersecurity. This tried-and-tested approach embeds security into every stage of product design rather than treating it as an afterthought, and it remains vital for financial institutions building new systems, mobile applications, and customer interface.
- Draw on shared experiences: Sharing knowledge and best practices across the industry is critical to staying ahead of evolving threats. US. banks can participate in organizations like the Financial Services Information Sharing and Analysis Center, which fosters collaboration on cybersecurity threats and strategies. Banks can stay updated on the latest threats and solutions by learning from peers and sharing insights.
As payment scams become increasingly sophisticated and customer expectations for faster payments continue to rise, banks and payment providers face a critical choice: modernize their technology infrastructure or risk losing out to more agile competitors. A proactive approach to cybersecurity integrating security into every stage of product development will enable banks to innovate without compromising safety. Those institutions that can strike the right balance between security and innovation will emerge as payment industry leaders.
Raghav Agarwal
Regional Head of Financial Services for North America| Infosys
Raghav Agarwal is the Regional Head of Financial Services for North America at Infosys and a member of the Global Financial Services Executive Leadership team. He oversees strategic business sub-segments such as Cards and Payments, Market Infrastructure, Exchanges and Data Providers, and FS Canada, while managing key client relationships with Global Banks. With extensive experience in Financial Services, Raghav drives digital transformation and innovation by leveraging data, business domain knowledge, design, and technology to create business value. He completed Stanford University’s Global Leadership Program and holds a computer science degree from Madan Mohan Malviya Engineering College in India. Outside of work, Raghav is passionate about daily meal programs and actively participates in local soup kitchen and pantry initiatives in New Jersey, always eager to collaborate with clients on social causes.