What is APP Fraud, and How to Protect Your Online Payments

While online payments simplified transactions, they also brought different types of threats. Authorized push payment (APP) fraud is among the major issues businesses and consumers deal with. App scams are growing increasingly prevalent, making it necessary to educate companies and individuals, since both are targets. Losses due to APP fraud are particularly frustrating because, unlike credit card scams, banks are not obligated to reimburse victims. So, you must not only know how this fraud works but also how to protect your business and customers to avoid unrecoverable losses.

What is Authorised Push Payment (APP) Fraud?

It’s a type of scam where bad actors trick victims into sending money to bank accounts the fraudsters control. Scammers use social engineering and other methods to collect information and pose as real organizations or individuals. They then contact victims and convince them that they are dealing with a legitimate payee. Credit card payments, online banking, and mobile wallets can fall prey to APP fraud. This kind of scam is troublesome to deal with because, as a business or individual, you conduct the transfer yourself. Hence, financial institutions and banks consider it your fault. For this reason, you should find ways to safeguard your payment processing to avoid falling for this fraud type.

How Does APP Fraud Work?

Do you know why online payments are susceptible to APP fraud? Due to fast and immediate transfers. The nature of real-time payments makes it difficult to reverse transactions. APP fraud takes advantage of the trust between businesses and consumers. APP fraud is simple, yet many people fall for it. Fraudsters access important information, such as email addresses, bank account details, and business names that a victim works with.

Then they pose as a trusted company or person to which the victim has to send money. The scammers ask for a payment and the targeted recipient approves the request. Usually, APP fraudsters time their request to coincide with when an individual or enterprise makes transactions. For example, your e-commerce business could get a fraudulent payment request from a supposed supplier around the time when you pay suppliers. When you send the funds, they go to an account that the scammers control.

The Different Types of APP Fraud

Another aspect of APP fraud to learn is that it doesn’t happen in one way. Here are its main forms:

Impersonation fraud

It is the most popular type of APP fraud, where scammers pretend to be someone else and ask for payment. For example, a fraudster might pose as a supplier or a manager in the same company and target the accountant.

Fraudulent payment request

This scam involves sending an invoice to a business and requesting them to settle it. The amount of knowledge a fraudster has about your business, especially your payment processing details, determines how successful this attempt will be. Fake payment requests can be hard to differentiate from the real ones.

Misdirection fraud

In some instances, scammers trick victims into moving large sums of cash into fake bank accounts. Online payments are vulnerable to this fraud type. A fraudster may call you to say that your bank or bank account has a problem, for example, it was hacked, and ask you to transfer money to a safer option, which they control.

Investment fraud

As the name suggests, fraudsters use investments to lure unsuspecting businesses or individuals. You could transfer money to invest in an attractive asset and lose all your funds.

How to Protect Your Business and Customers?

Knowledge is a powerful defense against APP fraud. Train employees on how to identify and prevent scams. They should learn how to tell apart legitimate payment requests from fraudulent ones. For instance, you can institute a strict process for approving suppliers and other partners. Educate employees and customers about password hygiene and basic security, especially when dealing with online payments.

Fraud detection and prevention measures in your payment processing are must-haves. Most systems have in-built security protocols to protect businesses and their customers. Real-time transaction monitoring, behavioral analytics, and two-factor authentication are some examples.

A clear payment process helps prevent APP fraud. When customers know what they are paying for and how you process those credit card payments, then building trust with them becomes easy.

Ensure that your payment processing includes data encryption to protect customer information. Bad actors can exploit vulnerabilities in your system to compromise sensitive details.


In this age of online payments, where transactions take seconds and a lot of information can be compromised, enterprises and consumers must be extra careful. Even people who think they could never fall for APP fraud can be victims because the simplicity of these scams is why you never see them coming. So, if you are to protect your e-commerce business, employees, and customers, understand how authorized push payment fraud works and how to spot different scams.