COVID-19 is reshaping the digital economy, as digital payments evolve from being a nice-to-have to an essential service. But with increased usage comes increased risk, as cyber criminals now have more opportunities to scam people with malware and phising attacks.
“In this time of critical need, clearly it is not just the good people who are interacting with our systems,” said Guru Bhat, VP for omni-channel and customer success at PayPal during a virtual media briefing on trends and threats to digital transactions amid COVID-19. “That is where our [PayPal’s] responsibility becomes even more critical.”
According to PayPal, online transactions rose by 20 percent year-over-year, with branded transactions increasing by over 43 percent in January and February. During Q1, the global leader in digital payments also saw an addition of 10 million net new accounts.
A Google Transparency Report confirmed that the number of active phising sites rose from 149,195 in January 2020 to 522,495 in March 2020, marking a 350 percent increase. PayPal officials also noted that there was a significant increase in the number of fake websites during the pandemic.
These cyber threats are likewise growing in sophistication, with some hackers now integrating artificial intelligence into their tactics. Bhat said that cyber criminals are now able to create programs that mimic human behaviors online to trick people into providing their personal or financial information.
At the same time, smishing, phishing and identity fraud are still prevalent globally.
“Cyberattacks is not an ‘if’ question, it’s a ‘when’ question,” emphasized Phoram Mehta, chief infosec officer for PayPal Asia-Pacific. “No matter what you do, as long as you use software, as long as you have a presence on the internet, sooner or later, you are going to be attacked.”
He added: “Crises like COVID are perfect opportunities for them [cyber criminals] to do more damage.”
Mehta anticipates that Asia-Pacific companies will be investing more in cybersecurity but noted that SMEs in the region face higher risks due to lack of budgets and expertise.
Staying ahead of security threats
As of end-2019, PayPal had a total of 305 million active accounts. On average, it processes over 33.8 million transactions per day and $22,577 payments per second. Despite these massive transaction volumes, the company boasts one of the industry’s lowest fraud rates of any payments platform.
According to Mehta, PayPal constantly explores innovations to protect its global ecosystem. The company uses end-to-end risk solutions to manage everything from customer onboarding to payment authorization to backend risk management. It applies multiple layers of technical controls to ensure systems are kept secure while threats are detected and mitigated.
Currently, 80% of security incidents at PayPal are handled through automation. The company also has dedicated Cyber Defense Centers in the United States and Singapore, which provide proactive security monitoring 24 hours a day.
According to Bhat, PayPal’s dedication to innovation in cybersecurity is buoyed by its commitment to its stakeholders.“We are not really just a payments a company,” he said. “We are a trust company […] That is the number one priority for us as a company. Without that trust, we don’t exist as a business.”