Payments industry seeks to keep pace with fraudsters

Dive Brief:

• Debit cards were the top payment method for fraud attempts last year, with almost three-quarters (73%) of financial institutions surveyed by the Federal Reserve Financial Services saying they experienced such attempts, according to results released Tuesday. Checks were also a common vehicle for fraud attempts (62%), followed by non-bank payment apps (36%), ACH transactions (31%) and credit cards (24%).
• Fraudulent debit card transactions were also the most expensive for financial institutions last year, with 52% experiencing losses, followed by checks (32%), non-bank payment apps (16%) and credit cards (12%), the survey of 362 banks and credit unions showed. While debit card losses increased 6% last year over 2023, check fraud rose 5% and non-bank payment app losses edged up 1% over 2023, according to the report.
• Other types of fraud the financial institutions experienced included those on mobile payment tools, wire transfers, remote deposit capture and real-time payment systems, the survey said.

Dive Insight:

“Fraud attempts and fraud losses were most notable in debit cards and checks, with increasing attempts and losses realized,” the Fed report said. “In addition to challenges with scams and mule accounts, traditional legacy fraud approaches like forgery, counterfeits, stolen mail and impersonating authorized parties were noted as primary drivers.”

The Federal Reserve Financial Services unit’s research echoed other reports indicating that card-related losses are on the rise. Over the next decade, fraud losses in card payments are predicted to reach $403.88 billion globally, according to a Nilson Report analysis released in January. Financial firms in the U.S. could face an uptick in fraud for card-not-present transactions, the report said. 

As financial institutions face persistent check-related fraud, the U.S. Postal Inspection Service has tried to address the issue with the help of the American Bankers Association. A year ago, the trade group teamed up with the government agency to educate bank and postal service customers about check fraud, spotting money mules or collusive account holders and enlisting law enforcement agencies as well as training postal and bank workers to identify unusual activity. 

While the industry works to fight check fraud, President Donald Trump is pushing federal agencies away from the antiquated payment tool in most transactions.

Last week, Trump issued an executive order requiring federal government agencies to stop issuing paper checks for its disbursements, including intragovernmental payments, benefits, vendors and tax refunds by Sept. 30. The executive order cited a rise in mail theft of checks since 2020 and banks reporting a rise in check fraud as a reason behind the change.

Dive Brief:

• U.S. consumers lost the most money last year by way of bank transfers and payments, with $2.09 billion disappearing through that form of payment, according to a report from the Federal Trade Commission that charted a record $12.5 billion in overall losses in 2024.
• The second-highest losses, by value, occurred when consumers were using cryptocurrency payments. Still, the instance of bank transfer and payments grew at a faster pace last year over 2023 than did the value of losses due to crypto, the March 10 FTC report showed.
• The highest number of reported cases of fraud occurred when consumers used credit cards, with 108,881 instances of fraud last year, according to the report, which detailed the various payment methods by which frauds occurred. The value of credit card fraud climbed to $275 million last year, up from 12% from $246.5 million in 2023.

Dive Insight:

The overall value of fraud losses jumped 25% last year over what was a record $10 billion in losses in 2023, the first year that such reported losses topped that milestone figure. Other reports suggest that the amount of actual losses is much higher because many instances of fraud go unreported.

The number of U.S. consumers who reported fraud last year actually fell by about three-quarters of one percent to 2.6 million, from 2.62 million in 2023, even as the value of those losses surged. Nonetheless, a higher percentage of consumers last year reported losing money as part of the fraud (38%) than was the case in 2023 (27%), the report said.

While the value of losses by way of bank transfer or payments rose about 12%, year-over-year, up from $1.86 billion in 2023, according to the report. That rate of increase outstripped the less than 1% increase in the value of losses due to cryptocurrency transactions, which increased slightly to $1.42 billion, from $1.41 billion.

Authorized push payments fraud, where consumers are tricked into sending payments to criminals, often by way of bank transfers, has been a rising problem, in contrast to bad actors finding ways to break into digital accounts and take money. The push-payment scams start with criminal schemes, such as in romance ploys, fake cybersecurity alerts or fictitious job offers.

Nonetheless, the incidence of reported bank transfer and payments cases declined by about 8% to 47,336 instances last year, down from 51,294, even as the value lost rose.

Companies in the payments sphere, including banks, tech titans or card networks, are increasingly seeking new ways to combat push-payment scams, including by sharing more data, increased engagement with law enforcement and better tracking of identities in the digital world. They’ve also begun to use artificial intelligence strategies, but the fraudsters are also harnessing AI tools.

Generally, the increase in losses could also be related to the rising number of ways that consumers are able to make payments, including via account-to-account bank transfers as well as digital wallets, peer-to-peer tools and cryptocurrencies. 

Fraud on payment apps and services overtook debit cards last year to become the second-highest payment method used for fraud, based on the instances reported by the FTC. Fraud on payment apps and services jumped almost 40% to 90,571 cases last year, up from 65,320 in 2023, the annual reports showed.

Zelle, operated by Early Warning Services, is one of the more popular P2P tools that allows for bank transfers. It has faced scrutiny from regulators and lawmakers in recent years. The Consumer Financial Protection Bureau sued Early Warning Services and three of its major bank owners in December, but the federal agency dropped the lawsuit early this month after the Trump administration took over from the Biden administration.

Other forms of fraudulent payments tracked in the FTC report included those made by checks, gift cards and wire transfers.

Sponsored content

By Adyen

In a world where fraudsters continue to innovate, there's a need for a systematic approach that helps all the actors involved in payment processing combat fraud without blocking good transactions.

Information is at the core of payment processing. Merchants, risk systems, acquirers, authentication engines and Payment Service Providers (PSPs) all attempt to evaluate and mitigate the risk associated with a payment. If the available information isn’t sufficient, any party in the chain can block a transaction based on their internal decisioning logic. And all these parties make that decision based on limited information.

This has real consequences on conversion. Our data shows that up to 9% of customers are unable to pay during checkout because their transaction isn’t accepted somewhere along the chain. On top of this missed revenue, merchants can face unexpected high costs – up to 3% of their revenue – because of fraudulent transactions.

The payments industry has tried to diminish the underlying information asymmetry, resulting in the introduction of effective technology such as network tokens, 3DS2 and digital wallets.

And while parties along the payment chain are trying to close the gap, there is a larger opportunity to build a better payments ecosystem.

A complex liability game with limited information

Payments processing is a complex liability game. Often, a party in the chain can’t make an informed decision on whether the user of the payment instrument is its true owner – crucial information to ensure correct and safe processing.

If the available information is insufficient, obtaining more evidence to confirm ownership often results in added friction for the shopper. Every extra input field or intrusive authentication check may lead to an increase in drop-off.

The issuing banks used by shoppers face similar problems at the end of the payment processing chain. Even when parties throughout the chain have made correct assessments, an issuing bank might simply decline the transaction request based on lack of information. A payment might pass checks by a fraud risk system with flying colors or at the skin of its teeth, but that context is unknown to the final decision maker in the chain, the issuing bank.

Even though issuing banks want to both prevent fraud and drive spend, limited information often results in prioritizing the former. To give an example of the payment paradox in action: We see that issuing banks in the U.S. decline transactions under suspicion of fraud simply because successful authentication took place: we see an 8% lower authorization rate for successful 3DS transactions versus transactions that did not go through 3DS.

Reducing false positives without compromises

In a world where fraudsters continue to innovate, there is a need for a systematic approach that helps all the actors involved in payment processing combat fraud without blocking good transactions.

The disconnected involvement of many parties in the chain results in complexity, especially since all decisioning and information exchanges need to happen quickly across fragmented systems and interfaces.

A lot of data is generated in real time – think of the device information, customer journey and behavioural metrics when a shopper presents a payment method online or in an app. This data is key for optimizing payments and accurate risk assessments.

Reducing this asymmetry in information is the problem to solve. The solution to address information asymmetry in payment processing combines two strategies:

1. Obtaining explicit confirmation: obtain explicit evidence that a shopper is the owner (authorized user) of the presented payment method and share this confirmation with the entire chain.

2. Trusting a partner: have parties in the chain rely on one party with the most information to make decisions on their behalf, without presenting additional friction to the end-user

Getting explicit confirmation of user identity

Getting more concrete proof of user identity provides stronger evidence that a shopper is the authorized user, or owner, of a presented payment method. Since phones are one of the few items that truly belong to just one individual, the key to prove ownership seems to be in our pocket.

Seamless payment authentication holds appeal for the customer experience as well. As shoppers adopt biometrics as a safety mechanism for using their mobile devices, they will come to expect this form of easy, non-intrusive security when making a payment.

Digital wallets

Apple’s and Google’s wallets intuitively address the problem of authentication. The biometric Face ID or fingerprint on the user’s mobile device seamlessly collects and verifies ownership of a payment instrument. Rather than frustrating a shopper with an added layer of authorization, digital wallets transform a drop-off point into an easy, fast and secure checkout experience.

Digital wallets have convinced acquirers, card schemes, issuing banks and other parties down the chain that the proof of ownership collected on-device (cryptogram) is as strong as issuing banks performing their own authentication with SMS or in-app confirmation, resulting in a shift of fraud risk liability from merchant to issuing bank. The data shows this too: we’re seeing 85% less fraud chargebacks for wallets compared to non-authenticated traffic.

Leveraging the biometrics on mobile devices has proven to be a major leap in providing enhanced security for payments. Unfortunately, it doesn’t solve the problem of fraud completely. Malicious users are finding new ways to commit fraud using digital wallets by exploiting the weak provisioning stage of some issuing banks.

FIDO and passkeys

Rapid developments around fast identity online (FIDO) and passkeys are expected to further accelerate the adoption of biometrics in payments to provide explicit confirmation of ownership. Passkeys are meant to replace passwords and based on public-key cryptography, unique to a website or application.

The industry-adopted FIDO standard opens up opportunities for other players to provide similar secure and seamless payment experiences. As an example, Pix, the fast growing instant payment method in Brazil, is working with PSPs to connect Pix accounts to mobile devices and leverage passkeys to create more intuitive payment experiences.

While it’s too early to tell if passkeys for payments are a game changer, they definitely help merchants unlock safe and seamless payments experiences similar to a digital wallet.

Trusted partner

Strong authentication techniques with biometrics and FIDO are a major step forward to meet the different requirements of key parties. One thing is for certain: fraudsters will continue to innovate. That’s why it’s important to address the problem of information asymmetry by relying on trusted partners as well.

If different parties in the chain rely on the party with the most high-quality information to make decisions on their behalf, one party can optimize for all the choices at hand.

Card schemes and payment methods have datasets that are sometimes even larger than those of PSPs. Yet their position in the chain comes with a disadvantage: they lack a direct integration with the merchant. On the other hand, risk solutions that don’t act as PSPs lack the scale in terms of data and can’t influence the payment experience, authorization messages, or share data with other parties.

Given their position in the chain and consequent access to customer (shopper) data, PSPs could be designated as the best party to orchestrate information streams to get to an optimal outcome. PSPs collect sizable datasets on global commerce, providing a strong basis to differentiate trusted shoppers from fraudsters.

This brings a logical advantage to merchants. Even if a shopper is new to them, the PSP has seen that shopper before. For Adyen, there’s a 90% chance we’ve seen a shopper before in retail.

A global PSP platform has the power to link individual transactions in order to build historical shopper context. This entity resolution unlocks the ability to derive new patterns and conclusions from groups of transactions to ultimately improve conversion in real time.

A PSP is directly integrated with the merchant and capable of collecting data, as well as influencing the real-time payment experience. PSPs can make decisions on fraud risk using the unique historical data of shoppers with more precision, decreasing false positives and the risk of blocking good shoppers.

They can also create better and faster payment experiences for trusted shoppers by, for example, dropping the credit card CVC or AVS fields in checkout, or not pushing additional authentication checks.

The case for a larger role for PSPs

The industry is recognizing that PSPs should play a larger role, with growing support for scheme’s data-only flows. This initiative is a convenient way for acquirers to share (merchant) data with issuing banks via EMV 3DS, an infrastructure that’s already in place for authentication. Our experiments with data-only are showing promising first signs of conversion uplift and significant decreases in fraud.

Similarly, certain issuing banks invest in data sharing with acquirers beyond existing rails orchestrated by card schemes such as CapitalOne’s Direct Data Share project. The open-source API allows acquirers to send over additional data a couple of milliseconds before the authorization requests. The benefits to the ‘risk score’ of the acquirer are obvious: we’ve observed a consistent 70bps+ increase in conversion without an increase in fraud on Capital One’s side.

To improve conversion and reduce fraud further, the industry should work towards a design where accurate filtering by a PSP gets rewarded by issuing banks in a much more transparent way.

A machine learning first approach to payment optimization

The value of PSP data for payment optimization only increases when combined with machine learning. The accuracy and precision of machine learning to combat fraud has proven to be superior to business rules with predefined conditions. On top of the obvious benefits of accuracy, scalability and timeliness, there’s an increased interest in the operational efficiency of machine learning as the macro-economic focus shifts to profit over revenue growth.

Historically, payment processing requires multiple sequential decisions that are made in isolation. For example, a fraud risk analysis would predict the probability of third-party fraud, while completely unaware of the authentication model. The next step for the industry would be shifting focus to a global optimal outcome instead of a series of local optimal outcomes.

With Adyen Uplift, we’re seeing strong evidence to back up the argument that models should be optimized globally. Combining individual decisions into one optimal outcome per shopper on a platform level will balance conversion, fraud and cost.

Explainability of machine learning models

While the increasing dependency on machine learning guarantees performance, there are new challenges to solve around possible conflicts of interest between merchants, PSPs and issuing banks. To help mitigate these challenges, interpretability and explainability of machine learning decisions are paramount.

Merchants need to test different risk and payment strategies that balance conversion, costs and fraud in parallel to find the sweet spot for their business. Systematic experimentation of AI solutions, controlled by merchants, will help them adapt to changing payment behaviors and refine models based on real-world data in a controlled environment.

Meaningful automation in payment management increases efficiency by reducing manual operations with control and impactful recommendations based on PSP-wide insights. Changes to the payments processing setup should go through an experiment to validate its impact on a merchant’s critical set of success metrics: conversion, fraud and costs.

Lastly, there needs to be continuous investment in carrying the responsibility of data. Large PSPs and acquirers with banking licenses are well positioned to do so, leveraging their strong controls around collecting, securing, storing and using payments data.

The future of payment processing

Addressing information asymmetry continues to be a top priority for all parties involved in payments processing. Increasing adoption around biometrics and digital wallets will help obtain explicit confirmation of user identity, reducing fraud without compromising user experience.

There’s additional value to be gained from those stepping up as a trusted partner to provide other parties in the value chain with correct and timely insights on the risk and identity behind transactions.

As machine-learning and large datasets evolve from nice-to-have to need-to-have, the use of experimentation tooling should be top of mind for all parties involved looking for more efficient and reliable payment infrastructure.

Want to learn more about our AI-powered payment optimizations? Discover the Adyen Uplift product suite.

Fraud losses topped $10 billion nationwide in 2023, according to Federal Trade Commission data, but that figure could be as much as $158 billion when adjusted for underreporting.

Underreporting is rampant due to shame, said several panelists at the virtual Fighting Payments Fraud in 2025 event Tuesday.

“Oftentimes, it isn't just the money that's gone: [Fraud] takes an insane emotional toll on the consumer,” said Stephanie Tatar, founder of Tatar Law Firm.

Even after being financially “wiped out,” the emotional impact of fraud is the hardest part, according to AARP Fraud Watch Network Executive Director Kathy Stokes. That’s what she’s hearing from participants in her organization’s victim support group.

“Sometimes that's because they were involved in a fraud that made them believe that they were in a trusted relationship with somebody – whether it's a love relationship or a strong friendship that grows over weeks, months, sometimes even years,” she said. “The other piece of that is just not having the support. People being afraid to say anything to anyone because they're so embarrassed.”

Fraud is at a “crisis level” across the globe, Stokes said, “and I would submit that fraud is the No. 1 crime in this country.”

Authorized push-payment fraud, where a victim is tricked into sending money to a scammer’s fraudulent account under false pretenses is just one type of scam. According to ACI Worldwide, Americans will lose $3 billion to APP fraud annually by 2028.

It’s relatively easy to become a victim, Stokes said, because scammers play to our fear response.

“If you can get your target into a heightened emotional state that allows the bypassing of logical thinking in our brains, it's sort of the fight-or-flight response,” Stokes explained during the panel discussion. “Our brains have been doing the same thing for 300,000 years, and a threat that your grandkid is in trouble or your account is being hacked is the equivalent of a saber-toothed tiger in our brains.” It’s called the amygdala hijack, she said.

Fraudsters may also have a victim’s highly personal information, like account information and Social Security numbers, and they share that with the victim – leading the victim to believe the person they’re talking to is a representative of their bank or payments platform, as they claim.

But much of that information is available for sale, warns Detective Matt Hogan of the Connecticut State Police. Data breaches are largely to blame for the accessibility of sensitive information, Hogan said during the panel conversation.

“You also have stolen mail, which has been a consistent problem for the past three to five years, [and] social media mining … There's really a wide swath of opportunities for them to get data, and it's relatively cheap,” he explained. A person’s bank credentials are for sale on the dark web for $25, he said. 

Stokes suggested language used to describe scams doesn’t capture the severity of the situation. For instance, she offered the word “criminal” as more appropriate to describe perpetrators than “fraudster.”

“We tend not to look at fraud as a crime perpetrated by a criminal,” she contended. “We've got to really put this in the right frame so that we understand that the victim is not at fault.”

“Speaking my language,” Hogan echoed.

Carla Sanchez-Adams, a senior attorney for the National Consumer Law Center, said stricter rules of liability would put some of the onus for these crimes on the companies that help facilitate them. She referenced telecommunications companies that let scam calls or texts slip through, or social media companies like Meta, that allow for scam products to be sold on Facebook Marketplace

“Part of the reason why [fraud is] successful is because of the lack of protections in some of these systems and the lack of incentives to make the systems more protective,” Sanchez-Adams said.

Although the Bank Secrecy Act requires banks to have strong customer due diligence, those perpetuating fraud do in most cases have bank accounts, she noted.

“Those financial institutions should be doing more to prevent those customers from receiving [money], to basically de-bank those customers that are committing fraud, and to ensure that they're not getting access to our financial system,” she said.

Tatar, who has represented victims of APP fraud, said banks can prevent victims’ emotional damage “if they just have the appropriate measures in place when a consumer disputes a transaction as unauthorized and have people that understand … the impact of such a scam.”

And while IDs, credit cards, phone numbers and IP addresses can be faked, consumer spending history can’t be — but that’s “oftentimes completely overlooked” in investigations, Tatar said.

Companies in the payments sphere, whether banks, tech titans or networks, are seeking and implementing new methods to combat push-payment fraud scams robbing consumers and corporate customers.

They’re advocating increased sharing of data, more action from law enforcement and a better way to track identities in the digital world, among other ideas to better battle scammers tricking victims into sending payments.

These are scams in which a company or a consumer are duped into sending, or pushing, a payment to criminals posing online as someone — such as a company representative or law enforcement official — they are not.

In 2023, payments fraud losses in the Americas were tabulated at $102.6 billion, according to a report last year from the research firms Oliver Wyman and Celent. Push-payment scams have become “increasingly prevalent,” the report said. Such losses are not only suffered by consumers, they’re also absorbed by the companies that guarantee payment safety.

Executives from tech juggernaut Google, payments network operator Nacha and the bank Truist discussed the problem and possible solutions during the Fighting Payments Fraud in 2025 virtual event hosted by Payments Dive and Banking Dive last week. 

“This is actually a national challenge,” said Denise Leonhard, who is the general manager for Zelle at Early Warning Services. “We all need to work together,” she said referencing the other panelists, and also with “government, industry and law enforcement to come together in order to solve this problem.”

Battling a complex problem

Push-payments scams embroil a dizzying list of companies in the payments flow, from telecom operators providing payment apps to banks offering accounts to fintechs innovating new tools. It’s also a problem with worldwide tentacles, often initiated by well-organized criminal groups in other countries, increasingly using technology to bolster their schemes.

Consumer education campaigns and messaging aimed at slowing down the sending of payments have in recent years been common tactics in the fight against fraud.

“We added little speed bumps along the way to just have people to stop and take a pause before they send a payment to somebody that’s not necessarily in their directory,” Leonhard said during one of the event’s panel discussions regarding how payments players are addressing the scams.

While companies involved in the payments flow are eager to stop fraud, they’re reluctant to add so many hurdles — sometimes referred to as “friction” — that consumers or corporate customers become frustrated and are less likely to pursue purchases or other transactions.

“It's a complex problem, because there’s this huge balancing act,” said Chris Ward, head of enterprise payments at Truist. “We want everybody to operate in safe, sound and secure manner; we want people to be held accountable if they commit a fraud; and we want to also have as frictionless payments as possible. And all of those three things are at odds with one another.”

There’s also additional complexity in that companies are managing huge volumes of payments across their systems, making it difficult to address every individual issue. Fraud is a “large scale problem,” said Noam Livnat, a group product manager at Google. 

“We're under constant attack in all sorts of ways,” Livnat said during the panel. “From an individual consumer’s perspective, obviously, it’s their whole world, and that’s the one thing that they see and the one thing that they care about. But at the scale that we all need to deal with, this becomes a question of optimizing the statistics, of making sure that we are catching as much fraud, and preventing as many scams as possible, while enabling as much good activity as possible.”

Addressing the trouble in new ways

To better protect payments and fend off fraudsters, payments companies are making new moves.

After Nacha heard from its bank and payment processor members that push-payment fraud was an “emerging threat trend,” it studied the problem and issued new ACH Network rules, advising members to adopt them by next year, said Devon Marsh, who oversees rules and risk management at Nacha.

Generally, there is a marketplace incentive for companies not to become the weakest link in the payments chain, Marsh also noted.

Executives who spoke during the panel discussion also pointed to a number of ways in which players in the ecosystem could further improve defenses, namely by pushing for more law enforcement; getting a better read of digital identities; and sharing more data with each other.

“I think we could really empower law enforcement with more resources to expose and prosecute the criminal,” Leonhard said.

To better fight bad actors, the federal government or state governments could also potentially help create a system by which it’s easier to identify and authenticate who is on the other side of a transaction, Livnat said.

“One thing that I think would be very helpful is for the government, and the states, to enable and promote more and better ways to manage the digital identities online,” Livnat said. “There's some movement around that, but that could be a very important component in helping us deal with scams and abuse and fraud in general at scale.”

Could more data be shared?

Sharing more data among banks and other companies would likely also help combat the fraudsters. “There are things that we probably could be doing more, if it was permissible to be able to share more information more broadly with folks that are in the ecosystem,” Ward said.

The scam problem has required a “sea change” in the industry, forcing participants to focus more on receiving accounts, which could also be mule accounts for criminals, Marsh said.

While there are initiatives underway on the data-sharing front, including one through the Federal Reserve last year, there are limitations in terms of current systems and legal permissions, he said. 

“Talking about the victim profile, even the receiving account number of a scammer, if you could share that in real time so others don’t send to it, that could be a good preventive measure, but it’s also not necessarily something that is allowed in the current framework,” Marsh said.

While there aren’t many restrictions on banks sharing information about the types of scams they’re experiencing, there’s not much “capacity” for them to share that information, Marsh noted.

Laws protecting individuals’ privacy and identities as well as other laws, such as the Patriot Act, sometimes hamper companies’ efforts to share data.

“Erring on the side of caution causes institutions to share maybe less frequently than they’re actually allowed to,” Marsh said. “The repercussions of sharing could damage another’s reputation. So, it’s a known opportunity, it’s just not widely pursued.”

Companies operating in payments are not only seeking to protect customers and avoid fraud losses and reputational harm, they’re very concerned about safeguarding an e-commerce system that is generating billions of dollars of commerce worldwide.

“Our main concern, and we're very motivated to help with that, is the health of the digital economy,” Livnat said. “If consumers lose trust in the digital economy, it’s not good for the overall economy, it’s not good for any online business, and it’s obviously not good for Google.”

Dive Brief:

• Fraud losses in card payments will keep rising over the next decade, culminating in $403.88 billion of losses worldwide over the next ten years, industry research firm Nilson Report predicted this month.
• The U.S. will be particularly hard hit mainly in transactions where the card is not present, such as in e-commerce payments, according to a Nilson press release earlier this month. That payments category is the most fraught in regions all over the world, Nilson said.
• "Criminals from outside the US do business inside the US because American merchants and card issuers are reluctant to impose the strictest fraud fighting technologies," Nilson Report Publisher David Robertson said in the Jan. 6 release.

Dive Insight:

Losses due to payments fraud have been growing in recent years, particularly in light of the increase in e-commerce sparked by the COVID-19 pandemic that began in late 2019. The impact has been keenly felt by U.S. companies and consumers.

The Federal Trade Commission said last year that U.S. fraud loss reports, including those related to payments, topped $10 billion for the first time in 2023. That was a 14% increase in losses over 2022.

In its report this month, Nilson put a finer point on those losses with respect to payments. Worldwide payment card fraud losses rose 1.1% in 2023, over the prior year, to $33.83 billion, the report said.

On the positive side, that increase was much smaller than the 4.7% global growth in spending at merchants and cash withdrawals from ATMs in 2023, the report noted. However, on the negative side, the U.S. has become a big target for such fraud. And that’s despite a worldwide improvement in fighting fraud, the release said.

The U.S. accounted for about a quarter of worldwide card spending, but endured about 42% of global fraud losses, Nilson said.

The amount of money lost to fraud, relative to overall card transactions, declined to 6.58¢ per $100 in 2023, compared to 6.81¢ per $100 in 2022, Nilson said. But that doesn't stop the overall loss figures from climbing.

"The industry keeps growing," Roberson said by email. "So even though fraud fighting is strong and steadily improving, secular growth in card sales keeps the dollars lost from declining."