.svg)
The Manhattan District Attorney’s (DA) Office has asked the companies that own Venmo, Zelle, and Cash App to provide better consumer protections following a spike in payment app thefts.
There has been a growing number of incidents in which unauthorised users have gained access to unlocked mobile devices in Manhattan and across the US. Threat actors have drained bank accounts, made purchases using mobile financial apps and used personal information to open new accounts.
“No longer is the smartphone itself the most lucrative target for scammers and robbers — it’s the financial apps contained within,” said district attorney Alvin L. Bragg.
“Thousands or even tens of thousands can be drained from financial accounts in a matter of seconds with just a few taps. Without additional protections, customers’ financial and physical safety is being put at risk. I hope these companies accept our request to discuss common sense solutions to deter scammers.”
In some instances, fraudsters ask to borrow a victim’s smartphone and then quickly send large sums of money to themselves through their financial app. In others, they ask for a charitable donation for a specific cause, offer to transfer the money directly from the victim’s smartphone and then transfer funds to their own account.
Violent offenders have assaulted or drugged victims, forcing them to provide the password for their device or using their biometric ID to access the device and transfer money.
Additional security measures required
“In all of these cases, we believe further security measures to prevent unauthorised access to unlimited use of your financial services would have prevented such crimes,” the DA’s Office stated in letters to Venmo, Zelle and Cash App.
It offered several solutions the apps could implement:
- Add a second, separate password for accessing apps on a smartphone as a default security option.
- Impose lower daily transaction limits by default.
- Hold funds for up to a day and require secondary verification for large transactions.
- Improve account monitoring for unusual transfer activities and ask for confirmation when suspicious transactions occur.
Bragg requested a meeting with representatives from the apps to discuss the steps they are taking to protect customers from thefts and scams.
The owners of Venmo, Zelle and Cash App responded that they are aware of the incidents and working to protect customers’ funds.
A spokesperson for Early Warning Services, the network operator of Zelle, stated: “We are aware of isolated criminal incidents described in the Manhattan District Attorney’s letter.
“As a result of our continued efforts to build on Zelle’s strong foundation of security, less than one tenth of 1 percent of transactions are reported as fraud or scams, and that percentage keeps getting smaller.”
“Our efforts include implementing industry-leading fraud and scam prevention measures for consumers like in-app safety notifications, and send limits and restrictions. For network banks and credit unions, we’re helping to screen out bad actors with free tools. We also invest in ongoing consumer education efforts and have brokered public-private partnerships to do so.”
A spokesperson for PayPal, which owns Venmo, stated: “PayPal and Venmo take the safety and security of our customers and their information very seriously.
"In addition to proactively leveraging sophisticated fraud detection tools, manual investigations, and partnering closely with law enforcement agencies to protect our customers against common scams, we have several options in place to enable enhanced layers of security and protection directly within our apps.”
A Cash App spokesperson said: “Cash App continues to be committed to building trust with our customers and investing in areas that help build a safe and secure platform.
"We work proactively and diligently to safeguard our customer’s money and mitigate against the risk of fraud on our platform through a combination of preventative controls like multi-factor authentication, account transaction limits, fraud detection, and consumer education.
"We also partner with law enforcement agencies to detect and combat criminal activity.”
