Federal Reserve Bank of Boston

07/14/2026 | News release | Distributed by Public on 07/14/2026 09:23

The number of payment options is on the rise – and so is the risk of payment fraud

There are more ways to pay than ever. People and businesses exchange money through payments apps. A thumbprint or tilt of the phone covers groceries. A few clicks settles a month of bills. Everyone loves it - including fraudsters.

The growing choice of payments options has created a fragmented industry where the providers are tougher to monitor and everyday users are tougher to protect. In short, the risk of payment fraud is on the rise.

At one time, traditional financial institutions like banks were essentially alone in the payments space. But now various fintech firms and payments processors have staked a claim, adding new entry points of varying vulnerability. And criminals always target the weakest links, which are often you and me.

What can be done to secure this expanding landscape? To me, it starts with better awareness, more information sharing, and slowing down - so we can think before we act. And everyone must be willing to sacrifice some convenience for security, because unsafe payment options aren't really options at all.

Payment volume isn't changing, but how we pay is

Americans have been making roughly the same number of monthly payments for a decade. The 2026 Diary of Consumer Payments indicates Americans made an average of 47 payments per month in 2025, close to the 45 we averaged in 2016. But how we make payments has changed.

Yes, traditional payment methods like cash and checks have kept a steady, if smaller, place in the payments lineup. But digital payments have massive momentum.

The Worldpay Global Payments Report from 2025 indicated spending through digital payment methods rose from $1.7 trillion globally in 2014 to $18.7 trillion in 2024. It projects by 2030, the value of digital payments will exceed $33.5 trillion.

These payments are transmitted in various ways - through mobile phones, apps, and peer-to-peer networks (think Venmo, Cash App, etc.). And digital wallets are huge, including Apple Pay, Google Wallet, or options offered by retailers like Walmart. A Federal Reserve Financial Services survey indicates 58% of all consumers use digital wallets, including 78% of Millennials and 80% of Gen Z.

As these methods have increased, payment options have grown with them, and that couldn't have happened without nonbank providers jumping in. But that has implications for security.

Traditional banks are tightly regulated and forced to make security a priority. But nonbanks aren't subject to such stringent rules. They're also naturally focused first on whatever service they're offering, so security is not their primary focus. This can create a target-rich environment for fraudsters.

Scammers try to slip through the seams, or take advantage of our fears

One advantage for criminals is that data privacy guidelines vary by state, and only 20 states have comprehensive data privacy laws in place. So, deterrence and the quality of safeguards are uneven, and criminals look for seams they can slip through to access sensitive data.

If it turns out that a payments provider has strong defenses, the fraudster attacks an easier target: the customer.

How do they do it? One tactic is to try to get people to turn over their login credentials or personal information through urgent appeals that are familiar to us all, like "You'll lose access unless …!" and the ironic, "Your account may have been compromised!". Also, bots try to wear down our resistance with alarming message after message.

If the user gives away their information, the financial services provider can still stop the fraudster through its identify verification process. But the general demand for speed in payments complicates things. Can a provider recognize that a user is not who they claim to be in the milliseconds it has? This tough task is made tougher because fraudsters use AI to enhance their attempts to fool people.

So, what can we do to stop a shrewd, tech-equipped individual intent on doing damage? It's not easy, but some basic steps can make a real difference.

Defense against payments fraud starts in a familiar place - with you and me

I think it starts with a grim but general awareness that bad actors are relentlessly trying to collect our data and rip us off. I've long assumed that my personal data has been stolen at some point. This increases my vigilance to protect it from additional intrusions.

We also need to slow down. As noted, scammers use fake, urgent scenarios to get us to act quickly. But real situations where we must "Act now!" are thankfully rare. If people take time to think, they're less likely to act on emotion and fall into a fraudster's trap.

I think the advice to slow down applies at the industry level, too. User convenience is obviously a priority in the payments sector, but there are times when we need to focus more on security. I believe this change will be more than made up for by resulting decreases in fraud.

Finally, I think companies in this sector must be more proactive about sharing information, or practicing "coordinated intelligence." Resistance to information-sharing is natural among competitors, but the benefits are universal. The more information I have about an individual or transaction, the better I can protect my users and this growing, vibrant sector.

Federal Reserve Bank of Boston published this content on July 14, 2026, and is solely responsible for the information contained herein. Distributed via Public Technologies (PUBT), unedited and unaltered, on July 14, 2026 at 15:23 UTC. If you believe the information included in the content is inaccurate or outdated and requires editing or removal, please contact us at [email protected]