Evolution of fraud and scams in Asia: The need for a unified defence

This article was first published in Financial Times.

In Asia, digitisation has occurred at a breakneck pace — particularly in south-east Asia, which has more than 400mn internet users as of 2024. While bringing significant economic opportunities, the speed of this change has also made Asia a major target for cyber fraud. 

It’s estimated that individual consumers in Asia collectively lost nearly $700bn in 2024 to digital scams. Incredibly, this number excludes losses incurred by businesses and multinational corporations, and shows the risks associated with just clicking on the wrong link or responding to a seemingly harmless text message.

For those with major roles in building and operating the digital ecosystem, whether financial institutions, governments, online marketplaces, social platforms, infrastructure providers or payment providers, we all need to come together to help educate as well secure and protect consumers as well as their digital credentials.

The consequences of digital insecurity

The UN Development Programme’s newly released Anti-Scam Handbook lays out the corrosive nature of this type of crime in stark terms: victims often experience “emotional, relational, and health consequences”. Scamming is now at the point where it “adversely impacts sustainable development and inclusive economic progress” and, overall, digital fraud erodes faith “in authorities and institutions”. 

There are some deep ironies here. The technological platforms being exploited by cyber criminals are some of the best tools we have to drive financial inclusion in this part of the world, but at the same time, those that are most in need of financial inclusion are often those most vulnerable to cyber fraud.

A united front on trust

The utopian vision is a security framework that asks nothing of participants in terms of needing to protect themselves. In that scenario, a comprehensive web of security, authentication and identity protection technologies would catch scam attempts before they ever arrived in a social feed or inbox, and well before a bank account was ever compromised. A new entrant into the digital economy could start using online banking and sending digital remittances without worry, because there are zero threats in the system. 

While this vision may not be entirely achievable soon, a truly comprehensive approach coordinated across the various ecosystem stakeholders could get us close. 

How would we get there?

The ethical sharing of data will play a fundamental role in moving us along this path, allowing participants with unique access to valuable information—such as patterns of fraudulent activity or suspicious behaviour—to make outsized contributions to security. For example, some institutions, such as banks and law enforcement, may have deep insights into financial fraud but lack the cutting-edge technology to analyse and act on this data in real time. Conversely, technology providers may have the tools to detect and mitigate threats but lack access to the broader datasets that would make those tools even more effective. In other cases, technology providers or digital operators are not allowed to share individual account and behavioural data as a condition of their licence and underlying data security protocols even if it might protect consumers, as existing regulations lack appropriate “legitimate usage” provisions for data sharing.

Given these complexities, it is therefore critically important to come together as an industry to discuss such issues and develop solutions to fight scams and cyber crime. This is what motivated Mastercard to sponsor the establishment of the Global Anti-Scam Alliance (GASA) in Singapore to facilitate dialogue across all the relevant actors, including institutions, agencies, platforms, regulators, networks and operators. By informing each other of our approaches and sharing best practices, we learn from others operating in different but connected environments, adding to the diversity of our solutions. Members can also use this dialogue to discuss how new solutions such as privacy-enhancing technologies (so-called PETs), under certain identified “legitimate usage” conditions, could enable the secure sharing of data between different types of platforms and operators who all have a vested interest in combatting cyber crime.

At Mastercard, we are also looking to enhance our own solutions using artificial intelligence capabilities. The latest generative AI-powered iteration of our fraud detection technology scans transaction data across billions of cards and millions of merchants at much faster rates than was previously possible, helping to boost fraud detection rates by 20%.

Mastercard is just one of many stakeholders working to address various problems and counter different types of threats. Recently, the Cyber Security Agency of Singapore released “Safe App Standard 2.0”, which aims to enhance mobile app security in Singapore and better protect transactions and user data. Additionally, the Singapore Police Force collaborates with cyber intelligence and emergency response teams to create informational materials targeted at vulnerable groups, such as senior citizens, offering tips to prevent online scams and phishing. By contributing to a safer digital environment, these efforts help foster broader trust in the digital economy.

Eradicating cyber crime might be a utopian vision for the time being, but different industries and countries coming together to better fight it is both realistic and necessary.