How banks are winning the digital wallet fraud war

How banks are winning the digital wallet fraud war

Phishing and fraud targeting digital wallets are surging globally, creating a growing challenge for banks and customers alike.

Tieto Banktech recently delved into how phishing and fraud in digital wallets are stopped. 

While services such as Apple Pay and Google Pay have made payments easier, they have also handed criminals a fresh attack route. Fraudsters harvest card details through phishing and trick cardholders into revealing activation codes. Once a card sits inside a wallet controlled by a criminal, it can be used without a PIN, opening the door to significant losses.

Tieto’s answer, launched in 2024, is Token Enrolment Monitoring (TEM), which scrutinises every attempt to register a card in a digital wallet. Signals such as IP address, language and location are checked against a customer’s typical behaviour, and suspicious attempts are frozen before activation.

Tieto Banktech quality & risk manager, Financial Crime Prevention Silje Andrea Kvernberg said, “If something doesn’t add up – such as an unfamiliar language or an IP address from a completely different country – the process is halted. The bank then contacts the cardholder to confirm whether the attempt is legitimate or initiated by a fraudster.”

Tieto Banktech fraud specialist Sverre Larsen said, “TEM alone stops between 70 and 80 per cent of all attempted digital wallet enrolment fraud. That means the majority never reach the point of being used. TEM is the frontline that gives banks the time and space to react.” He added that from 2024 to 2025, there was a 100% increase in cases related to digital wallet enrolment, underlineing the need for a strong first line of defence like TEM.

Attempts that slip past TEM face Card Transaction Monitoring (CTM), which flags purchases that break from behavioural patterns. Larsen said, “If a card is used in a shop in Norway in the morning, it’s highly unlikely that the same card is legitimately used in Asia that same afternoon. When such unusual activity is detected, the purchase is blocked and the customer is contacted. If confirmed as fraud, the card is immediately blocked, preventing further abuse.”

More than 60 banks use Tieto Banktech’s monitoring services. During a phishing wave in late summer 2025, around 3,000 cases were halted in TEM without losses, while CTM stopped or curbed hundreds more.

The scale of the threat is stark. In 2025, Tieto’s Defence Centre blocked fraud worth €1.132bn, more than triple the prior year, aided by its Blocking of Rogue Merchants tool, while 3D Secure Monitoring declined over €225m in transactions. In 2026, Money Mule Monitoring and Manipulation Risk Monitoring will add further layers.

Larsen said, “TEM isn’t built for one bank or one market. It’s modular, scalable and can be deployed across countries. The more cross-market insights we gather, the stronger the system becomes.”

For more insights, read the full story here.

Read the daily FinTech news

Copyright © 2026 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research

Investors

The following investor(s) were tagged in this article.