The fraud starts with familiarity The call looks legitimate – the bank’s name flashes up on the screen, the voice is calm and professional, and the story is urgent but plausible: “We’ve detected suspicious activity; we need to protect your funds.” Within the first minute, trust is built through tone, confidence and urgency. The victim believes they’re speaking to their own bank. This is the moment credibility is created – the point at which the criminal takes control.
Stop fraud before any money leaves the account
APP Fraud Check from XConnect identifies and stops social-engineering scams in real time – before funds are transferred. Built on the SAFr platform, it analyses live call data at the exact moment of payment to detect coercion, giving banks and contact-centre teams the power to prevent losses instead of refunding them.
APP fraud isn’t a data breach; it’s a human hack. Victims are manipulated into moving their own money. With XConnect’s APP Fraud Check, you can see what’s really happening on the network – and stop it.
Market context
Authorised Push Payment (APP) fraud has become a major exposure for UK banks. Under the new reimbursement framework from the Payment Systems Regulator (PSR), both the sending and receiving banks are jointly liable for scam losses, each responsible for 50% of the customer’s reimbursement.
The numbers from UK Finance are stark:
- Losses from APP fraud in 2024 were just over £450 million.
- Case volumes dropped to under 186,000 incidents in 2024, but the value of successful scams remains high.
- In the first half of 2024 alone, APP losses reached £213.7 million, with 97,344 cases reported.
- Telecoms-based channels (calls, texts) accounted for around 16% of cases and 35% of total losses.
Regulatory context.
Regulation is uncompromising.
The PSR’s requirements, effective from 7 October 2024, demand that every UK payment firm under the Faster Payments Service implement mandatory reimbursement processes, transparent data-sharing, and effective real-time fraud detection. The PSR legislation is not a guideline – it’s an enforceable standard.
Banks must demonstrate they can identify, prevent, and report APP scams consistently, across every channel. Those that fail face not just financial penalties but regulatory censure.
The financial impact extends well beyond reimbursements. Compliance work, investigative overhead, and reputational damage all erode margins. And once a customer believes “my bank let this happen”, the real cost is trust. The banks that can stop APP fraud before it happens will suffer less churn.
How APP Fraud Works
1. Hook and credibility
2. Coaching and control
Over the next 10 to 20 minutes, the scammer keeps the victim on the line. They use reassurance and authority to block outside advice: “Don’t hang up – this call must stay open for security.” The victim is carefully guided through login screens, payee setup, confirmation codes and payment limits. What looks like a protective action is actually the fraud unfolding in real time. The criminal maintains psychological control by keeping the call alive and the pressure constant.
3. Authorised payment
At around the 20-minute mark, the transfer is made. The victim genuinely believes they’re moving money to a ‘safe account’. In truth, they’ve just completed the fraud themselves. It’s a transaction that passes every technical check because, from the bank’s perspective, the customer is behaving normally – logged in, authenticated and authorised. No alarms sound because no system can see the deception taking place on the call.
4. Reassurance and realisation
Even after the transfer, the fraudster doesn’t hang up. They stay on the line, keeping the victim calm and occupied while the funds are laundered through mule networks. By the time the victim calls the real bank, the money is gone – often within thirty minutes of the first contact. For the customer, it feels like betrayal; for the bank, it’s another reimbursable loss. The only way to stop it is to detect the live coercion signal that ordinary fraud defences cannot see.
1. Customer initiates new payment or payee
When a customer adds a new payee or initiates a transfer in their banking app or online banking, the bank’s fraud systems instantly assess risk. This is the most critical point in the transaction flow – the window where coercion is most likely to occur. XConnect’s APP Fraud Check activates at this precise moment, bringing network-level intelligence into play while the customer still believes everything is normal.
2. API call and network operator discovery
As the payment flow begins, the bank’s server makes a secure, server-initiated API call to the SAFr platform’s APP Fraud service, sending the customer’s mobile number (MSISDN). SAFr then identifies which mobile network the number belongs to and connects directly with that operator to query live call status. This process happens seamlessly, using encrypted communication channels, with no personally identifiable information exposed or stored.
3. Real-time visibility into live call activity
Within milliseconds, the operator returns the key fraud-detection indicators: whether the device is currently on a call, the call’s direction (incoming or outgoing), and its duration. If the number is engaged in a mobile-terminating call - meaning the customer is receiving a call - and that call has been active for several minutes, the risk level increases sharply. This real-time network insight gives banks the one signal traditional systems cannot see: whether the customer is actively being coached by a fraudster.
4. Detect coercion and flag the transaction
The SAFr platform analyses the operator’s response and flags potential coercion events back to the bank’s decision engine in under 100 milliseconds. From there, the bank can automatically pause, block, or escalate the payment for human review—preventing the transaction before funds are released. It’s a friction-light process invisible to the customer but invaluable to the bank, turning real-time network data into an immediate, actionable defence against APP fraud.
Stops losses early
Detects coercion before a payment is completed, preventing losses before funds ever leave the account. By identifying live calls during transactions, banks can halt high-risk transfers instantly, cutting reimbursement costs, safeguarding customers, and staying compliant with the PSR’s reimbursement requirements.
Reduces investigation load
Fewer fraudulent payments mean fewer cases to chase. By stopping scams in real time, APP Fraud Check reduces operational strain on fraud and compliance teams, shortens case resolution times, and frees investigators to focus on complex, high-value threats rather than post-event recovery.
Integrates effortlessly everywhere
The service connects directly into existing fraud and AML systems through a single low-latency API call. It’s fast to deploy, lightweight, and fully compliant, giving banks and contact centres an instant, network-grade fraud defence without disrupting established workflows or customer experience.
Enables real-time intervention
Provides call-centre agents and fraud teams with immediate visibility when customers are on live calls during high-risk payments. This empowers staff to intervene before coercion results in financial loss, combining human judgement with live network intelligence for stronger customer protection.
Strengthens regulatory defence
Demonstrates active compliance under the Payment Systems Regulator’s reimbursement framework. With transparent decisioning and audit-ready logs, banks can prove they took reasonable preventative action, reducing liability exposure while reinforcing their commitment to customer protection and operational resilience.
Protects trust and reputation
Every prevented scam strengthens brand confidence and customer loyalty. APP Fraud Check not only reduces financial loss but also preserves the perception of safety that defines leading banks. It shows customers their bank is proactive, vigilant, and genuinely protecting them.
Technical Overview
A low-latency, ultra-secure, frictionless integration built around the same SAFr platform infrastructure used for SIM Swap, Call Forward and KYC Match, APP Fraud Check delivers real-time, compliant protection at network speed.
Because of its singular nature, all services can be served in the same, single API call, meaning you can all other mobile checks with zero extra integration. You also get all your results at light speed. Less dev time, lower costs and super-easy deployment.
- Latency: ~50–100ms depending on operator response.
- Integration: One secure API call to the SAFr APP Fraud endpoint.
- Data security: No PII visible or stored – pure network status check.
- Scalability: Built for millions of transactions per day.
- Compliance: Fully GDPR-aligned and operator-approved.
- Deployment: Cloud, on-prem, or hybrid.
Broader impact and use-cases
Not just prevention – protection, trust, and compliance
- Retail banking: Protects customers from social-engineering scams and reduces PSR liability.
- Call-centre environments: Flags at-risk customers in real time, enabling agents to intervene.
- Business and corporate banking: Prevents fraudulent internal payment redirection.
- Payment service providers and fintechs: Adds a compliance-grade fraud layer without UX friction.
- Insurance and lending: Blocks transfer scams and fake payout redirections.
APP Fraud Check is not just a fraud-detection tool – it’s a trust-preservation layer that stops the most human - and most stressful - kind of crime before it happens. Any enterprise that needs to protect against social engineering attacks, on their customers and their staff, should consider APP Fraud protection.
Privacy-first architecture
Built specifically for regulated environments, APP Fraud Check analyses only call-state metadata — never identity data, audio or content. It operates with full end-to-end encryption between bank, SAFr platform and operator, ensuring zero data persistence and total customer confidentiality.
Regulatory-ready compliance
Provides audit-ready logs for PSR, FCA and GDPR reviews, giving banks tangible proof of proactive risk control. It fits seamlessly within existing AML and ID&V workflows, helping compliance teams evidence operational diligence and satisfy emerging reimbursement obligations under the PSR’s Operational Standards Requirements.
Real-time performance
SAFr delivers ultra-low latency results – typically 50–100 milliseconds – using live operator data to assess risk without slowing customer journeys. Banks gain a real-time signal of coercion, enabling immediate decisions within payment flows and preserving both security and conversion performance.
Flexible deployment options
The solution integrates easily into fraud, AML and risk-decisioning systems through a single API. It scales across retail, corporate or call-centre environments, supporting local or international operations with consistent logic, secure data handling and predictable performance across multiple operator networks.
Telecom-grade resilience
Built on the same proven infrastructure as SIM Swap, KYC Match and Call Forward, APP Fraud Check inherits the security and reliability of the mobile network itself. It’s hardened against spoofing, outage and latency risk, ensuring continuous protection for customers and transactions.
Proven industry pedigree
XConnect’s SAFr platform already protects Tier-1 banks and global enterprises, processing millions of identity and fraud-prevention checks daily. Backed by Gautam Hazari – the architect of the GSMA Mobile Identity APIs – our operator partnerships and technical expertise make us a trusted fraud-defence partner.
Ready to implement?
Unbelievably easy to get started, the integration is lightweight, the setup process is fast, and the impact is immediate. Whether you’re testing compliance in one market or rolling out across multiple platforms, the path to full deployment is measured in days, not months - with XConnect guiding every step.
- Identify payment and call-centre flows where coercion risk is highest.
- Integrate the APP Fraud API within your existing risk-decisioning process.
- Test and calibrate thresholds (call direction, duration, timing).
- Launch live pilot with one operator.
- Scale across all payment journeys and markets.
- Optionally combine with Call Forward Check and SIM Swap for total account takeover protection.
How can I try APP Check?
Very easily. We can give you a sandbox environment to allow you to try out APP Check.
Our customer, partner, onboarding, technology and delivery teams are all experts, totally knowledgable about what we can do (and what we can’t) and are all yours during your XConnect journey, from initial enquiry, to POC, to switching on live service.
You've nothing to lose and everything to gain with an Authorised Push Payment fraud check that stops APP Fraud before it happens.
Good to know, right?
