The ease of transacting and interacting online brings great convenience to our daily lives. We can now transfer money, make purchases without going to the ATM, open bank accounts from our phones, and apply for loans without visiting a bank.
However, behind this convenience lies a serious threat. It's fraud. Fraud doesn’t just affect individuals, it can significantly impact companies and financial institutions too.
According to the Association of Certified Fraud Examiners (ACFE), fraud is “a dishonest and illegal act carried out by individuals or groups to gain undue advantage.” It typically involves deception, concealment, or abuse of trust.
Fraud can include corruption, document forgery, asset theft, or financial statement manipulation.
But when it comes to financial transactions, the definition shifts. This is often referred to as digital fraud, which involves any fraudulent activity using digital technology as the medium or target.
According to IBM Security, digital fraud includes activities such as phishing, payment fraud, and identity theft. The surge in digital transactions, often without strong authentication, has made fraud more widespread.
Sometimes, due to frequent online activities, users become careless with their personal data. Things like ID cards and phone numbers may be leaked due to users unknowingly signing up for illegal platforms.
These digital fraud cases are common in Indonesia—and you may have even encountered one yourself. Here's a list of the most frequent types:
Phishing is one of the most common digital fraud techniques. The fraudster poses as a trusted entity like a bank or government body and sends fake links via email or SMS.
Example:
A bank customer receives an email that appears to be from the bank warning them to verify their account or face a block. The victim clicks the link, enters their PIN and OTP, and the fraudster drains their account.
ATO happens when fraudsters gain access to a victim’s account, bank, e-commerce, or social media, and use it for unauthorized transactions.
Example:
A hacker uses leaked credentials to log into a digital wallet account. Without two-factor authentication, the hacker hijacks the account and makes fraudulent transactions.
A common scam targeting online sellers or small businesses. Fraudsters send fake transfer receipts, tricking sellers into sending products without actual payments.
Example:
An online seller receives a “proof of payment” image and ships the product, only to find no money was received and the buyer unreachable.
Fraudsters hijack your phone number by transferring it to a SIM card they control, allowing them to receive OTPs and bank alerts.
Example:
A fraudster impersonates a victim when contacting the mobile operator. By answering security questions (based on leaked data), they successfully perform a SIM swap and gain account access.
This involves psychological manipulation where the victim is tricked into giving up personal data voluntarily.
Example:
A victim gets a call from someone claiming to be digital wallet support, asking for an OTP to “verify” their account. The OTP is used to steal their funds.
Using AI, fraudsters can create fake videos or voice recordings that mimic real people—especially dangerous when impersonating company executives.
Example:
An employee receives a video call from someone who looks and sounds like their boss, asking for a fund transfer. The video turns out to be an AI-generated deepfake.
Fraudsters replace or distribute fake QR codes that redirect payments to their accounts.
Example:
A person scans a QR code at a parking booth and unknowingly sends money to a scammer. Later, they get charged for unauthorized transactions.
Fraudsters create legit-looking websites or apps to lure victims into fake investments or instant loans.
Example:
A victim applies for a loan on a convincing website, uploads their ID, and pays a “processing fee”but never receives the loan.
Fraud can also come from online sellers who manipulate reviews or ship fake products.
Example:
A seller shares a valid tracking number but sends a different product. When the buyer complains, the seller denies refunds citing completed delivery.
Malware can steal sensitive information like login credentials or biometric data.
Example:
A user downloads a PDF promotion file that secretly installs a keylogger, recording everything they type and sending it to the attacker.
You know what's shocking about digital fraud that watching your transaction? Fraudsters aren't breaking in. They're logging in using stolen credentials. And we're still relying on security method that are decades old.
The truth is, data leaks are nearly impossible to eliminate. Weak infrastructure, human error, system glitches, or intentional fraud can all lead to exposure.
However, we can still prevent stolen data from being used for unauthorized access. One effective way is through strong user authentication, and VIDA provides two powerful solutions: PhoneToken and FaceToken.
This device-based authentication ensures that login and transactions can only be done from the registered device.
Example:
If you open a digital bank account using your Sumsang phone, only that device can be used for future logins. Even if your username, PIN, or OTP are leaked, other devices can't access your account.
This works because PhoneToken binds itself automatically to the device once an app is installed.
A biometric-based authentication that uses face matching and liveness detection to ensure only the real account owner can access the app.
Even if fraudsters have your credentials, they won’t be able to log in without your actual face. FaceToken stores encrypted biometric data that’s only usable on your registered device.
Digital fraud is a serious threat, but with proper awareness and the right tools, we can protect ourselves and our assets.
VIDA’s authentication solutions offer an extra layer of protection, ensuring your digital transactions remain secure at every step.