The appeal of person-to-person (P2P) payment apps is strong, no matter your age or generation. The apps provide a fast, convenient way to make payments for goods and services. Venmo, PayPal, Square Cash, and Zelle® are all popular P2P payment platforms.1
With P2P apps, you can pay people using your mobile device, without knowing their account details. According to the Federal Trade Commission, in 2022, 76% of U.S. consumers have used at least one P2P product. P2P apps have become a staple of the economy, and are more accessible than ever.
Because there are varying degrees of consumer protections from the P2P companies, there are valid safety concerns. Like all payment software, peer-to-peer payments are held to high regulatory standards and use a variety of methods to keep information and funds safe.
With P2P apps, transaction data is encrypted. They employ two-factor authentication and have fraud detection capabilities. Some providers use biometrics, and most send automatic notifications for every transaction (so you can catch transactions you didn't authorize).
Despite the security features provided, these apps have given bad actors a new method for committing fraud and scams. It's important to recognize that using them may come with risks to your security and privacy.
Here are some common scam examples:
Online Marketplace Scams – Popular sites like Craigslist and Facebook Marketplace, They may start with offers for a service or products such as concert tickets, marked-down merchandise or even adoptable puppies. The seller will seeks advance payment through P2P and never fulfills the order.
Fake Apps – These apps looks like the real thing (Venmo, Zelle®, etc.) but are designed to take your money without being detected.
Fake Billing Sites – These are set up to look like legitimate billing websites. Once you enter your data to make a payment, fraudsters will use your information to transfer money from your account. These can also be accompanied by legitimate-looking phishing emails.
Money mule scams – These types of scams come with an added twist: Getting caught up could also result in legal trouble. That's because it's a scam used to launder money. The scam can involve fake dating accounts, work-from-home schemes or phony prizes. Scammers send money, and then ask victims to send it to another person. What they won't tell you is that the money is stolen—or that the reason you're sending it is made up to provide cover for illegal activity.
Bank Impersonators – Typically, you'll get a phone call from someone claiming to be from your bank about supposed suspicious charges on your account, and the representative asks you to resolve the problem. You're then walked through instructions on how to reverse the unauthorized claims. What really happens, though, is that you are transferring money directly to the criminals.
In another scenario, the text or call you receive is from someone claiming to represent a bank's fraud department or merchant and ask you to confirm information such as your bank account user name and password, credit card or debit card data, or Social Security number. In this case, the fraudster wants to create a P2P account with your information, steal your identity, and gain access to your accounts.
Buyer or Overpayment Scams – The scammer will "accidentally send you an overpayment" on a P2P app and then ask for a refund of the difference. They often start with something you're trying to sell online and a bogus check to buy it. The scammer will overpay and then ask for a refund of the difference using a P2P app. When the check bounces, you're on the hook for the amount of the bad check—and the item you were trying to sell might be gone too.
Tips to help protect yourself
Recommendations to consider to help you avoid being scammed when using payment apps:
- Enable security settings on accounts. Your digital banking account and P2P apps offer enhanced security features, like multi-factor authentication (MFA). This requires you to enter your user name and password, followed by a second step which might require you to enter a numeric code sent to you via text or email, a finger scan or facial recognition.
- Always create strong, unique passwords and disable automatic logins. Use different passwords for P2P apps and other sites.
- Link your money transfer app to a credit card rather than a debit card or your bank account. A credit card provides added protection in case you do not receive the goods or services that you have purchased.
- Be aware of phishing. One way fraudsters might try to access your account is by posing as Tower or a P2P company. They may try to contact you through emails, calls or texts. Avoid clicking links and sharing personal information. They may also claim you need to download another app or give them remote access to transfer money. Never give remote access to a third party.
- Be wary of any business that only accepts P2P payment apps or pre-paid debit card payments. Consider this a red flag.
- Treat payments like cash. Most P2P apps don't let you cancel a transaction once you've sent it to another user. Always verify the recipient's information before making any payment and only send payments to those you trust.
- Never provide sensitive personal information over the phone. Legitimate customer support operations will not ask for your bank account information.
- If you get an unexpected inquiry from someone who says they represent a company or a government agency, hang up and call the phone number on your account statement, the company's or government agency's website, or other trusted resource to verify the authenticity of the request.
What to do if you experience a scam or fraud
- Contact Tower's Member Services immediately if the transaction directly or indirectly involves your Tower account(s)
- Contact your P2P company if you made the transaction using the company's app. You may be limited in your ability to recover funds but it is important to report the incident.
- Report the scam or fraud to the government. The FTC and FBI have resources to not only allow you to report the crime but also provide recommendations on next steps.
The bottom line
While P2P apps offer convenience to individuals as well as businesses, they are also leveraged by fraudsters to perpetrate illegal activity. Be vigilant in protecting your personal information and your money by knowing how to identify the red flags. Remember, if something sounds too good to be true, it probably is.
1U.S. checking or savings account required to use Zelle®. Transactions between enrolled consumers typically occur in minutes. Zelle ® and the Zelle® related marks are wholly owned by Early Warning Services, LLC and are used herein under license. Android, Google Play and the Google Play logo are trademarks of Google Inc. App Store is a service mark of Apple Inc.
Resources: The Federal Trade Commission, the Federal Bureau of Investigation, the Consumer Financial Protection Bureau, the Federal Communications Commission, the New York Times Company, Consumer Reports, AARP, Atlanta News First, the Charles Schwab Corporation, Capital One, Early Warning Services, LLC.