A huge spike in the value of scam losses fleeced from Australians to eclipse $3 billion has finally triggered a small regulatory intervention after minister for communications Michelle Rowland and minister for financial services Stephen Jones agreed to fund a pilot blocking mechanism in the upcoming Budget.
As the drip-feed of authorised pre-Budget leaks started this week, the relatively simple notion of running an authorised white list for vetted official communications to consumers to filter out the millions of shonky SMS alerts has attracted funding of $10 million, or $2.5 million a year.
The whitelist and accompanying blocker, applied at the coalface by telecommunications carriers rather than the government, comes as the Australian Communications and Media Authority (ACMA) attempts to hold back a flood of slick and sophisticated scams impersonating government agencies.
The scams typically fool people into divulging key transactional and bank account data, or dupe consumers and businesses into authorising bogus transactions and payments from bank debit account payments and transfers.
The recent addition of real-time account-to-account transfer functionality in Australia is especially enticing for scammers because, in the main, it flips the liability to scam victims rather than institutions or payment schemes.
The huge liability shift away from banks to consumers is a difficult trade-off, because while there is short-term insulation from scam losses, it removes incentives for a coordinated industry response against an aggressively industrialised cash grab fuelled by grey cyber operations proliferating following the Russian invasion of Ukraine.
The liability shift also means that scammers increasingly target account-to-account transactions (A2A) rather than stealing and faking credit and debit card details to execute online frauds (dubbed card not present), where the liability initially vests with banks but is then usually passed onto merchants, to the tune of more than $400 million a year in Australia.
Now that the government is finally seeking to properly digitise its transactions, regulators are trying to salvage the credibility of otherwise forfeited digital channels like mobile, SMS and various other prompts (though it’s safe to say you won’t get a myGov alert via TikTok).
“This measure will complement rules registered by the ACMA in July 2022 for telecommunications companies that blocked more than 90 million scam texts between July and December 2022,” Rowland said.
“Whilst there is no silver bullet, the Australian Government is committed to improving protections and stepping up the fight against illegal scams. The SMS Sender ID Registry will have a phased introduction before an industry-wide model is in place — subject to rulemaking, industry readiness and security arrangements.”
Whitelisting official messages is nothing new, it has taken on a predictable urgency.
“More than 47 per cent of Australians have reported exposure to fake or deceiving text messages in the last year. The Registry is intended to assist telecommunications companies to make it more difficult for scammers to imitate trusted and established brand names through SMS,” Rowland said.
“The Registry complements the Albanese Government’s investment to establish a National Anti-Scam Centre (NASC) within the Australian Competition and Consumer Commission (ACCC) as an innovative, world-leading public-private sector partnership to disrupt and stop scammers in Australia.”
Such are the spoils of government. Their problem becomes your problem. But under the current liability distribution, it’s consumers who cop the fraud bill. You can bank on that.
READ MORE:
Any feedback or news tips? Here’s where to contact the relevant team.