Industry observers and experts responded to reports ofvulnerabilities in the Zelle Network, which enables participatinginstitutions to send money to anyone with a U.S. credit union orbank account.

“The same features that make Zelle so useful for customers, itsspeed and ubiquity, have made it irresistible to thieves. Hackersand con artists have used the system to steal from victims,” StacyCowley of New York Times wrote. The article stated, “The scale ofthe problem is hard to pinpoint, because Zelle is fairly new andbanks do not report much data about it.”

Apps such as Venmo (owned by PayPal), Popmoney, Square Cash andApple Pay made digital cash transfers fast and easy. Some financialinstitutions united to create Zelle, as a competing offering,operated by Early Warning Services, a Scottsdale, Ariz. consortiumjointly owned by seven large banks. An estimated $75 billion wentthrough Zelle last year.

Early Warning told the Times there have been very few incidentsand the problem is under control

Several industry experts also offered feedback.

“CO-OP Financial Services is partnering with Early Warning toenable participating credit unions to implement Zelle,” MichelleLemieux, senior product manager for Rancho Cucamonga, Calif.-basedCO-OP Financial Services, said. “Zelle is bringing fasterperson-to-person payments to millions of U.S. consumers through theconvenience of mobile banking apps. Safe banking is a top priority,and Zelle offers consumers multiple layers of protection, and clearprocesses, to investigate and remediate unauthorizedtransactions.”

Fran Duggan, CEO of a new smart digital payments solutionprovider, Payrailz, stated, “The volume of use of Zelle highlightsthe need for a robust bank/credit union solution. As with any newservice that has an overwhelming response, you are going to havesome hiccups, but the good news is that Zelle is aware of theissues and working to resolve them quickly.”

Credit unions should take precautions as with any bleeding orleading-edge technology. Steve Gilde, Holly Springs, N.C. basedParagon Application System's director of global product marketing,explained, “When introducing a new payment platform like Zelle,credit unions should make sure that they fully understand all ofthe potential risks and proactively communicate these to theirmembers upfront.” Gilde, added it is also important to define andshare best practices, and for credit unions to develop andimplement a comprehensive testing strategy when introducing newpayment platforms to flag potential vulnerabilities.

“The battle for security is an arms race where each sidecounters the other continually,” Michael Carter, EVP for theMemphis, Tenn.-based independent contract advisory firm StrategicResource Management, said. “Anyone in our industry that decides touse the Zelle instance to disparage that organization is beggingthe gods to make them the next example.”

Carter pointed out, “Consumers primarily adopt new features,functions and offerings that provide them additional convenience.However, most do not realize that convenience and security areoften antithetical. The more security, the more friction, the morefriction the less convenience.”

Robb Gaynor, chief product officer of Austin-based digitalbanking provider Malauzai said. “When you transfer money in realtime, it's a real concern. We've never really done real timetransfers in the consumer world, but we feel we can mitigate it.”Gaynor suggested there are some unique challenges but there arethree primary risk mitigations available, behavioral andout-of-band usage analyses; and demanding consumer turn on alertsand notification.

Not everyone, especially consumers, understands Zelle, whichGaynor also pointed is not a payment rail but a message set and adirectory, utlizing existing vehicles to carry out paymentinstructions.

“A key reason money-transfer app fraud is on the rise is a lackof proactive security on the part of banks to catch fraud before itoccurs,” Kedar Samant, co-founder/CTO, Palo Alto, Calif.-basedfraud prevention firm Simility said. “By failing to adopt andimplement emerging technologies such as user behavior monitoring,artificial intelligence, machine learning, and device intelligence,banks are giving fraudsters a head start to carry out their crimes.This not only potentially leaves banks on the hook for reimbursingcustomers, but really damages the relationship with thecustomer.”

Tomorrow we look at whether CUs complicated decision toZelle or not to Zelle.