MEF Advisor and Programme Lead Matt Ekram, discusses how Mastercard’s new “A2A Protect” uses AI, network intelligence, and dispute resolution to fight the UK’s growing APP fraud, and why telcos, CPaaS, and fintechs must collaborate to stop scams at scale.
APP (Authorised Push Payment) fraud continues to be one of the fastest-growing and most damaging types of financial crime in the UK—and increasingly, across mobile-first economies. According to UK Finance, APP fraud losses in the UK surged to £592 million in 2024, driven by social engineering attacks, spoofed communication, and faster digital payments that are harder to reverse.
In response, Mastercard has launched “A2A Protect”, a fraud protection service for account-to-account (A2A) payments. The rollout begins in the UK in partnership with Monzo, NatWest, and Santander, operating across the Faster Payments network. The solution builds on Mastercard’s existing Consumer Fraud Risk service, which already protects 15 banks (representing over 90% of UK A2A payment volumes) and contributed to a 20% reduction in APP fraud in 2024.
Why is APP Important for the Mobile Ecosystem
APP fraud occurs when a user is manipulated into authorizing a payment to a criminal. Because the user initiates the transfer themselves, traditional anti-fraud and chargeback protections often don’t apply. The rise of instant A2A transfers has only made the threat more urgent.
At MEF, we believe that combating fraud in real-time digital payments requires ecosystem-wide action. The financial sector cannot do it alone.“
And while banks bear the brunt of the liability, fraud often begins outside of banking apps. It may start with a phishing message, a spoofed caller ID, or a compromised mobile identity—touchpoints managed by telecom operators, CPaaS providers, and messaging platforms.
From the MEF perspective, this reinforces the need to treat fraud prevention as a shared challenge that spans industries.
Inside A2A Protect: AI, Network Intelligence, and Dispute Resolution
According to Mastercard, A2A Protect operates as an overlay to existing payment infrastructure, allowing it to integrate without requiring new rails or processing systems. It enhances fraud protection in three key ways:
- Real-Time Transaction Scoring
Using AI models developed through Mastercard’s Consumer Fraud Risk system; banks receive real-time risk assessments for each A2A payment. These models analyse behavioural patterns and user anomalies. - Network-Wide Fraud Intelligence
A2A Protect integrates Mastercard’s Trace solution, which analyses broader network data to identify patterns of money laundering and flag suspicious or “mule” accounts involved in APP fraud. - Standardised Dispute Resolution
The service provides participating banks with a centralised framework to resolve disputes more efficiently. This includes a unified process for fraud investigation and fund recovery—reducing both cost and time for financial institutions.
“A2A Protect will enhance our work even further, giving us more insights to stay one step ahead of fraudsters and keep our customers safe,” said Andy Sacre, Head of Payments at Monzo.
UK Regulations Push Innovation Forward
The timing of A2A Protect’s launch aligns closely with recent changes by the UK’s Payment Systems Regulator (PSR), which now requires banks to split liability 50:50 for APP fraud losses between sending and receiving institutions. This regulatory shift has accelerated the need for proactive, real-time fraud prevention tools.
The service also supports the UK government’s National Payments Vision, which aims to modernize the country’s A2A payment infrastructure while maintaining strong consumer protection.
Broader Mobile Ecosystem: A MEF Perspective
Mastercard’s initiative is designed for the banking sector, its implications reach much further. The antifraud market has seen mobile operators (or at least mobile operators’ data) coming to the fore as a potential solution. The announcement shows how much the rest of the fintech industry is moving fast in packaging solutions for the banks. For Mobile Ecosystem Forum (MEF) members—across messaging, digital identity, CPaaS, MNOs, and telco intelligence—this a moment of reflection. Is the industry responding fast enough As fraudsters exploit weaknesses across the entire mobile ecosystem, cross-sector collaboration is no longer optional. Telco can partner, aggregate or sell information but they need to take stance in the value chain.
From MEF’s point of view, there is growing relevance for members to consider, for instance:
-
- Could telco-originated data, such as SIM swap history, device changes, or roaming status, be used to enrich fraud scoring for financial institutions?
- What role can trusted messaging frameworks—such as RCS Verified Sender, SMS Sender ID registries, or branded calling—play in helping consumers avoid phishing and impersonation scams?
- How might industry-wide frameworks, like GSMA’s Open Gateway initiative, support secure API-based data exchange between telcos and financial platforms to combat fraud?
These opportunities are not part of A2A Protect today, but represent emerging areas for collaboration that align with MEF’s mission to foster trust and security across mobile and digital channels.
At MEF, we believe that combating fraud in real-time digital payments requires ecosystem-wide action. The financial sector cannot do it alone.
We encourage MEF members—including telcos, CPaaS platforms, authentication providers, and fintech firms—to take part in our Payment & Commerce Interest Group, where we explore:
-
- Shared intelligence and interoperability across sectors
- Mobile identity standards that strengthen trust in payments
- Practical frameworks for API collaboration and fraud mitigation
Conclusion
Mastercard’s A2A Protect marks a meaningful step forward in APP fraud prevention—one that demonstrates the importance of AI, network collaboration, and standardization. As instant payments continue to scale, the mobile ecosystem must match that pace with equal vigilance.
At MEF, we see this as a call to collaborate, innovate, and act.
