Tieto’s TEM blocks 80% of digital wallet fraud attempts

Tieto's TEM blocks 80% of digital wallet fraud attempts

Phishing and fraud targeting digital wallets are surging globally, creating a growing challenge for banks and customers alike.

Tieto Banktech recently delved into how phishing and fraud in digital wallets are stopped. 

Digital wallets like Apple Pay and Google Pay have simplified payments, but they have also handed fraudsters a new route into consumers’ accounts. Criminals use phishing to harvest card details and trick cardholders into sharing activation codes. Once a card sits in a wallet controlled by a fraudster, it can be spent without a PIN, opening the door to significant losses.

Tieto’s answer, launched in 2024, is Token Enrolment Monitoring (TEM), which scrutinises every attempt to register a card in a digital wallet. Signals such as IP address, language and location are checked against the customer’s typical behaviour.

Tieto Banktech quality & risk manager, financial crime prevention Silje Andrea Kvernberg said, “If something doesn’t add up – such as an unfamiliar language or an IP address from a completely different country – the process is halted. The bank then contacts the cardholder to confirm whether the attempt is legitimate or initiated by a fraudster.”

Tieto Banktech fraud specialist Sverre Larsen said, “M alone stops between 70 and 80% of all attempted digital wallet enrolment fraud. That means the majority never reach the point of being used. TEM is the frontline that gives banks the time and space to react.”

He added, “From 2024 to 2025, we saw a 100 per cent increase in cases related to digital wallet enrolment. This underlines the need for a strong first line of defence like TEM.”

Attempts that slip through meet a second layer: Card Transaction Monitoring (CTM), which flags suspicious spending patterns across more than 60 banks using Tieto’s monitoring services. Larsen said, “If a card is used in a shop in Norway in the morning, it’s highly unlikely that the same card is legitimately used in Asia that same afternoon. When such unusual activity is detected, the purchase is blocked and the customer is contacted. If confirmed as fraud, the card is immediately blocked, preventing further abuse.”

The layered model proved itself during a phishing wave in late summer 2025, when around 3,000 cases were stopped in TEM without losses, with CTM catching or reducing damage in hundreds more.

Across 2025, Tieto’s Defence Centre blocked fraudulent activity worth €1.132bn, more than triple the prior year, while 3D Secure Monitoring declined transactions exceeding €225m. In 2026, Money Mule Monitoring and Manipulation Risk Monitoring will add further protection.

Larsen said, “TEM isn’t built for one bank or one market. It’s modular, scalable and can be deployed across countries. The more cross-market insights we gather, the stronger the system becomes.”

For more insights, read the full story here.

Read the daily RegTech news

Copyright © 2026 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.