Authorized Push Payment Fraud
Victim authorizes real transfer.
Threat Intelligence
Vishing & Active Call Session Fraud
Severity: highSocial EngineeringHuman + Session
Affected: Retail Banking · Wealth · Elder-focused products
Threat IntelligenceVishing
Vishing combines live phone calls with mobile banking sessions — fraudsters coach victims through transfers while call forwarding or SIM swap intercepts OTPs.
APP
Fraud Type
Authorized push payment
Call state API
Detection
Android / iOS
Growing
Regulatory
UK / EU focus
Attack chain
Typical exploitation path in mobile banking
1Vishing call
2Login during call
3OTP intercept
4Guided APP
5Loss
Kill Chain
How this attack happens
End-to-end attack timeline observed in mobile banking incidents.
Step 1
Vishing call
Victim coached by fraudster impersonating bank.
Step 2
Concurrent banking
Victim logs in during active call.
Step 3
OTP intercept
Call forwarding captures SMS/voice OTP.
Step 4
Guided transfer
Fraudster instructs payment steps.
Step 5
Loss realized
Authorized push payment completed.
Business Impact
Impact on financial institutions
Operational, financial and regulatory consequences for BFSI.
Estimated severity
critical
Elder Fraud
Disproportionate impact on vulnerable customers.
SOC Intelligence
Observed risk signals
Typical APK assessment findings mapped to this threat.
high
No active call detection
App unaware of concurrent voice call.
medium
No cooling-off on new payee
Detection
How MobAIsec detects this threat
Four-phase governance pipeline — deterministic evidence only.
Phase 1
Static Analysis
- ›TelephonyManager / call state listeners
- ›Cooling-off policy in flows
Phase 2
Governance Mapping
- ›UK APP fraud rules
- ›PSD2 fraud monitoring
Static Analysis→Governance Mapping
Mitigation
Recommended banking controls
Layered defenses with coverage, effort and effectiveness ratings.
Active Call Detection
Coverage: MediumProtects: Vishing during session
Effort
Low
Effectiveness
60%
Warn or block high-risk actions during calls.
Behavioral Biometrics
Coverage: HighProtects: Coached user patterns
Effort
High
Effectiveness
75%
BioCatch-style signals.
Regulatory Intel
Banking regulations requiring this protection
Compliance confidence and mapped control counts per jurisdiction.
UAE
CBUAE
Compliance confidence94%
12 mapped controls
View mandate →India
RBI
Compliance confidence88%
9 mapped controls
View mandate →Singapore
MAS
Compliance confidence96%
11 mapped controls
View mandate →Framework Alignment
Security framework alignment
How this threat maps across MASVS, OWASP Mobile, PCI DSS, PSD2, NIST and DORA.
| Control | MASVS | OWASP Mobile | PCI DSS | PSD2 | NIST | DORA |
|---|---|---|---|---|---|---|
| Fraud monitoring | ◐ | ○ | ◐ | ● | ● | ● |
Executive Summary
Executive risk summary
Board-ready risk dimensions and impact heatmap.
Lower = higher residual risk
Likelihood75%
Impact85%
Exploitability70%
Compliance Risk72%
Impact heatmap
APP fraud
L: 80%
I: 90%
Vendor Intel
Enterprise protection vendors
RASP, attestation and device-trust solutions for banking programs.
BioCatch
Behavioral biometrics
Enterprise
Banking: excellent
Pros
- + Vishing pattern detection
Limitations
- − Enterprise only
APK Preview
APK threat intelligence preview
Sample assessment output for Call Session Risk exposure.
Risk score
48
/ 100
1 critical findings
Related Intel
Related intelligence
FAQ
Threat intelligence FAQ
SEO-optimized answers for security and governance teams.
Why detect phone calls during banking transactions?
Active call detection identifies vishing scenarios where fraudsters guide victims through transfers while intercepting OTPs via call forwarding.
Take action
Validate your banking APK against Call Session Risk
Upload your Android banking app for evidence-backed threat intelligence — no hallucinated findings.
- ✓Threat exposure score
- ✓Runtime hardening analysis
- ✓Banking compliance mapping
- ✓Fraud readiness score
- ✓Executive PDF report
- ✓Remediation guidance