Yes, we use a variety of methods to ensure your money and your personal information remain safe at all times:

Industry standard encryption levels for all sensitive information
Highly secure data centres
24/7 automated transaction monitoring plus our internal fraud and compliance teams
24/7 support for immediate concerns

The way your bank or payment services provider verifies your identity or validates a specific payment instruction is changing. These changes are designed to reduce the risk of a fraudster pretending to be you to steal your money. Information for consumers on Strong Customer Authentication.

Yes, to increase security on your account you are able to set either SMS or Google Authenticator as 2FA. Please go to your account, select ‘Security’ and 2 Factor Authentication to enable 2FA and customise your settings.

You can manage your trusted devices by selecting ‘Account’, select ‘Security and then ‘Trusted Devices’. From here, you can manage your devices.

No you are not able to log into Luxon Pay using an IP proxy or a VPN connection. This is as a precaution to protect your funds and personal information. Your account may be suspended if you have tried to log in via an IP proxy or VPN.

Yes, your transactions on Luxon Pay have additional authentication including trusted device management and SMS verification.

Yes, it is possible to turn on/off fingerprint/face ID by going to ‘Account’ and selecting ‘Security’. Here you can toggle these settings on or off.

When you log in via your desktop application, ensure you untick the box ‘Add to trusted devices’ if you are using a public computer.

Authorised Push Payment Fraud is when scammers trick people or businesses into transferring money manually. They pretend to be trustworthy figures like banks or solicitors. These scams are widespread, targeting high-value transactions. Automated fraud is increasing. Victims transfer money without realising it, leading to significant financial losses. Globally, APP Fraud is common. It impacts people and businesses. Fraudsters use tricks like impersonation to sneak in payments without victims catching the scam. Authorised Push Payment fraud requires convincing payers to allow payments under false pretences. Scammers pose as trusted entities, such as your bank or a company representative.

APP fraud involves manipulating victims into approving payments to appear legitimate. The fraudster investigates, gathers personal details, and deceives victims, often impersonating trusted entities. Victims unknowingly initiate irreversible payments. The fraudster quickly withdraws funds, making the recovery challenging.

Criminals also use varied tactics, such as phishing. They also elaborate schemes like romance scams. They exploit a sense of necessity, claiming urgent needs or emergencies. This pushes victims to comply hurriedly. The urgency, misrepresentation, and emotional manipulation convince victims to approve payments. This enables fraudsters to get stolen funds quickly.

Below is how Authorised Push Payment Fraud works:

1. Deceptive Contact: Scammers pose as trusted entities, often through emails or phone calls.
2. False Urgency: They create a sense of urgency, pressuring you to act quickly.
3. Fraudulent Instructions: You receive instructions to transfer money, believing it’s a legitimate request.
4. Account Exploitation: Scammers exploit your trust to access funds directly from your bank account.
5. No Recourse: Unlike unauthorised transactions, you willingly transfer money, making it challenging to recover funds.

Authorised push payment fraud comes in various forms, all centred on deception. Here are specific types of scams, each exploiting misrepresentation, impersonation, or social engineering:

1. Invoice Scam
   – Victims pay a fake invoice, misled by social engineering and falsified documents.
   – Targets regular payments or tricks businesses into changing payees.
2. Romance Scam
   – Fraudsters forge romantic connections to exploit victims emotionally.
   – Often culminates in Authorised Push Payment Fraud, with requests for real-time money transfers.
3. Personal Relationship Scam
   – Similar to romance scams, fraudsters impersonate family or friends.
   – Urgency and personal information are used to convince victims to send money quickly.
4. Property Funds Scam
   – Targets property purchases, with fraudsters manipulating payee information.
   – Infiltrates real estate transactions through false documentation and social engineering.
5. Account Takeover Fraud
   – Criminals gain direct access to victims’ accounts for fraudulent activities.
   – Enables fraudsters to perform authorised push payments without victim authorisation.
6. Contractor Scam
   – Deceptive home renovation scheme where victims pay the fraudster instead of the real contractor.
   – Fraudsters use phishing to gather renovation information, submit a fake invoice, and disappear with the payment.

1. Home Renovation Scam
   Criminals spot a house under renovation and learn about the homeowner and builder. They send a fake invoice, seemingly from the builder, redirecting funds to their account. The scam is only noticed when it’s too late.
2. New Bank Details Scam
   Fraudsters target a business, posing as a supplier. They notify a change in bank details for future payments. The company updates the information, unknowingly directing payments to the fraudsters until the deception is discovered.
3. Property Purchase Fraud
   Scammers target property buyers, intercepting emails between them and professionals. They alter bank details on crucial documents. During a transaction, funds intended for the property payment end up in the fraudster’s account.
4. Familial Impersonation Frauds
   Someone gets a payment request, seemingly from a family member in urgent need. Eager to help, they send money without confirming the email. Later, it turns out the family member is unaware, and the funds land in the hands of a scammer.
5. Relationship Scams
   Fraud often preys on social media relationships. A person bonding with someone on Instagram is persuaded to send money via a payment platform. After the transfer, attempts to reach the “partner” fail; the Instagram account vanishes, leaving the victim deceived and heartbroken.

• Keep your One-Time Passcodes (OTPs) to yourself. Never share them with anyone calling you, no matter how legitimate they may seem.
• Your PIN should never be shared with anyone.
• Don’t give personal details over the phone unless you’ve been able to positively identify the caller to be genuine – especially if you aren’t expecting the call.
• Check your account regularly to be sure that you recognise all the activity. If there are any transactions or changes to your account that you don’t recognise, contact us immediately.
• Use a variety of passcodes and PINs for your account. Make sure they are not easy to guess.
• Regularly change your online passcodes. Try to use a combination of uppercase and lowercase letters, as well as numbers and special characters.
• Keep your contact details up to date. This means we can contact you promptly if necessary.

It’s important to keep an eye out for potential fraud or scams. If you have any doubts or concerns about the safety of your account, please contact us.