Ditching paper money has made Sweden a haven for online scams

STOCKHOLM - Ellen Bagley was delighted when she made her first sale on a popular second-hand clothing app, but just a few minutes later, the thrill turned to shock as the 20-year-old from Linköping in Sweden discovered she’d been robbed.

Everything seemed normal when Ms Bagley received a direct message on the platform, which asked her to verify personal details to complete the deal. She clicked the link, which fired up BankID - the ubiquitous digital authorisation system used by nearly all Swedish adults.

After receiving a couple error messages, she started thinking something was wrong, but it was already too late. Over 10,000 Swedish kronor (S$1,290) had been siphoned from her account and the thieves disappeared into the digital shadows.

“The fraudsters are so skilled at making things look legitimate,” said Ms Bagley, who was born after BankID was created. “It’s not easy” to identify scams.

Sweden is an important test case on fighting cashless crime because it’s gone further on ditching paper money than almost any other country in Europe.

Online fraud and digital crime in Sweden have surged, with criminals taking 1.2 billion kronor (S$155 million) in 2023 through scams like the one Ms Bagley fell for, doubling from 2021. Law-enforcement agencies estimate that the size of Sweden’s criminal economy could amount to as high as 2.5 per cent of the country’s gross domestic product.

To counter the digital crime spree, Swedish authorities have put pressure on banks to tighten security measures and make it harder on tech-savvy criminals, but it’s a delicate balancing act. Going too far could slow down the economy, while doing too little erodes trust and damages legitimate businesses in the process.

Using complex webs of fake companies and forging documents to gain access to Sweden’s welfare system, sophisticated fraudsters have made Sweden a “Silicon Valley for criminal entrepreneurship,” said Daniel Larson, a senior economic crime prosecutor.

While the shock of armed violence has grabbed public attention - the nation’s gun-homicide rate tripled between 2012 and 2022 - economic crime underlies gang activity and needs to be tackled as aggressively, he added.

“That has been a strategic mistake,” Mr Larson said. “This profit-generating crime is what’s fueling organized crime and, in some cases, leads to these conflicts.”

Sweden’s switch to electronic cash started after a surge of armed robberies in the 1990s, and by 2022, only 8 per cent of Swedes said they had used cash for their latest purchase, according to a central bank survey. Along with neighboring Norway, Sweden has Europe’s lowest number of ATMs per capita, according to the IMF.

The prevalence of BankID play a role in Sweden’s vulnerability. The system works like an online signature. If used, it’s considered a done deal and the transaction gets executed immediately. It was designed by Sweden’s banks to make electronic payments even quicker and easier than handing over a stack of bills.

Since it’s original rollout in 2001, it’s become part of the everyday Swedish life. On average, the service - which requires a six-digit code, a fingerprint or a face scan for authentication - is used more than twice a day by every adult Swede and is involved in everything from filing tax returns to paying for bus tickets.

BankID is controlled by a consortium of the country’s private lenders, including Swedbank, SEB and Svenska Handelsbanken. A number of changes have been implemented to improve its security, as the government investigates the prospects of offering a state-issued digital ID.

“There is dedicated work going on throughout the banking sector to stop the fraudsters, but the police, the political side and the telecom industry need to do their part,” said Björn Johansson, Swedbank’s head of group fraud prevention. Representatives for SEB and Handelsbanken declined to comment.

For Ms Bagley, the fact that BankID is so commonplace is part of the problem. “It ends up not really being a security measure, but just another step in using a website,” she said. “You don’t really think twice about what the BankID app might say you are logging into.”

It’s not just consumer scams. Government agencies have adopted BankID to make it easy to set up legitimate businesses in Sweden, which has also enabled fraudsters. Some have used fake companies with phony payrolls to launder money. Through such schemes, organised criminals can turn income from fraud and drug sales into a tool to get bank loans and extract payments from the welfare system.

As the scale of the problems grow, banks are introducing measures that will allow additional layers of security, including requiring approval from a trusted second party for large transfers. But for the most part, they’re voluntary, with users needing to opt in to set up two-stage authorisation or delay payments.

The development has led to calls for banks to bear a bigger share of the burden when their customers are exposed to fraud. In the second half of 2023, payment service providers only footed about 10 per cent of the bill, and the country’s financial watchdog has said that Sweden might do well to follow an example from the UK, which from October will require banks to reimburse customers who have been conned into making transfers.

Until similar regulation is adopted in Sweden, the chances of getting money back for users like Ms Bagley are slim. She reported the February incident to Sweden’s National Board for Consumer Disputes and has tried to raise awareness through social media, overcoming the feeling of embarrassment for being duped.

“I’ve heard from so many others who have told me ‘I’ve also been scammed and felt so alone and ashamed’,” she said. BLOOMBERG