The Future of Fraud Prevention: Is AI Ready to Lead the Charge?
Share
What do banks and fintechs need to do to get fraud-fighting systems up to scratch?
Artificial Intelligence (AI) is no longer science fiction. It’s now reality – and depending on who you talk to, AI is either the biggest threat to humanity, or the next evolutionary step towards limitless opportunity. It’s radically transforming our lives as individuals and our societies in ways that were unthinkable just a few years ago.
In 2021, Tribe Payments’ own research found that 67% of fintechs believed AI would have the biggest impact on sector over the next five years, and that nearly 70% of fintechs were using it as of 2021. Of course, that survey was before the launch of ChatGPT in November 2022 revolutionised the way businesses could utilise AI in their own operations. It feels like the last year has brought forth more AI developments than in the last 10 years combined.
Three years on from our survey, it’s not a question of if more payments businesses will use AI, but when and how. Even though AI has been successfully deployed in areas like customer service with the ubiquitous chatbots and virtual assistants, it’s fair to say that many people in banking and fintech are still trying to figure out how best to deploy the technology effectively and safely. And the flip side is that fraudsters are using AI to make their attacks even more sophisticated and difficult to detect, with frighteningly clever methods to trick consumers out of money and scam merchants out of data.
At a time when real-time connectivity through WiFi and 5G are boosting the ability to make instant payments, the old reactive ways of fighting fraud through rigid risk-based models are not enough to counter emerging AI-driven fraud.
How AI is being used to perpetrate fraud
Already, fraudsters have successfully used deepfake AI in impersonation scams that clone people’s voices and make calls that request account details or money, and fake photos that can fool biometric ID systems. It was inevitable that ChatGPT would be exploited by cyber criminals, with its evil twin, FraudGPT being turned against banks, fintechs, and their customers and used to make fake customer or company profiles and steal payment data. AI-powered phishing attacks are now just as convincing as those crafted by human social engineering experts, able to be launched at scale, while taking just a fraction of the time.
Even without AI, bad actors have been extraordinarily successful at money laundering, creating multitudes of shell companies, and webs of bank accounts in offshore jurisdictions. As cross-border transaction volumes rise, businesses face more counterparty and foreign exchange risk, meaning even more Anti-Money Laundering (AML), Know Your Customer (KYC), and sanctions screening burdens to contend with. It’s not hard to imagine how criminals would use AI to better cloak themselves, their business links, and their data trails in the global financial system to evade AML and KYC checks.
Another worrying development is how cyber criminals are using machine learning as a virtual crowbar to force open businesses’ network weaknesses through APIs. It’s estimated that half of all internet traffic is now coming from bots attacking API endpoints, stealing data, and using it to perpetrate even more fraud.
Failure to anticipate and stop AI-driven fraud has the potential to destroy a business. It’s imperative that banks and fintechs get better at turning AI back against the fraudsters, to spot fraudulent transactions or scams before they can take hold and cause damage to banks, fintechs, merchants and their customers.
AI can find the fraud needle in the digital haystack
Unlike humans, AI never gets tired, lazy or bored. It can speed-read and ingest vast amounts of data in the blink of an eye, standardise and index it, and map and make visible complex data points that remain blind to the human eye. AI and machine learning will continually learn from past transaction data, empowering organisations with greater ability to anticipate attacks looming over the horizon.
By utilising AI to stop crime in real-time, banks and fintechs can take a proactive approach instead of a reactive one to payments fraud, compliance obligations, and risk management across their entire enterprises.
AI fraud detection when looking at behavioural biometrics is mindboggling in its ability to pinpoint where a cardholder or customer is, and even how fast they type or swipe using their cards or digital wallets. Through analysis of voice recognition, mouse movements or keystroke dynamics, AI algorithms can authenticate users and alert if suspicious behaviours are found.
AI can offer an added layer of transaction security alongside existing and advanced risk monitoring tools. By combining AI’s ability to ingest and analyse vast datasets in real-time, imagine how much more powerful risk monitoring can become – able to swoop in and look at each individual data point of a transaction and make risk-based decisions in real-time, right down to the individual transaction level across merchant codes, issuer, location, transaction value and other data points.
Risk management and compliance with regulations like AML and KYC can be conducted much faster and with far greater accuracy too. Leveraging AI will enable banks and fintechs to access real-time
data on politically exposed persons (PEPs), sanctioned individuals, organisations or countries, and pinpoint whether cards or BINs are being used in sanctioned jurisdictions. Using AI, fraud and risk management teams can hunt down and trace bad actors linked to flagged entities and accounts. AI also has the potential to transform back-office workflows too, by automating incident response processes for even greater efficiencies.
Collaboration is the key to fighting fraud
There’s no doubt that AI offers so much potential in fighting fraud – but it can’t do everything by itself, and we are still in the early stages of exploring what it can do. Regulators are still trying to catch up with AI’s pace of development so that effective guardrails can be put in place to ensure its safe use and governance. The crux of any forthcoming regulations will be ensuring any AI-based decisioning system utilises accurate data.
AI needs to be fed with accurate, clean data if it is to make precise, unbiased decisions and avoid the dreaded ‘hallucinations’ that could leave banks and fintechs in legal jeopardy. Without accurate data, risk management processes are worthless. Fighting fraud by necessity has to be a collaborative effort, in partnership with payments technology providers with the specialised risk monitoring platforms and clean data flows that can be configured for optimum fraud fighting defences.
That’s why Tribe Payments’ core platform supports both issuer and acquirer processing with a range of API-led enhanced services, including a proprietary 3D Secure solution, data insights, and risk monitoring. We’re closely monitoring AI developments and how we can leverage them with our own specialised risk management solutions, so that our clients are equipped to withstand the threats of today and those yet to emerge.
As for the future of AI? The last 12 months have produced so many awe-inspiring developments across many banking and fintech functions, and I’m excited to see how AI evolves over the next year. Tribe Payments will be relentlessly exploring and continually investing in trailblazing tech to help businesses fortify their defences against potential threats now and into the future.