Fight AI with AI: How payments businesses can combat fraud networks

by Pavel Goldman-Kalaydin, head of artificial intelligence & machine learning, Sumsub

Share this post

What is this article about?

How payment businesses can use AI technologies to combat sophisticated fraud networks.

Why is it important?

Fraud networks are increasingly sophisticated and pose significant financial and reputational risks to businesses and consumers.

What’s next?

Businesses need to adopt advanced, AI-powered solutions to detect and mitigate fraud effectively.

Identity verification technologies develop rapidly each year. However, such significant strides only take businesses so far. The seemingly huge leaps forward become crippled—and at times outpaced—by the relentlessness of illicit actors. Despite advancements, online fraudsters remain undeterred, continually evolving their tactics.

Despite advancements in verification capabilities, cybercriminals’ nefarious ingenuity persists, leading to a projected surge in payment card fraud losses reaching $49 billion by 2030. Further, according to Statista, payment fraud led to 1.59 billion-dollar losses in the US alone in 2022.

One of the key reasons for this alarming trend is the growth in fraud networks, which continue to challenge the integrity of digital transactions. Fraud networks, as revealed by recent research, represent a sophisticated form of criminal enterprise, with approximately one in every 100 users affiliated with such groups.

Payments Industry outlook

The payments industry is entering a ‘decoupled era,’ according to McKinsey. Payments are increasingly separate from accounts and are dominated by key technologies. Against this backdrop, customer expectations for convenience, affordability, and security are rising.

However, effective fraud mitigation is crucial with fraud and scams, such as account takeovers and authorised push payments (APPs), surging and causing significant consumer losses. What’s more, APP fraud has risen in recent years; in 2023 alone, criminals stole over £459.7 million in the UK through APP fraud, according to UK Finance, with fraud cases rising by 12% to a total of 232,429 attempts.

Beyond financial losses, APP fraud can severely damage a business’s reputation. If companies fail to tackle this, they risk eroding the trust and integrity they have painstakingly built with clients.

Understanding fraud networks

Fraud networks, or fraud rings, are organised groups comprising multiple accounts engaged in criminal activities, including money laundering and personal data breaches. These networks vary in size and structure; some may have thousands of members, while others comprise only one fraudster controlling multiple accounts and targeting payment businesses.

Fraud rings frequently use multiple accounts, which may be bought on the dark web or created with false identities. These accounts are then employed to commit various forms of digital fraud. Activity examples include:

  • Multi-accounting, including mule networks and identity theft
  • Deepfake scam networks
  • Bot farms
  • Incentivised traffic fraud networks.

High-risk regions

Fraud rings are pervasive. Their reach transcends geographic boundaries, with certain regions being particularly vulnerable. As such, a range of factors like economic instability, political unrest, and weak regulatory oversight make some areas especially prone to fraudulent activities.

The surge in network fraud across APAC outpaces other regions, such as the Americas and Europe by eight-fold. However, these networks are found not only in growing markets like Bangladesh or Vietnam. They are also rising in developed economies such as Spain, Portugal, and Singapore, where 4,700 people were either arrested or under investigation for this, which doubled by 2022. In one case, we found that several dozen crypto exchange applicants in Estonia raised suspicion by uploading identical proof of address documents from an unlicensed foreign bank. This revealed potential attempts to issue multiple crypto cards to the same address.

Fraud rings will continue to gain prominence, just like AI-powered deepfakes. The damage they cause is much more significant than that of individual scammers, therefore businesses must be prepared for this and protect their platforms in advance.

Undermining digital ecosystems

Fraud rings present unique challenges for payment firms. For instance, identity theft rings steal personal information to commit financial fraud, endangering both individuals and businesses. Meanwhile, money-muling networks recruit unsuspecting accomplices to launder illegal funds, exploiting vulnerabilities in online payment systems.

Moreover, online fraud has become worryingly sophisticated. Deep fake fraud rings use advanced AI to create fake multimedia content. Such content easily deceives victims, as the average human eye struggles to distinguish between real and fake.

Similarly, bot networks and incentivised traffic schemes employ automated algorithms to mimic human interaction, misleading advertisers and compromising the integrity of digital ecosystems.

Fighting AI with AI

Unfortunately, no magic tool eliminates all fraud. However, there is a principle that can help companies effectively deal with different types of threats. It’s the blended approach principle, which involves multi-layered protection to varying stages of the user journey.

Detecting and mitigating the threat posed by fraud rings requires advanced solutions, including AI-powered detection solutions that offer businesses a proactive defence against fraud rings’ insidious tactics. By adopting such techniques, businesses can cluster onboarding applicants based on behaviour and technical usage patterns, enhancing control and investigation across different fraud types.

Leveraging AI allows firms to prevent multi-accounting by identifying connections between similar accounts, recognising when fraud networks are using deepfakes, combat chargebacks with mule detection, monitoring traffic to distinguish genuine engagement, and detecting bot farms through device fingerprinting and behavioural analysis.

As businesses navigate an increasingly complex payments landscape, the imperative to combat fraud rings grows ever more urgent. Innovative technologies will help payment businesses fortify their defences and uphold the security of digital transactions, ensuring a safer online ecosystem for all.

Facebook
Twitter
LinkedIn

Read more Payments Intelligence

More To Explore

Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.

Welcome

Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

Discover how AI combats evolving fraud in payments. Join The Payments Association to read the full article.

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?