From Reaction to Prevention: Rethinking Payment Fraud
With the advent of faster payments, many financial organizations have prioritized speed over fraud detection. Consumers expect instant transactions, but banks must still protect themselves and their customers from fraud. Running fraud detection in the background—analyzing contextual signals and historical data—helps strike the right balance between speed and security.
In a PaymentsJournal Podcast, Diarmuid Thoma, Head of Fraud & Data Strategy at AtData, and Jennifer Pitt, Senior Analyst of Fraud Management at Javelin Strategy & Research, discussed how traditional fraud detection methods have fallen short in the era of real-time payments. The key today is to stop fraud before it occurs.
Moving Protections Upstream
For customers, speed is paramount—but that speed is only required at the transaction or decision phase. Banks can conduct much of the pre-authorization and risk assessment before a transaction ever happens, without the pressure of real-time execution. By the time a customer reaches the transaction stage, the bank should not be scrambling to complete all fraud checks instantly.
Many institutions focus on where the financial loss occurs. When a transaction results in a chargeback, they look to fix the transaction itself. In most cases, however, that wasn’t the customer’s first interaction. The initial touchpoint often occurred much earlier, well upstream of the chargeback.
“With account takeover, you can see a lot of behavioral signs before payments even happen,” said Pitt. “If the information is changed in something like an account profile, that’s a clue. Logins from different areas at different times can be a clue. If that is flagged first, then essentially the suspicious payment doesn’t happen, and there’s no loss to either the consumer or the financial institution.”
Building an Identity
In the traditional brick-and-mortar world, banks might have asked for a driver’s license or passport to open an account, perhaps along with a utility bill to verify an address. While those documents could be forged, such cases were relatively uncommon.
Today, verification relies on digital identity. Devices, IP addresses, and email accounts form the foundation of an identity profile. That profile extends across consortium networks containing prior transaction data, creating a clearer picture of how a consumer behaves. For example, is this person likely to buy $1,000 sneakers?
“It’s building an identity,” said Thoma. “Even in the physical world, who we are is defined by liking a certain bar, or shopping at a certain store. All of those together, that’s you. All we’re doing now is taking that and translating it into a digital concept. From a fraud perspective, that builds consistency. The nice thing about good people, from a fraud profiling point of view, is they’re very consistent.”
Modern fraud professionals build dynamic profiles rather than relying on static identifiers. They can construct timelines spanning five or 10 years—whatever data is available—representing a big leap forward from traditional methods.
“When I was in the banking world, part of my role was to evaluate investigations to see if the investigations were done correctly,” said Pitt. “I would frequently listen to different calls from customer service reps and call centers. Several times I listened to calls where the fraudster themself was trying to make a wire transfer.
“The call center rep just asked for basic information like name, date of birth, normal knowledge base questions. Information that you can get pretty much anywhere, from leaked data breaches to background check websites,” she said. “That wire was able to go through. And when the customers called in to say there’s fraud, the customer service representative said, well, no, you verified the information.”
Bringing the Information Together
Many financial institutions still conduct manual reviews one transaction at a time. This approach yields insight only into those specific transactions and fails to reveal broader fraud patterns or emerging tactics.
“I still see small financial institutions operating as if there were no internet,” said Pitt. “They’re essentially verifying physical documents, especially in branches with human detection only. That is not good enough anymore with the AI tools that are out there for fraudsters. It is so easy to fake or forge some of these documents. You can’t rely on a human detection for that.”
Compounding the issue, criminals understand reporting thresholds. They deliberately stay below those limits, spreading activity across multiple accounts and institutions. That is why consortium data-sharing is essential for identifying coordinated patterns that would otherwise go undetected.
The Best Quality Data
In the early days of social media, companies could look up a profile to confirm a person’s existence. Today, AI can easily generate convincing social profiles across multiple contexts and geographies. Fabricating digital footprints isn’t only simple, it’s scalable. The challenge for banks is no longer finding data, but finding data that can’t be easily manipulated.
“Ideally, the best quality data is immune to automated generation,” Thoma said. “Sources that are unconnected to each other are independent of each other. An email is unrelated to a device from a data perspective. When you take in all this data from unconnected data sources—if they all agree that something’s good—generally you have better decision quality.”
Investing in advanced fraud prevention tools may seem costly upfront, but the expense is inevitable. Institutions will either pay on the front end by strengthening their defenses—or on the back end through fines, consent orders, reputational damage, and customer attrition.
“We have to stop looking at payments fraud from the point of the transaction,” said Pitt. “That’s the last possible point to prevent fraud. We talk about defense in depth and a layered approach where if some security measure does not catch the fraud, then another one will. We still need to look at the payment itself, but we also need to look at everything before that so that we can catch the fraud earlier.”
