The blistering pace of AI development is creating market opportunities for financial institutions while making them vulnerable to an increasingly sophisticated threat: fraud. 

More than 3 in 4 financial institutions worldwide worry about their ability to effectively handle emerging fraud threats, and more than 8 of 10 say they have trouble balancing security with a smooth customer experience, according to a June 1 report by Forrester Consulting, “Improve Fraud and Anti-Money Laundering Operations with a Proactive and Unified Approach.”

Scaling fraud ops

The advent of generative AI has given fraudsters the ability to scale their operations almost infinitely, using autonomous chatbots like Auto-GPT to have convincing conversations with a massive number of potential victims, Alex Kushnir, head of commercial development at AI-based anti-fraud startup Sardine, told Bank Automation News. 

Criminals are also increasingly embracing “deepfakes,” or digitally altered media meant to imitate a personal identity. A May 30 report by verification platform Sumsub found that use of deepfake technology for fraud more than doubled between full-year 2022 and the first quarter of 2023. Last quarter, deepfakes made up 2.6% of all fraud in the U.S. — a 1,300% increase over the 2022 average. 

“Generative AI is just pouring gasoline into this burning fire,” Kushnir said. “It’s just going to get these fraud rings a lot more efficient and a lot scarier, in terms of what they can do.” 

With demand for fraud protection increasing, the following fintechs have employed AI technology to protect entities ranging from legacy banks to e-commerce retailers: 

Sardine

Sardine, founded in 2020, uses AI to analyze user behavior and interpret signals from users’ devices to make nuanced, real-time decisions about whether a transaction is fraudulent, according to Kushnir.

“[It] could be slight combinations of, for example, how you’re holding your phone and how you’re typing, or are you on a phone call or … how long has the session been going on?” Kushnir said. 

He said the “collection of fraud fighters” who started Sardine combine know-how from established tech players like Uber and PayPal with wisdom from “the jungles of crypto,” at platforms like Revolut and Coinbase. 

“Anybody can clamp down fraud but clamping down on fraud while maintaining low false positives and maintaining high conversion rates … turns a little bit more into an art form,” Kushnir said. 

According to its website, Sardine maintains a 98% authorization rate on transactions for its clients, while producing half as many false positives as its competitors. 

Sardine’s performance has attracted high-profile clients in the banking sector, from Dutch giant ING to neobank Brex.

The company announced a partnership with St. Cloud, Minnesota-based Stearns Bank on May 15. 

Sift

Digital security pioneer Sift’s co-founder and Executive Chairman Jason Tan was an engineer working on machine learning in 2011, when he decided to apply the technology to fighting credit card fraud. 

Like Sardine, Sift uses AI to track user behavior across the lifetime of a transaction to develop a holistic, “cradle-to-grave” picture of each customer, Vice President of Digital Trust and Safety Kevin Lee told BAN. 

The fintech has expanded to encompass a spectrum of use cases, with clients ranging from Twitter and McDonalds to payment card aggregator Curve and remittance platform Remitly. 

“What we’ve done is built a system that is flexible enough to service all of these different types of customers,” Lee said, describing a “fraud economy” in which criminals do not limit themselves to one industry. 

Sift compiles data from its 32,000 clients to create a network that allows the company to identify problematic patterns in user behavior and pinpoint identities that carry a higher risk of being fraudulent across platforms, Lee said. 

The shared insights from Sift’s data network enable this “better together approach” — which Lee says makes up a significant part of Sift’s competitive advantage — though the data itself is not shared across customers, according to Senior Corporate Communications Director Victor White. 

The fintech acquired dispute management company Chargeback to bolster its customer guarantees in 2021 and on Tuesday announced an expansion of its partnership program at the Money 20/20 Europe conference. 

nSure.ai

Israeli fintech nSure.ai, founded in 2019, grew out of a gift card marketplace, where co-founder and Chief Executive Alex Zeltcer and nSure.ai Chief Technology Officer Ziv Isaiah were declining nearly 50% of potential customers due to fraud concerns. The two were looking to spare other companies this kind of friction.

“Go do the business you need to do, [and] we’ll find a way to get your approval rates high enough so that you can run that business,” Zeltcer told BAN. 

Drawing on experience, he and Isaiah targeted four sectors where fraud is easy and highly scalable: prepaid cards, gaming, travel and cryptocurrency and NFTs. Their clients include payments technology provider InComm Payments and cryptocurrency exchange Paybis. 

The company wants to expand its coverage to neobanks, which Zeltcer said often lock customer funds for weeks while determining whether a transaction is fraudulent, a process that adds friction to the customer experience. 

“What we would offer them is an instant decision,” he said. “Either [an] immediate decision on logging of funds or immediate decision on extracting the funds — whether you should accept that transaction or not.” 

While nSure.AI also compiles anonymized data to track potential red flags, Zeltcer said the company does not blacklist identities like some of its competitors, calling the strategy “completely ineffective.” 

“There’s nothing that you gain, except for giving [fraudsters] an incentive to use a different email address,” he said. 

Instead of keeping tabs on single users, the company uses machine learning to track groups of customers exhibiting anomalous patterns. 

“They’re not linked by their IP, or by their device, or by their … country, or by their payment instrument,” Zeltcer said. “You need to find another way to link them together — and that’s us.” 

The CEO said the company’s competitive advantage also comes from “offensive measures” more prevalent in the cybersecurity sector. This means that rather than merely declining a prepaid card used in a fraudulent transaction, nSure.ai tries to “burn the card” so it cannot be used again. 

“Now there’s a pain associated with trying to attack a site that we defend,” Zeltcer said.