AI vs. AI: Why we need to rethink fraud detection

Artificial intelligence is fundamentally changing fraud detection: while the digital deceptions of the past are relatively easy to detect today, digital fraud has taken on a whole new dimension. All the signals that have reliably provided guidance up to now are losing their significance: whether it’s the voice that can be synthesized, the replicated device profile, or the identity carefully constructed with the help of information from data leaks.

This means that existing verification mechanisms are also losing their reliability, quietly but rapidly. Even though deepfakes, i.e., deceptively real fakes generated by AI using images, videos, or voices, are still rare in everyday life, they are now appearing in attacks that appear much more structured than many of those we have seen so far.

This development has paradox implications for fraud detection: Attackers and defenders are working with the same methods; many of the tools required for this are freely available. Coordinated programs called toolchains are used to systematically test defense systems and attacks are individually and immediately adapted. This makes fraud increasingly efficient and difficult to predict. And once one security gap is closed, the next one is discovered and exploited – a pattern that is accelerating thanks to AI.

Another important factor is that while attackers only need to find a single vulnerability, defenders have to secure the entire system at all times.

It seems obvious to strengthen fraud detection with additional AI models or increasingly sophisticated rules. However, this leads to a veritable AI arms race through which detection systems become more complex, but not more reliable. This will not change as long as fraud detection continues to be based on the same old signals, whose authenticity is becoming easier and easier to imitate.

The focus of security must shift to signals that cannot be faked or are difficult to fake. It must become too costly for fraudsters, even with sophisticated AI methods, to forge an identity, for example. Only then will those who fight fraud have a chance of besting the fraudsters.

Currently, only signals that are deeply anchored, physically, behaviorally, or cryptographically secured are truly resilient. These are primarily:

Another important factor in modern fraud prevention is the interaction of multiple signals. Fraud detection mustn’t consider individual characteristics in isolation anymore. Many attacks today are convincing only because they are able to imitate individual characteristics well. A synthetic identity—i.e., an artificial personal identity created from fictitious or stolen data—may appear plausible at first glance, but it has no real history behind it. An artificially generated device profile can replicate technical characteristics, but not the behavior that develops over many interactions. And even modern cryptographic methods only reveal their full value when they are part of a broader security concept that can be adapted to new requirements.

The more closely these levels are interconnected, the quicker it becomes apparent when something does not fit. Many current approaches to fraud detection reflect precisely this. Replicating a veritable net of multiple signals is difficult to achieve for fraudsters, even with the help of generative AI.

One example of the resilience of such a signal combination are digital wallets. These leave two types of traces: firstly, movements on the blockchain and, secondly, information outside of it, such as data about the device, the person, or their typical behavior. Taken individually, both sides may appear inconspicuous. Only when viewed together does it become clear whether they really fit together. The blockchain shows how a wallet moves within the network and whether it exhibits unusual patterns. Off-chain, the question arises as to whether the identity, device, and user behaviour match. If the two do not match, a clear warning signal is generated.

This presents an additional hurdle for attackers: not only would they have to generate a plausible wallet history, but they would also have to simulate the appropriate behavior and identity characteristics. This example illustrates how important a holistic approach to fraud detection has become.

This results in several technical and organizational tasks for banks, which can be broken down into these three specific steps:

1. Systematically record your own signal inventory: Which stable signals already exist, and which are missing?
2. Connect systems more closely and enable correlation: Banks should converge their signals in one common architecture instead of spreading it over multiple systems. This would allow anomalies to be identified more quickly and classified more effectively. It would reduce blind spots and create the conditions for sound decision-making.
3. Modernize cryptographic fundamentals: Crypto agility is needed to withstand future quantum attacks. Banks must prepare themselves accordingly for post-quantum cryptography.

Despite all the challenges, I see this development as an opportunity: when AI, stable signals, and clear responsibilities are combined, they creat a more robust digital infrastructure. Digital fraud will not disappear entirely, but we can renew the foundations of trust.

And lastly, in fraud detection, it is also crucial that human judgement is always part of the equation when considering the technological possibilities offered by AI. Artificial Intelligence is capable of many things. Alas, it cannot replace the experience and deliberation that are necessary in truly critical situations. This is precisely where the future lies.