Fighting enterprise fraud in the era of AI

Generative AI (gen AI) is changing the fraud prevention game – especially for enterprise companies, which are constantly targeted by fraudsters due to the amount of valuable customer, financial and proprietary information they hold. 

 

Historically, fighting fraud in the enterprise has been a never-ending game of whack-a-mole. As soon as risk and fraud teams deployed a new solution to defend against a new fraud tactic, criminals found ways to quickly adapt to get the information they wanted.

Today, gen AI-related fraud is the new challenge for enterprises. While many companies are using gen AI to improve efficiencies, the downside is that fraudsters have also very quickly figured out how to use this technology to their advantage.

 

Why enterprises need better fraud prevention in the AI era

 

The figures would suggest that fraudsters’ ability to adapt their tactics to evade new methods of detection have been wildly successful:

• Globally, $458.6 billion was lost to fraud in 2023
• In 2024, credit card fraud alone is estimated to have contributed to roughly $35.8 billion in losses worldwide
• Account takeover (ATO) fraud caused nearly $13 billion in losses in 2023

 

Additionally, big companies such as AT&T, Change Healthcare, MGM, Snowflake and Ticketmaster have made headlines in the past year for exposing customer information in large-scale data breaches. These breaches are costly: on top of any demanded ransom, companies also lose revenue if their systems are disabled, suffer reputational damage and may face class-action lawsuits.

 

Most enterprises currently have traditional cyber-security measures in place, such as annual employee security training, multifactor authentication (MFA) and one-time passwords (OTP) to combat fraud. However, such solutions are now too easily circumvented. For example, fraudsters are using gen AI to create more convincing emails and messages in social engineering schemes to trick employees and even IT helpdesks into revealing valuable information. They also are continuing to use tactics such as SIM card swapping to successfully bypass MFA requirements to gain access to customer and employee accounts, and more.

 

In order to strengthen their existing security measures and reduce fraud, enterprises should look into adopting device intelligence, which provides reliable and accurate visitor identification while still optimising user experience and protecting user privacy.

 

What is device intelligence?

 

Device intelligence is a technology that analyses and recognizes the devices visitors use to access a site or application. It gathers various attributes such as the device manufacturer, operating system, screen resolution and much more to create a unique device identifier and assess risk or visitor characteristics.

 

A comprehensive device intelligence solution should provide not only a device identifier but also additional real-time signals such as VPN detection, browser tampering detection, bot detection, virtual machine detection and more. This provides risk and fraud teams with the data they need to better differentiate between legitimate and potentially suspicious users, and decide what steps they want to take if suspicious device activity is detected.

 

As an example of how this technology works, Fingerprint is a device intelligence platform that collects over 100 network, device, and behavioral signals to assign every visitor with a unique, persistent visitor ID. Due to the high entropy of the signals and Fingerprint’s continuous training of proprietary machine learning models, this identifier stays stable, even when cookies are cleared, IP addresses change, or incognito mode is used.

 

Additionally, Fingerprint’s device intelligence doesn’t rely on cookies or any other invasive tracking methods, making it an ideal solution for companies in regions with stringent data privacy regulations. The technology can also help streamline the experience for trusted users because it can be configured to allow previously identified and trusted devices to log in and complete transactions without requiring extra authentication steps.

 

Take the next step in fraud prevention

 

As fraudsters get better at what they do, enterprises also need to get better at detecting and preventing fraud to protect both company and customer data.

 

A comprehensive device intelligence solution enables enterprise risk and fraud teams with the real-time data they need to detect potentially suspicious activity and take action before fraudsters can do harm. At the same time, this technology can reduce friction and optimise the user experience for previously identified, trusted visitors, while staying in compliance with data privacy regulations such as GDPR and CCPA.

 

A third certainty in life, besides death and taxes, is that fraudsters will continue to find new ways to exploit emerging technology such as gen AI for their own uses – and device intelligence is the next step in successfully fighting them.

---

by Dan Pinto, CEO, Fingerprint 

---

For more information, please visit fingerprint.com