The AI Arms Race in Payment Fraud

• Key insights: AI is complicating the payments fraud fight for banks. 
• What’s at stake: The fraud conundrum is a problem for banks of all sizes. But mid-size and smaller banks are especially dependent on their core processors for solutions, and often they’re getting a mix-and-match of tools that are inefficient and costly. 
• Forward look: Payment experts suggest banks move beyond the current prevailing approach, which is siloed. 

Payments fraud is a big, costly headache for banks that’s only getting worse as criminals deepen their use of AI tools.

Processing Content

Notably, Visa Scam Disruption, a special unit aimed at stamping out fraud, has identified more than $1 billion in fraud attempts since its inception in 2024. Working closely with clients and law enforcement, Visa dismantled more than 25,000 scam merchants, according to a September blog. 

The fraud conundrum is a problem for banks of all sizes. But mid-size and smaller banks are especially dependent on their core processors for solutions, and often they’re getting a mix-and-match of tools that are inefficient and costly. 

Banks could easily spend around $1 million to $30 million or more on fraud protection tools, depending on the size of the bank and its fraud protection needs, according to Saurabh Bajaj, chief product officer at Oscilar, an AI risk decisioning platform. 

The rise of agentic commerce makes fraud-fighting efforts all the more pertinent for banks. Also, AI has magnified the ability for fraudsters to spoof identities and more easily slip under the radar. “AI made fraud economics work a lot more effectively at scale,” Bajaj told American Banker. At the same time, it means banks have to up their game—and, unfortunately for banks and their customers, the defense hasn’t kept up with the fraudsters. “Yesterday’s tools are a lot more ineffective,” he said.

Here are concrete ways banks can improve their fraud-fighting efforts:

Stay informed

One important factor in fighting fraud is staying abreast of the latest fraud trends. To that end, the U.S. Payments Forum earlier this month announced two resources to help industry participants better understand how AI affects the fraud ecosystem. This includes a new podcast episode, with professionals from Visa, Feedzai, an AI-based fraud protection company, and Velera, a payments credit union service organization, and a complementary slide deck focused on AI-driven financial scams.

The podcast covers topics such as how machine learning differs from traditional rules-based fraud systems, the role of predictive AI versus generative AI in fraud prevention, and how organizations are using machine learning to improve detection and reduce false positives.

Do your due diligence

There’s a competitive market for fraud-related reg tech companies that serve banks. Many of them leverage AI for fraud-detection purposes. The competition helps drive down costs for banks, Ian Moloney, chief policy officer of the American Fintech Council, told American Banker.

“The conversation should not necessarily be around cost, but around outcomes,” he said. “If you’re not seeing outcomes that move the needle, that’s where it becomes incumbent on the financial institution to ask if they’ve got a good deal on the tool they’ve built or contracted with for that service.”

Big banks take the lead on using AI to detect bad actors

Large banks generally have more extensive fraud-fighting tools than smaller banks, and some are even involved in broader testing efforts. JPMorgan Chase is among those working with Anthropic’s Mythos model under Project Glasswing, a collaborative effort to secure the world’s most critical software before increasingly capable AI models can be turned against it. Since April, Anthropic and about 50 partners have used Claude Mythos Preview to find more than ten thousand high- or critical-severity vulnerabilities across the most systemically important software in the world, according to a May 22 update from Anthropic. 

The future is automation

Banks are still doing a “massive amount” of manual review today for fraud detection, Chaitanya Sarda, chief executive of AiPrise, an AI-powered global compliance platform, told American Banker. So much of the work can—and should—be automated, he said. If AI is the perpetrator, human analysis isn’t adequate, he added.

Core processors need a push

Small and mid-tier banks are often overly reliant on their core processors and the tools offered may not be AI-focused or the most up-to-date, said Kunal Datta, chief product officer of Unit21, an agentic AI platform for fraud prevention and Anti-Money Laundering compliance. Banks are often locked into the technology offered by their core, and, as a result, are unable to partner with fintechs that are at the forefront of fighting fraud using AI. “They’re often stuck with legacy technology, and bad actors don’t have the limitations,” Datta told American Banker.

Scrap the siloed approach

One problem with banks’ approach to fraud detection and prevention is that it’s fragmented, Oscilar’s Bajaj told American Banker. Banks shouldn’t be using different solutions for onboarding, ACH fraud, wire fraud, AML, underwriting, authentication and other fraud-detection and prevention tasks. 

“It’s like having five different brains that don’t talk to each other and don’t share context,” he said. Having a unified platform can more effectively prevent fraud, more seamlessly allow legitimate transactions, and lower costs for banks. 

Bajaj offered the example of a customer who opens a new credit card account to complement an existing deposit account. If banks only looked at data related to the credit account, they might flag certain transactions that seem out-of-the-ordinary, or let through suspicious transactions. But having a bigger-picture view, knowing more about the customer and their spending patterns, can provide better outcomes for the bank and the customer, he said, adding that any solution should be “specially built for the AI-enabled attack world that we live in today.”