Anti-Fraud: Fraudsters Shall Not Pass. But What About Customers?

Fraudsters are always one step ahead. Today they hide behind a perfect smile in a fake profile photo; tomorrow they exploit freshly issued virtual cards; the next day, they launch mass attacks on leaked databases. Every new scheme is a stress test for business—one that must be answered faster than customers can lose trust.

Igor Ermak, a recognized expert in cybersecurity, anti-fraud, and business continuity for financial institutions, is convinced: anti-fraud is not just about preventing losses—it is a source of competitive advantage. His experience shows that a well-designed fraud prevention system can simultaneously reduce risk and speed up customer journeys, turning vulnerability into growth.

Put simply, once we can confidently identify who is a fraudster, we can solve another, equally important mathematical and practical problem: who is definitely not a fraudster. And while fraud typically accounts for no more than 1–5% of a portfolio even in the worst cases, the share of “clean” customers is never lower than 70–80%. That insight allows companies to accelerate approvals, simplify checks, and expand product access at the very first touchpoint for customers who clearly fall into the low-risk category.

A Different Way to Look at the Problem

When fraud hits, most companies react the same way: urgently “plug the hole.” They introduce rigid rules, blanket checks, and endless document requests. Meanwhile, customers are only willing to wait minutes—not hours. If an anti-fraud system becomes overly suspicious—driven by a high false-positive rate—the business inevitably loses good customers to less paranoid competitors.

We’ve been through this ourselves. In its early days, anti-fraud really does resemble a fire brigade: a bucket, a rag, and one task—put out the fire. First, you make chaos manageable. Then you try to turn emergency response into a structured process that minimizes the very conditions in which fraud emerges.

Over time, however, one thing became clear: if fraud is treated purely as a threat, the business will always stay in defensive mode.

Eventually, the author realized something fundamental. Fraudsters use exactly the same processes as legitimate customers. They apply for products, use cards, log into personal accounts. Fighting fraud, therefore, is not a parallel process—it is part of the core business model. The real question is not whether we can catch the bad actor, but whether we can distinguish fraud from a legitimate customer quickly and accurately, without destroying the customer experience.

That is why anti-fraud stopped being just a protective shield for us. It became a competitive tool. Where others see risk, we see opportunity: to accelerate onboarding, remove unnecessary friction, and deliver better service. And ultimately—to win not only against fraudsters, but against competitors.

What Anti-Fraud Is Built On: Data and Rules

Anti-fraud cannot be built on algorithms alone. At its core are data and the ability to translate data into rules. The more dimensions of a customer we can observe, the less room fraudsters have to maneuver.

Documents and Application Data

National IDs—passports in Russia, CCCD/CMND in Vietnam, Aadhaar in India, and others—are the first line of defense. This is where we detect anomalies, sometimes almost absurd ones. For example, a “time-travel” scenario: a customer’s credit history shows a passport issued after the one they are currently presenting. Such inconsistencies are a 100% red flag.

We validate every detail: issue dates, issuing authorities, links between documents. Each country has its own nuances, and those nuances must first be learned — and then continuously updated.

Phone Number and SIM Card

A phone number is a customer’s behavioral passport. We analyze SIM lifetime, telecom spending, and the number of devices the SIM has been used in. A simple rule: if a SIM is less than a month old and has no payment history, fraud probability spikes. If the same number appears on three different devices within a short time frame, it is almost certainly part of a scheme.

Digital Footprint

Fraudsters love hiding behind technology: VPNs, TOR, remote desktops. Yet every device leaves a digital fingerprint—a unique combination of parameters. We analyze user agents, screen resolutions, browser settings, and identify patterns.

In models, these signals form clusters: where red dots concentrate, fraud concentrates. Sometimes even a photo becomes a signal—an unnaturally perfect “Hollywood smile” often points to an AI-generated image.

Cards and Transactions

The way money is received tells a story. We check issuing banks, linked devices, blacklist hits. One case revealed that even the first digits of card numbers can be meaningful. In the Philippines, we noticed a spike in defaults tied to cards with newly introduced prefixes. After contacting the issuing bank, we discovered they were freshly issued virtual cards.

Biometrics and Liveness

What a person cannot easily change—or can only change at great cost—are biometric factors. The more non-application-based factors we introduce into an anti-fraud strategy, the stronger the protection.

When implemented correctly, biometric technologies fit seamlessly into business processes, creating a smooth interface that builds loyalty to the product and brand.

In most cases, we start with a photo—it is the easiest signal to capture during customer interaction. Two tasks are critical: ensuring a real person is present at the moment of capture (liveness detection), and configuring effective face matching—both one-to-one (verification) and one-to-many (identification). At early stages, biometric implementation typically reduces fraud losses by 5–10% in nominal terms for high-risk portfolios.

Credit History

Credit bureaus are a goldmine of insights. We detect anomalous chains: passports with “jumping” dates, dozens of loans tied to a single phone number, sequences never seen among legitimate customers. These behavioral patterns often expose fraud before money ever leaves the company.

From these sources, we built dozens of simple, transparent rules. They are easy to explain to the business and can reduce fraud by tens of percent. But rules have a limit. Too many of them—and honest customers start getting caught in the net. That is why rules are only the foundation. The next step is models.

From Rules to Models

Rules are excellent for quickly restoring order—we’ve seen fraud drop by tens of percent thanks to them. But they come with a serious downside: the more rules you add, the more they strangle the business.

We experienced this firsthand. Once our rule set exceeded fifteen anti-fraud rules, rejection rates driven by fraud checks climbed to 15–20%. In reality, that meant good customers were being rejected as well. Fraud was falling—but so was revenue.

The solution was segmentation and modeling. Instead of focusing on isolated signals, we started analyzing the entire customer flow. The model divided it into three zones:

• 80% “clean” customers — fraud probability near zero. Checks removed, approval time cut by 5–10x.
  
• 20% “grey zone” — some risk present. Enhanced checks applied.
  
• 1–2% “confirmed fraud” — rejected immediately.
  

The effect was two-sided. In the green zone, we stopped losing legitimate customers and gained +4–6% in sales. In the grey zone, deeper verification brought back another +1–2% of customers previously rejected by blunt rules. The result: not just lower fraud, but business growth—faster approvals, happier customers, higher conversion.

The key difference is that models see the full data landscape. Where a rule cuts indiscriminately, a model leaves room for nuance. We use gradient boosting: hundreds of variables, thousands of observations, and a final risk score for each application.

For the business, this was a turning point. Approval times dropped dramatically for most customers, service became faster, trust increased—while fraud remained under control. Anti-fraud effectively evolved from a defensive mechanism into a growth tool.

Monitoring and Resilience

When companies move from rules to models, a new trap appears: the illusion of stability. Models work, sales grow, fraud declines—and it feels like everything is under control. In reality, a model without continuous monitoring is a ticking time bomb.

Customer behavior changes. Economies accelerate and slow down. Fraudsters test new schemes. What predicted risk perfectly yesterday may start failing tomorrow—either rejecting good customers or letting suspicious ones through.

To keep the system healthy, we constantly monitor key variable distributions—daily, weekly, monthly. Sudden shifts, such as changes in age or gender balance, signal that rules or models are losing relevance.

We also use “streams” of about 5% of applications that pass through without filtering. For the business, this is painful—these customers generate losses. But this stream reveals the system’s true state. If defaults spike there, it confirms that models and rules are doing real work.

Fraud attacks rarely last longer than two weeks. During such periods, we temporarily revert to rules while models run in the background. Once the attack fades, models return to production. We always keep interpretable backups—such as logistic regression. Less accurate, but controllable when complex algorithms like boosting start behaving unpredictably.

Anti-Fraud as a Business Growth Tool

Continuous monitoring and rapid strategy shifts keep anti-fraud systems relevant. But the most important realization for us was this: anti-fraud is not only about loss prevention—it can actively drive growth.

Initially, companies treat anti-fraud as an emergency patch: close gaps quickly, stop the bleeding. But once segmentation and models are in place, it becomes clear that smart anti-fraud improves customer experience. For 80% of low-risk customers, we removed checks entirely and accelerated onboarding by five to ten times. What once took lengthy verification now takes minutes.

For customers, this means convenience and trust. For the business, it means higher sales. In practice, segmentation and modeling delivered a 2–5% uplift in revenue. We stopped losing honest customers in the green zone and recovered part of those wrongly rejected in the grey zone—while keeping fraud under control.

In essence, anti-fraud stopped being an emergency brake. It became a lever: a tool that reduces risk and unlocks growth at the same time. It’s a paradox that works—on modern markets, the very system designed to restrict ultimately helps businesses sell more, and sell faster.