The payments industry stands at a crossroads, caught in a relentless tug-of-war between two existential imperatives. On one side lies the critical need to prevent fraud—a threat growing in both volume and sophistication. On the other, the equally vital demand for seamless customer experiences that don't drive away legitimate users in an era where consumer patience wears thinner than ever. This isn't merely an operational challenge; it's a fundamental redesign of how financial institutions verify identity in the digital age.
Recent data paints a disturbing picture of an industry under siege. Visa's 2024 Global Fraud Report reveals that 60% of financial institutions worldwide have seen a marked increase in fraudulent applications—a figure that rises to 88% according to Mastercard's parallel research. These aren't isolated incidents, but rather symptoms of a systemic vulnerability being exploited by increasingly organised criminal networks.
"We've moved beyond the era of individual fraudsters working in isolation," says MVSI CEO Daniel Sheahan. What we're facing now are industrialised fraud operations that leverage automation and AI to launch brute-force attacks against financial institutions' onboarding systems.
These attacks follow a disturbingly effective pattern. Criminal organisations deploy bots to submit hundreds, sometimes thousands, of fraudulent applications simultaneously. Even with a success rate of just 1-2%, the payoff can be substantial. We've seen cases where a single successful penetration of an onboarding system can yield millions in illicit gains —whether it is through fraudulent merchant accounts, synthetic identity scams, or money laundering conduits.
The Rise of Industrialised Fraud
The tools of this new criminal class would make a Cold War spy envious. Deepfake technology now generates video footage capable of fooling even advanced liveness detection systems. Machine learning algorithms study and replicate human behavior patterns with unsettling accuracy. Document manipulation software can recreate security holograms and watermarks that were once considered foolproof.
Deepface-driven fraud is surging, with attacks bypassing identity verification skyrocketing by a 704% in 2023, according to the World Economic Forum. This staggering increase adds to the growing burden of cybercrime, projected to reach USD $10.5 trillion annually by 2025. Meanwhile, as security teams add more verification steps, they encounter a painful paradox: clunky onboarding drives consumers away, with lengthy procedures leading to high abandon rates. The outcome is a lose-lose situation—institutions either frustrate legitimate customers or leave themselves vulnerable to attack.
The human cost of this imbalance becomes evident when Sheahan illustrates a hypothetical scenario: Imagine a mid-sized payment processor spending $200 to acquire each new merchant. If their onboarding process is inefficient and leads to 40% attrition, that means $80 is wasted per merchant. Multiply that across 250,000 new merchants per year, and that’s $20 million lost in acquisition costs annually for a single firm. Now, imagine the impact across the entire industry.
A New Model for Identity Verification
In this high-stakes environment, a surprising solution is emerging from an unlikely source: the past. The "body of evidence" approach—once the foundation of paper-based identity checks—is being reinvented for the digital age. Where Australian banks once required 100 points of ID from physical documents, modern systems silently assemble digital proof from hundreds of data points. These digital identities are built using a combination of advanced technologies like biometrics—facial recognition and fingerprints—as well as behavioural data, including login patterns and device usage.
By pulling data from various sources, such as financial records and social activity, these systems create a unique digital profile for each individual. This not only enhances security, but also streamlines the verification process, making it faster, more efficient, and compliant with regulatory standards.
At MVSI, our platform weaves together government verification systems like Australia's Document Verification Service and Singapore's National Digital Identity network with hundreds of commercial data sources worldwide. Each market requires a different recipe. In Italy, tax records carry more weight. In Malaysia, we incorporate telco data differently. The art lies in building flexible systems that respect local contexts.
Redefining Trust in a Digital World
The future, according to Gartner analysts, belongs to "invisible authentication." By the end of 2025, they predict 80% of identity verification will happen in the background through passive checks—analysing how users hold their phones, the rhythm of their typing, or patterns in their transaction history.
No single solution is bulletproof. The most effective systems use layered defenses—combining government-verified data where available with commercial sources and behavioral analytics. When one layer is compromised, others hold firm.
Looking ahead, Sheahan outlines the recipe for success: “The winners won’t be those with the most verification steps,” he reflects, “but those who make fraud economically unviable without making customers jump through hoops. Your onboarding process isn’t just a compliance exercise—it’s your first impression and your last line of defense, all in one.”
The implications extend far beyond banking. In an age where digital identity underpins everything from healthcare to voting systems, the lessons being learned in financial services may well determine how trust functions in the 21st century. For now, the race is on to build systems that are both fortress and welcome mat—a challenge as complex as it is crucial.
