TL;DR: AI-powered phishing, synthetic identities, and account takeover are pushing banks toward device intelligence, behavioural analytics, and real-time risk decisions, according to Fingerprint’s summary of Gartner’s 2025 Fraud and Financial Crime Prevention Hype Cycle. Static controls are losing ground; fraud programmes now need adaptive identity signals that protect both compliance and customer experience.
NHIMG editorial — based on content published by Fingerprint: Financial crime is evolving fast
By the numbers:
- Fingerprint analyzes more than 100 device, network, and behavioral signals each time a visitor interacts with a website or application.
- Fingerprint’s platform includes 20+ Smart Signals, including Bot Detection, VPN Detection, and Browser Tampering Detection.
Questions worth separating out
Q: How should banks reduce false positives without weakening fraud controls?
A: Banks should combine device intelligence with behavioural analytics so a suspicious session is challenged only when the evidence supports it.
Q: Why do AI-driven fraud attacks create problems for static identity checks?
A: Static checks fail because they capture a point in time, while fraud can evolve during the same session.
Q: How do security teams know whether device intelligence is working?
A: Device intelligence is working when it improves detection without creating excessive manual review or blocking legitimate customers.
Practitioner guidance
- Instrument device-level risk telemetry Collect device, network, and behavioural signals at login, onboarding, and transaction time so fraud teams can compare current sessions against prior trusted behaviour.
- Use step-up authentication only on risky sessions Trigger additional verification when tampering, emulator use, VPN switching, or unusual velocity appears, instead of applying the same friction to every customer.
- Feed fraud signals into model retraining Use current session data to refresh supervised and unsupervised models regularly so detection logic keeps pace with synthetic identity and AI-assisted attack patterns.
What's in the full article
Fingerprint's full blog post covers the operational detail this post intentionally leaves for the source:
- Signal-level examples for Bot Detection, VPN Detection, and Browser Tampering Detection in banking workflows
- How persistent visitor IDs support repeated-session recognition when cookies, networks, or browsers change
- Practical ways device intelligence can support KYC, AML, and account takeover response decisions
- The article's discussion of real-time risk scoring and customer friction trade-offs in fraud operations
👉 Read Fingerprint's summary of Gartner's 2025 fraud and financial crime outlook →
AI-driven fraud prevention: what device intelligence changes for banks?
Explore further
AI-driven fraud has turned identity verification into a continuous risk decision, not a point-in-time gate. Static checks assume a user remains stable across the session, but this article describes an environment where device, network, and behaviour all change under active attack. For banks, the governance question is no longer whether identity was confirmed once, but whether the signal set remains trustworthy throughout the interaction. The practitioner conclusion is that fraud controls now need runtime context, not just onboarding assurance.
A few things that frame the scale:
- The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
A question worth separating out:
Q: What is the difference between fraud detection and identity assurance in banking?
A: Fraud detection looks for abusive behaviour and suspicious context, while identity assurance asks whether the subject is who they claim to be. In modern banking, the two overlap because attackers often use valid-looking identities on compromised or manipulated devices. Strong programmes treat them as linked but separate decision layers, with shared signals and different intervention thresholds.
👉 Read our full editorial: AI-driven fraud prevention now depends on device intelligence