TL;DR: Fraud programmes now hinge on correlating identity, device, and transaction signals rather than relying on isolated controls, according to SumSub. KuppingerCole’s Leadership Compass Report 2025 names Sumsub an Overall Leader in Fraud Reduction Intelligence Platforms, highlighting deepfake detection, behavioral intelligence, device intelligence, and fraud network detection for financial services facing account takeovers, payment fraud, and bot-driven abuse.
NHIMG editorial — based on content published by Sumsub: Sumsub's Fraud Prevention is recognized as an Overall Leader by KuppingerCole Analysts
Questions worth separating out
Q: How should security teams use fraud signals in identity decisions?
A: Fraud signals should feed into identity decisions as one component of a broader risk model, not as a replacement for IAM controls.
Q: Why do account takeovers require both IAM and fraud controls?
A: Account takeover is an identity event and a fraud event at the same time.
Q: How can teams reduce multi-accounting without blocking legitimate users?
A: Use relationship analysis across devices, payment methods, and behaviour so the platform can detect coordinated abuse without relying on a single brittle rule.
Practitioner guidance
- Map fraud signals to identity decisions Define which fraud outcomes trigger step-up verification, manual review, denial, or account restriction, and make those thresholds visible to IAM, fraud, and operations teams.
- Correlate device and identity telemetry Join device reputation, behavioural patterns, and account history so suspicious sessions are evaluated as a pattern rather than a single event.
- Review multi-accounting controls Inspect signup, login, and payment workflows for repeated devices, shared payment instruments, and recycled identity attributes that indicate coordinated abuse.
What's in the full article
Sumsub's full guide covers the operational detail this post intentionally leaves for the source:
- A breakdown of the fraud reduction intelligence capabilities the report ranks, including deepfake detection and fraud network detection.
- The vendor’s explanation of why KuppingerCole placed Sumsub in the Overall Leader category for Fraud Reduction Intelligence Platforms in Finance.
- Examples of product strengths such as granular transactional risk analysis, remote IDV workflows, and natural language rule building.
- The report’s landscape view of competing solutions and the strengths KuppingerCole attributes to them.
👉 Read Sumsub's analysis of KuppingerCole's 2025 fraud prevention report →
Fraud reduction intelligence platforms: what it means for IAM teams?
Explore further
Fraud reduction intelligence is becoming an identity governance problem, not just a detection problem. Once fraud controls decide whether a session or transaction is trusted, they are already participating in access governance. That means IAM, fraud, and risk teams need shared definitions for assurance, escalation, and exception handling. The practitioner conclusion is that fraud tooling should be governed like an identity control surface, not a sidecar alerting layer.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, with 46% confirmed and 26% suspected, according to The 2024 ESG Report: Managing Non-Human Identities.
- Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to The 2024 ESG Report: Managing Non-Human Identities.
A question worth separating out:
Q: Who should own fraud governance when identity and transaction risk overlap?
A: Ownership should be shared, but accountability must be explicit. IAM should own identity assurance, fraud teams should own pattern detection, and operations should own override discipline. The control fails when these responsibilities blur, because neither access governance nor abuse prevention gets a complete view of the risk.
👉 Read our full editorial: Fraud reduction intelligence platforms expose the limits of point controls