Image: Getty Images/ For illustrative purposes
As financial institutions race to outpace increasingly sophisticated digital fraud, INETCO stands at the forefront of developing intelligent defenses. Chief technology officer and co-founder Ugan Naidoo speaks with Gulf Business about how AI and machine learning are transforming fraud detection, the importance of real-time transaction intelligence, and why innovation is key to maintaining trust and resilience in modern banking.
What are the biggest threats today from AI-driven fraud targeting banks and payment processors?
Financial institutions worldwide are losing billions of dollars every year to fraudsters taking advantage of fast-paced digitalisation, expanding instant payments and insufficient regulatory implementation. In fact, 2024 saw an astounding $535bn in losses globally across banking, cards and payments. This figure not only highlights the scale of the problem but also serves as a wake-up call for the entire financial industry that it’s time to consider new ways to outsmart fraudsters, stay compliant and keep customers safe.
The most serious threats come from highly coordinated, AI-powered attacks that are well camouflaged, adaptive and move faster than human teams or traditional fraud systems can react.
Fraudsters now use AI-driven bots and fraud-as-a-service networks to access stolen customer data and automate scams such as account takeovers, synthetic identity fraud, and real-time payment transaction manipulation. They also deploy deepfakes and social-engineering campaigns to deceive customers and bank employees alike.
These multi-vector attacks — ranging from credential-stuffing and mule-account networks to transaction injection and DDoS extortion — are evolving in milliseconds, often bypassing web-application firewalls or never reaching the authorisation host at all. As instant payments compress detection windows to mere seconds, the combination of speed, automation, and deception has created an arms race that legacy fraud systems cannot win.
Does fighting AI-powered fraud require banks and processors to use AI themselves? If so, what are the trade-offs or risks in relying on AI for defence?
To counter AI-driven attacks, financial institutions must use AI themselves — specifically adaptive risk scoring and self-learning models that evolve with each transaction – the tools needed to proactively spot behavioural drift and suspicious anomalies associated with individual users, terminals and devices.
Static rule sets and generic models trained on population-based data simply can’t recognize new tactics or ever-changing fraud patterns. That said, deploying AI in certain scenarios does introduce trade-offs. Banks could risk over-blocking legitimate activity and creating opaque “black-box” systems that auditors struggle to understand.
The answer lies in explainable AI, where risk score details are transparent, understandable, and trustworthy. This approach provides both agility and precision, reducing false positives while satisfying regulators and customers that the decisioning is fair and accountable.
You echo the phrase “When fraud thinks faster, banks must think smarter” — what does “smarter” look like in practice?
“Smarter” means transforming fraud prevention from a reactive to a proactive discipline. Instead of waiting for a suspicious transaction to be flagged after damage is done, smart institutions harness transaction intelligence and real-time decisioning, analysing every field, correlating behavior across channels, and acting in milliseconds.
In practice, this looks like adaptive machine learning models that update continuously, dynamic risk-based authentication that adjusts friction to context, and precision blocking at the data-field level so legitimate transactions aren’t disrupted.
A smarter bank isn’t simply faster, it’s proactive, context-aware, and continuously learning to stay one move ahead of attackers.
What attributes, capabilities, or architecture differentiate a bank that “thinks smarter”?
Banks that think smarter have complete end-to-end transaction visibility across all payment channels to eliminate blind spots and rely on real-time data passively captured off the wire – that doesn’t depend on potentially compromised switches or authorisation hosts. Their AI agents and models are adaptive and individualized, recalibrating per entity — whether user, card, or device — after each transaction.
They combine behavioral analysis with predictive scoring, allowing them to identify subtle deviations while maintaining excellent customer experiences. Architecturally, they integrate fraud detection, cyber defence, and AML monitoring into a single pane of glass.
Why is INETCO especially well placed to advise or lead in this AI-fraud arms race? In what ways does INETCO’s technology, data access, or experience give it advantage or legitimacy?
INETCO’s legitimacy comes from scale, data depth, and technical differentiation. We safeguard nearly 100 billion transactions a year — about 3 per cent of the global total — across more than 30 countries. Our patented INETCO BullzAI platform collects and decodes every payment message across all retail, banking, and payment channels, correlating device, network, and behavioural data in real time. Unlike platforms that rely on external data scientists to retrain models, INETCO BullzAI continuously learns from every transaction and autonomously blocks threats in under 20 milliseconds. That’s why its measurable outcomes include 45 per cent fewer false positives, 25 per cent reductions in fraud-related monetary losses, and 40 per cent faster fraud investigations.
Recognition in Gartner’s Hype Cycle for Fraud and Financial Crime Prevention, 2025 report, underscores this leadership. Combined with decades of payment-protocol expertise, INETCO’s architecture offers unmatched explainability, precision, and speed, attributes that are critical in the AI-fraud era.
What concrete steps should banks and processors be taking right now to protect themselves?
Banks should first ensure comprehensive, real-time visibility by passively capturing transaction data directly from multiple points on the wire, not just from application logs.
Second, they should implement self-learning AI that continuously adapts to each customer’s unique transactional behaviour.
Third, enforcement must move closer to the transaction itself by using precision field-level blocking rather than blunt IP or port-based methods.
Fourth, dynamic risk-based authentication should balance friction and convenience by stepping up only when confidence drops.
Finally, institutions need to track measurable performance indicators such as false positive rates, fraud loss reduction, and mean-time-to-detect improvements to refine defenses over time.
What are the biggest pitfalls or blind spots that even well-resourced banks tend to slip into when trying to combat AI fraud?
Many banks are blind when an attack either bypasses the authorisation host or compromises it. Others depend on siloed systems that don’t correlate data across channels, producing overwhelming volumes of false alerts and analyst fatigue.
Static rules and population-based models miss emerging tactics, while overly aggressive blocking undermines customer trust. These blind spots stem from an outdated assumption that fraud can be fully captured after authorization, rather than predicted and prevented before it happens.
How do regulation, collaboration, and industry sharing need to evolve in the face of AI fraud?
To keep pace with AI-enabled threats, regulators, banks, payment processors and fintechs must shift from periodic reporting to continuous, privacy-compliant intelligence sharing. Harmonised standards for fraud protection and fraud data exchange, combined with secure, anonymised real-time sharing platforms, are essential.
Regulators should also update liability and chargeback frameworks for instant payments, ensuring that the burden of fraud prevention and remediation is distributed fairly across the ecosystem.
Looking ahead three to five years, what new forms of AI-enabled fraud do you foresee emerging, and how will the defense paradigm need to evolve?
In the next few years, we can expect fraudsters to weaponise both agentic AI and generative AI to create hyper-personalized deepfakes, synthetic social networks, and fully automated mule rings that simulate legitimate behaviour across multiple institutions. We will also see “authorisation-evasion” attacks that exploit intermediaries and APIs to hide malicious transactions from host systems.
To counter this, defenses must evolve toward predictive simulation — using AI to model potential attack vectors before they appear in the wild — and continuous self-learning systems capable of enforcing security at the data-field level. The future of defence will hinge on speed, adaptability, and collaboration: banks that can think as fast and as smart as the fraud they face will be the ones that maintain customers’ trust.
