Fraud Glossary for Fintechs
AI-powered fraud detection and prevention has its own jargon: our fraud bible will help you understand need-to-know terms from APP fraud to serial forgery.
A fraudulent act where a third party gains control of a user's personal account details to carry out unauthorized transactions.
Authorized push payment (APP)
A payment made at the request of the account holder where the funds are sent directly to another account. The rise of APP providers has made it faster and easier for bad actors to initiate scams and then quickly launder the proceeds.
A scam where victims are tricked into transferring money directly to a fraudster via an authorized push payment, usually continuing on to launder the funds via additional APP payments between money mules.
A record that summarizes all the transactions in an account over a specific period. Real as well as fake bank statements are often used as proof of address, proof of funds, and/or proof of income during KYC onboarding processes.
Bank transfer scam
A fraudulent scheme where victims are tricked into transferring money directly from their bank account to one controlled by a fraudster, often through deceptive practices or impersonation of legitimate entities. APP technology has supercharged this technique.
The study of a user's actions to understand, predict, and change behavior, often used in fraud detection. Changes in normal behavior or behaviors unlikely to be performed by humans can be a good indicator of attempts to create fraudulent accounts or issues like account takeovers.
Business email compromise (BEC)
A type of scam targeting companies who conduct wire transfers and have suppliers abroad.
A type of credit card fraud where an individual applies for a credit card, builds a good credit score, maxes out the card, and disappears without paying the bill.
Buy now, pay later (BNPL) fraud
A type of fraud in which a fraudster makes purchases using a BNPL option with no intention or means to make the subsequent payments. This could involve identity theft, where the fraudster uses stolen personal information to access a victim's BNPL account, or it could involve the creation of fraudulent BNPL accounts using synthetic identities.
Card not present fraud
A type of credit card scam where the fraudster uses someone else's card information to make unauthorized purchases online or over the phone.
A type of targeted attack where fraudsters impersonate a CEO or any executive and attempt to get an employee, customer, or vendor to transfer funds or sensitive information.
Customer due diligence (CDD)
A process where relevant information about the customer is collected and evaluated for any potential risk for the organization, particularly any indications of inconsistent or untrue information that may suggest fraud.
Resistant AI's artificial intelligence analyzes over 500 characteristics in each document submitted to it; we call each of these analyses detectors, as they are each able to detect specific anomalies that may indicate a forged or altered document.
The process of intaking all necessary documents from a client for a particular purpose, such as KYC onboarding, loan processing, or account opening.
The process of converting a document from a physical into a digital format, such as by taking a photo or scanning.
The act of making, altering, or falsifying documents with the intention to deceive. Document forgery has become easier with the rise of digital documentation, consumer image editing programs, and generative AI.
The act of falsifying information on a document with the intent to deceive for personal gain, such as falsely obtaining loans or opening money mule accounts.
The act of capturing, organizing, and interpreting information contained in a document, such as during a KYC onboarding process.
The process of validating the authenticity and integrity of a document, often used to prevent fraud.
Enhanced due diligence (EDD)
A more comprehensive set of procedures for managing risk, complying with regulations, and assessing fraud potential, typically used for high-risk or high-net-worth customers.
A machine learning concept where multiple models are combined and overlap to accomplish a task. Using an ensemble of fraud detectors means that Resistant AI's fraud findings never rely on a single piece of evidence and multiple intersecting findings strengthen our overall confidence in labelling a document as fraudulent or trustworthy.
False negative (FN)
A document that is recognized as legitimate but is, in fact, fraudulent.
False positive (FP)
A document that is flagged as fraudulent but is, in fact, legitimate.
A new instant payment service that the Federal Reserve Banks are developing to enable financial institutions of every size, and in every community across America, to provide safe and efficient instant payment services in real time.
Financial Conduct Authority (FCA)
A regulatory body in the UK responsible for regulating financial firms providing services to consumers and maintaining the integrity of the UK’s financial markets.
Financial Services and Markets Act
A 2023 act of the Parliament of the United Kingdom that provides the legal framework for the regulation of financial services and markets in the UK, including increased reimbursement responsibilities connected with APP fraud.
Fraud perpetrated by an individual or individuals against financial institutions using false identification or pretending to engage in a legitimate transaction.
Fraud and AML (FRAML)
A combined approach to detecting and preventing closely fraud and money laundering activities, namely when fraud is a predicate offense to money laundering.
The process of identifying fraudulent activities, often using advanced analytics to detect anomalies, patterns, and trends in the data.
Measures taken to prevent fraudulent activities by identifying and reducing potential risks and vulnerabilities.
A type of fraud where a consumer makes an online shopping purchase with their own credit card, and then requests a chargeback from the issuing bank after receiving the purchased goods or services.
A type of artificial intelligence that can create new content, such as images, text, or even voices, from pre-existing examples. In the context of fraud and financial crimes, this technology is increasingly being used to create convincing scam scenarios such as CEO scams and romance scams.
A term used to by Resistant AI to describe indicators that signal with a great degree of confidence that a document is altered or otherwise illegitimate.
Identity provider (IDP)
A system entity that provides identity information to other entities, typically to confirm the validity of the information on provided documents during digital KYC onboarding. Most, however, are not designed to confirm whether a provided document is authentic or unforged; Resistant AI therefore compliments IDVs.
Identity verifier (IDV)
A system or service that verifies the identity of a user or device, often used in the context of digital KYC onboarding. Most, however, are not designed to confirm whether a provided document is authentic or unforged; Resistant AI therefore compliments IDVs.
The output of a detector and its severity (high-risk, normal, or trusted). The buildup of numerous indicators provides Resistant with its verdicts as to the authenticity of a provided document.
Interac e-Transfer fraud
Another term for APP fraud, particularly in Canada where this payment method is popular.
A deceptive practice related to stock market, real estate, commodities, hedge funds, or other investment vehicles where a fraudster induces investors to provide money with promises of high returns with little to no risk.
Invoice redirection fraud
A fraudulent scheme where criminals impersonate legitimate vendors and redirect invoice payments to their own accounts.
Know your business (KYB)
The process of verifying the identity and understanding the nature of a corporate or other business-to-business clients to mitigate risks and ensure compliance with regulatory requirements.
Know your customer (KYC)
The process of verifying the identity of a client and assessing potential risks of illegal intentions to a business providing a service.
The process of collecting documentation and verifying a new customer's identity in compliance with KYC regulations.
An umbrella term that includes any or all of processes like know your business (KYB), know your customer (KYC), or know your employee.
Layering (money laundering)
The process of obscuring the origins of illicit money through a series of complex transactions or legal structures.
The process of using technology to automate the creation, delivery, and payment of invoices. Automated systems few or imperfect checks are vulnerable to threats like invoice redirection fraud.
Machine learning (ML)
A subset of artificial intelligence that involves the use of algorithms and statistical models to enable machines to improve their performance over time based on data.
An individual who transfers money acquired illegally on behalf of others, typically disguised as legitimate payments. Money mules engage in money laundering, but accounts used for this purpose are often created through fraudulent means such as synthetic identity fraud.
A crime in which a prospective homebuyer, mortgage lender, or real estate professional misrepresents or omits information on a mortgage loan application to obtain a loan or to obtain a larger loan than could have been obtained had the lender or borrower known the truth.
A type of digital bank that operates exclusively online without traditional physical branches. This digital-only existence can leave them particularly vulnerable to digital attackers and fraudsters using synthetic identities.
A term used to by Resistant AI to describe indicators that signal various attributes about a document; these are neither high-risk indicators or trusted indicators.
Optical character recognition (OCR)
A technology that converts images of text-based documents, such as scanned paper documents, PDF files, or images captured by a digital camera, into structured editable and searchable data. Most OCR providers, however, are not designed to confirm whether a provided document is authentic, unforged; Resistant AI therefore compliments OCRs providers.
An unauthorized transaction or a transaction made under false pretenses.
Payment institution (PI)
A business entity that is not a bank but is authorized to provide payment services.
Peer-to-peer (P2P) fraud
Another term for APP fraud, particularly in the United States.
Peer-to-peer (P2P) payment
A method of transferring funds from one individual to another via a digital platform, eliminating the need for a traditional financial institution as an intermediary.
An risk-based process of updating customer information and conducting due diligence on an ongoing basis, starting with the initial KYC process and improving in effectiveness as data about a customer is gathered over time.
Personally identifiable information (PII)
Any data that could potentially identify a specific individual, such as name, social security number, date and place of birth, etc. This information is essential to effective KYC/KYB processes, and so is often found to be stolen or forged by bad actors.
A type of scam where fraudsters build a relationship with their victims over time before defrauding them of a large amount of money, similar to a romance scam or advance fee fraud.
A fraud technique in which a target is contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data and/or payments.
The proportion of true positive results (actual fraudulent documents correctly identified as fraudulent) out of all positive results (true positives and false positives). High precision means a high proportion of relevant results with limited irrelevant results.
Proof of address (POA)
Documentation used to verify a person's residential address, such as a utility bill, lease agreement, or driver's license. This is a standard part of KYC that ensures only clients legally allowed to partake in a service are doing so; as such, forged POA documents are common.
Proof of concept (POC)
A demonstration or prototype that illustrates the feasibility and potential effectiveness of a new technology, solution, or idea. This a standard way for potential clients to test how Resistant AI's products would work when applied to the client's data.
Proof of employment
Documentation or evidence that verifies a person's employment status, such as a pay stub or an employment verification letter. This is a standard part of KYC for lenders, rental agencies, etc. who wish to ensure their clients are able to repay as agreed; as such, forged POA documents are common.
Proof of funds
Documentation that verifies a person or entity has the financial capacity to cover a particular transaction, such as a bank statement or a letter from a financial advisor.
Proof of income
Documentation or evidence that verifies a person's income, such as a pay stub, tax return, or bank statement.
A fraudulent scheme where a person is deceived into paying for goods or services that do not exist, are not as described, or will never be delivered.
Real-time payments (RTP)
Payments made between bank accounts that are initiated and settled within almost instantaneously, 24/7. When capitalized, this refers to an instant payments platform provided by The Clearing House that all federally insured US depository institutions are eligible to use. The instantaneous nature of RTP is key to schemes such as APP fraud.
The number of true positives divided by the sum of true positives and false negatives. High recall indicates AI that is able to successfully identify fraudulent documents without mislabeling them as legitimate or irrelevant.
A fraudulent scheme where a person is deceived into paying for a rental property that does not exist, is not as described, or is not available for rent.
The process of identifying, assessing, and controlling threats to an organization's capital, earnings, growth, reputation, and other vital metrics. Defining acceptable fraud risks and closing possible vectors for fraud is key to risk management in fintechs.
A type of online fraud that involves a fraudster creating a fake profile on dating platforms or social media to develop relationships with victims in order to defraud them of money. This has become easier due to dating apps and generative AI.
The practice of circumventing the enforcement of penalties imposed by one or more countries against a targeted country, individual, or entity. Sanctions evasion can occur through various methods, such as creating fraudulent accounts or using fraudulent documents, as well as the use of various techniques adjacent to money laundering.
The act of repeatedly creating, altering, or using fake documents with the intent to deceive. As digital documentation becomes more common, the availability of consumer-grade image editing programs such as Photoshop has allowed forgeries to proliferate much easier than ever before.
The act of repeatedly engaging in fraudulent activities, often using the same or similar methods. This is often tied to the use of serial forgeries and automation tools, for example exploiting digital KYC portals to create large numbers of money mule accounts.
A type of fraud where a fraudster establishes a legitimate customer account and maintains normal activity for an extended period before initiating fraudulent transactions.
A targeted form of phishing where cybercriminals impersonate trusted entities to trick specific individuals or organizations into revealing sensitive information, often using personalized and highly convincing emails.
A data point that deviates significantly from the norm or average within a dataset or pattern, possibly indicative of fraud. Resistant AI's detectors produce their findings based on statistical anomalies within the data of submitted documents.
Structuring (money laundering)
A method of money laundering where large amounts of illicit money are broken down into smaller transactions to avoid detection or reporting.
A fraudulent identity created by using a combination of real (though often stolen) and fabricated information and docuement, often used to open fraudulent accounts or make fraudulent purchases.
Synthetic identity fraud
A type of fraud in which criminals use a synthetic identity to commit fraud, often involving the creation of new identities using a combination of real and fake information.
Synthetic money mule
A type of money mule where the mule's identity is synthetic rather than that of a real person. Synthetic money mules are increasingly being used in authorized push payment schemes.
Fraud committed by an individual who is not the account holder or the account holder's financial institution, often involving identity theft.
True negative (TN)
A document that is flagged as legitimate and is, in fact, legitimate.
True positive (TP)
A document that is flagged as fraudulent and is, in fact, fraudulent.
A term used to by Resistant AI to describe indicators that signal with a great degree of confidence that a document is legitimate and unaltered.