Fraud Prevention: How AI & Behavioral Science Can Stop Fraud Before It Happens

We live in a golden age of fraud, but it is a bronze age of fraud prevention strategy for too many firms. Have your institution's fraud prevention programs been too slow to evolve despite the fraud's alarming growth? Banks and financial institutions must leverage AI and behavioral science to detect and stop scams before they happen.

This blog post presents the staggering growth in global fraud and argues that combining AI fraud detection technology with other evidence-based customer interventions is the key to blunting the rise in fraud. Specifically, to leverage behavioral science to reduce fraud, we recommend four layered techniques: 

1. Evidence-based Fraud Awareness Education

2. Behavioral Science Design in Banking Applications

3. Fraud Prevention Behavioral Nudges

4. AI Fraud Prevention Through Behavioral Analytics

Global Fraud as a Hostile Economic Power

The US Federal Trade Commission (FTC) estimates US fraud losses in 2023 at $158 billion, and Nasdaq estimates global fraud to exceed $485 billion. Currently, US fraud exceeds the GDP of the world's 60th largest economy (Morocco), and global fraud exceeds the size of the 31st largest economy (Norway).

Tragically, the fraud economy continues to explode. While global economic growth hovers at about 3.3%, fraud is expanding at least four times faster, according to the FTC. Electronic payment fraud is growing at more than five times the global GDP, according to statistics provided by Mastercard. Mathematically, global fraud will double in five to six years, making fraud a G20 economy. In twelve years, hello Canada, welcome fraud to the G10!

If a hostile nation-state power was attacking, succeeding, and growing faster, imagine the national security response it would muster.

Against this onslaught, many financial institutions are still combating fraud with the same tools they were using before the boom began, according to industry surveys. These tools, often deployed post-payment, are falling behind. This gap is even more significant when addressing the fastest growing and most pernicious Authorised Push Payment (APP) schemes, for which banks are increasingly being made directly liable. Newer technologies, including behavioral (or biometric) analysis, are better suited to combat this increasingly sophisticated crime. While these technologies hold promise, more behavioral science-backed interventions are required to blunt the growth in fraud, particularly given the increased availability and sophistication of deepfakes and other AI techniques in the hands of bad actors.

Evidence-based Fraud Awareness Education -- the Stoics Were Right

Education sounds boring, but it is surprisingly effective. Indeed, one peer-reviewed academic study found that using knowledge as a strategy decreases the probability of victimization by 43%. Practical training can teach bank customers and others how to recognize scams, mainly when targeted to vulnerable groups.

The UK government's Home Office launched an evidence-backed program," Stop! Think fraud," in February 2024. While evidence-based, this campaign is not a new message. It goes back a few thousand years before the Nobel Prize-winning work of Kahneman & Tversky. Epictetus (50-135 AD) scooped them:

"Be not swept off your feet by the vividness of the Impression, but say, 'Impression, wait for me a little. Let me see what you are and what you represent. Let me test you." Discourses, Book II, Chapter 18,

Fraud accounts for 40% of all crime in England and Wales, costing £6.8 billion annually. Sadly, many people get "swept off their feet."

Rather than relying on government policy experts alone, the UK government turned to a leading consumer advertising agency — Mad Men, who know a thing or two about what it takes to sweep customers off their feet. FCB London built a unified, clear advice campaign to help the public recognize and prevent scams. It features an online fraud hub offering simple guidance and directs victims to support services. The campaign uses multi-channel outreach, including TV ads, billboards, social media, and radio, aiming to reach 95% of UK adults. Fraud types highlighted include phishing texts, fake bank calls, and parcel delivery scams.

The campaign teaches and reminds people to leverage behavioral science-backed practices, like pausing impulsive actions and creating collective norms. Thus, it seeks to empower individuals to recognize and prevent scams.

While national campaigns may have more impact, such educational campaigns would also be effective as a single bank or industry-funded effort. The payback should be more than justified, as recent surveys show that each $1 in fraud costs banks $4.36 in related costs, including legal fees and recovery efforts. According to the evidence presented in the studies, the payback should be more than the funding of single-bank educational efforts.

Behavioral Science Design in Banking Applications

Customer banking applications should reinforce education and also apply behavioral science. For example, "pause and reflect prompts" built into transactional applications can introduce friction at high-risk points. This friction would help customers heed Epictetus' "wait for me a little" recommendation.

However, application controls are no panacea – humans are complex, and we ignore most warnings. Research studies by computer scientists, neurobiologists, and psychologists at Brigham Young University (BYU) have found that "habituation - decreased response to repeated stimulation - is a serious threat to the effectiveness of security warnings." This quotation is a fancy way of saying we ignore those pop-up boxes.

According to the BYU authors, one answer is to employ "Polymorphic Warnings." Polymorphic warnings are security alerts that change their appearance or presentation. These warnings reduce habituation and make users less likely to dismiss them automatically. Examples of Polymorphic warnings include:

1. Randomly changing background color;

2. Altering button locations;

3. Alternating warning symbols (e.g., exclamation point, a danger symbol, stop sign icon); and,

4. Modify the wording of the warning message.

While polymorphic warnings can reduce habituation, they are not foolproof. Even if they change in appearance, frequent exposure to security prompts can still lead to alert fatigue and get passed over. Also, too many novel warnings can annoy customers; worse yet, they may disable them. Ultimately, we recommend balancing effective fraud prevention and a seamless user experience.

Several other research-backed techniques may make security warnings more effective:

1. Audited Dialogues: Warning users that their answers may audited;

2. Interactive Design: Interactive warning interfaces that better maintain user attention;

3. Attractors: Visual or auditory elements designed to draw attention to important parts of the warning;

4. Adaptive Security Dialogues: Tailored warnings based on user behavior and context;

5. Facial Cues: Human-like facial expressions in warnings to evoke emotional responses;

6. Alternative Security Dialogues-Kawaii: Cute or endearing design elements that make warnings more appealing and memorable; and,

7. Context-Sensitive Guidance (CSG): Specific, relevant advice within the warning based on the current situation.

Fraud Prevention Behavioral Nudges

While improved security warnings can help customers make safer decisions, they are only part of the solution. Subtle prompts, or "Nudges," can also influence behavior by using a different approach: they make the safer choice easy and more natural.

Nobel Laureates Richard Thaler and Cass Sunstein's book Nudge, published in 2008, describes nudges as small interventions that influence individuals toward desired behaviors. The authors also explain, "Nudges are not mandates. Putting the fruit at eye level counts as a nudge. Banning junk food does not."

Nudges can be surprisingly effective at curbing fraud. Research shows that they can reduce certain impulse scam rates by 75%.

There are many types of nudges, including defaults, social norms, and increasing the salience of the desired option. Relevant to fraud reduction, consider the following nudges:

1. Default Options: Setting a most conservative fraud control, like two-factor authentication, preferred choice as the default, making it more likely to be selected;

2. Social Norms: Highlighting positive behaviors of others to encourage similar actions;

3. Reminders and Prompts: Using notifications or visual cues to encourage specific actions, such as the pause and reflect prompts discussed above;

4. Disclosure: Providing clear information to help people make informed decisions; and,

5. Warnings and Graphics: Using visual elements to draw attention to important information.

Nudges can create a social environment where fraud prevention is seen as a shared responsibility and the norm, making it more difficult for customers to pause, act, or ignore your warnings. Some examples include:

1. Highlighting positive behaviors: Communicate messages like "95% of our customers report suspicious activities promptly, helping protect our community from fraud."

2. Highlighting secure behaviors like "90% of users enable two-factor authentication" or "90% of our clients over 80 have designated Trusted Contacts on their accounts, when will you?" to encourage adoption.

3. Emphasizing collective responsibility: Use messages like "Join your fellow citizens in safeguarding our financial systems. Report any unusual activities you encounter."

4. Descriptive norms: Use statements like "More than half of fraud reporting comes from vigilant customers like you."

5. Connecting with purpose: Help customers understand the impact of fraud on the community, fostering a sense of moral obligation to prevent it.

6. Timely reminders: Implement pop-up messages during transactions, such as "Most people verify the recipient's identity before sending large payments. Would you like to double-check?"

AI Fraud Prevention Through Behavioral Analytics

We've chosen to end with technological fixes rather than education and behavioral science. Unfortunately, we see too many cases where firms implement tools and neglect other potent interventions. Still, the tools are impressive.

Modern behavioral analytics is a lot like KYC on steroids. In KYC, you gather a client's static data: who they are, where they live, their source of wealth, etc. Then, you compare the static data against their balances and transaction activity. Behavioral analytics do the same thing but based on a much larger dataset in a much more dynamic way. The algorithms look at everything from devices used, times of day customers transact, location, typing speeds, mouse movements, and more to spot block or flag anomalous behavior.

Additionally, systems use learning algorithms to identify fraud patterns. Once a loss occurs, systems identify the customer's behaviors and predict future frauds based on these behaviors.

As good as all this is, it is short of perfect. You are still chasing bad actors after the crime. The nudges and training noted in the preceding sections prevent the crime. Both detection and prevention are necessary.

In addition, behavioral analytics are subject to other challenges:

1. Privacy concerns: The degree of information collected on customers is potentially controversial, as not all will acknowledge the trade-off between surveillance and fraud detection, nor will they be comfortable with data breaches;

2. Data quality: Traditional data quality issues at financial institutions persist, compromising the effectiveness of these tools;

3. Compliance: Privacy regimes such as GDPR and CCPA challenge systems and may compromise their effectiveness, mainly when targeting global schemes.

Another emerging challenge is "Spoofing Risk," the criminal use of AI to simulate legitimate customer behaviors, including mimicking keystroke patterns, mouse movements, and even voice or facial recognition markers. Financial institutions cannot rely solely on past fraud patterns; they must continuously update models to thwart emerging threats. This risk reinforces the need for a layered fraud prevention strategy that combines behavioral analytics with customer education, effective application design, and nudges.

Conclusion

The fight against fraud requires a multifaceted approach beyond mere detection with outdated tools and technologies. Behavioral science can significantly improve defenses against this escalating threat. Educating customers through tailored programs, integrating behavioral insights into banking applications, and implementing nudges can create an environment where individuals are more aware and better equipped to identify and combat fraudulent schemes before they hit your detection tools.

The time has come for financial institutions to embrace innovative strategies and work alone or collaboratively to protect consumers from fraud's ever-evolving landscape. Only then can we hope to stem its rapid growth and secure a safer future.

Here are some specific steps you can take to make a difference:

1. Gather and analyze all fraud-related customer communications and training and assess whether additional behavioral science techniques, such as nudges, can be emphasized;

2. Review key customer-facing applications, identify fraud-related warnings, and assess whether they are sufficient, and redesign applications to reduce habituation; and,

3. Evaluate detective controls and assess whether behavioral analytics are employed and operating effectively.

If you have any questions or want to discuss leveraging behavioral science to improve your anti-financial crimes program, please email me at jeff.lavine@jpladv.com.

Frequently Asked Questions (FAQs) on Fraud Prevention & Behavioral Science

1. What are the most effective fraud prevention strategies for financial institutions?

The most effective fraud prevention strategies combine AI fraud detection, behavioral analytics, real-time transaction monitoring, and customer education on scam awareness. Implementing two-factor authentication (2FA), biometric verification, and behavioral science-backed nudges can significantly reduce fraud risks.

2. How can behavioral science help prevent fraud?

Behavioral science in fraud prevention leverages psychological principles to influence safer financial behaviors. This includes using pause-and-reflect prompts, behavioral nudges, and smart friction in banking apps to help customers recognize and avoid scams before they occur.

3. What is behavioral fraud analytics?

Behavioral fraud analytics involves analyzing user behavior—such as typing speed, mouse movements, transaction timing, and device usage—to detect anomalies that may indicate fraud. This approach allows banks to spot suspicious activities in real-time and take action before a fraud attempt is successful.

4. Why is AI fraud detection important for banks?

AI fraud detection uses machine learning to instantly identify fraudulent patterns and flag suspicious transactions. As cybercriminals use AI to create sophisticated scams, financial institutions must adopt AI-powered fraud prevention tools to stay ahead of evolving threats.

5. What are behavioral nudges, and how do they prevent fraud?

Behavioral nudges are small interventions that influence people to make safer decisions without restricting their choices. Examples include:

• Social proof: Highlighting that most customers report suspicious activity.

• Default settings: Enabling stronger fraud controls like 2FA by default.

• Timely reminders: Prompting users to verify payment details before transferring money.

These strategies help reduce impulse-driven scam responses and encourage proactive fraud prevention.

6. How can banks reduce fraud risks without compromising the user experience?

Banks can implement frictionless fraud prevention by using adaptive security measures, such as:

• Polymorphic security warnings (changing text and visuals to prevent habituation)

• Biometric authentication (fingerprint or facial recognition)

• Context-sensitive alerts (customized fraud warnings based on transaction risk)

• Seamless behavioral analytics (detecting fraud in the background without disrupting transactions)

This ensures strong fraud protection while maintaining a smooth customer experience.

7. What role does customer education play in fraud prevention?

Studies show that fraud awareness training can reduce victimization by up to 43%. Financial institutions should invest in evidence-based fraud education, using real-world scam scenarios, multi-channel awareness campaigns, and interactive learning to empower customers to recognize and avoid fraud.

8. How do fraudsters adapt to new security measures, and how can banks stay ahead?

Fraudsters continuously evolve their tactics by:

• Using deepfakes and AI-driven scams to impersonate trusted individuals.

• Bypassing traditional security measures with stolen credentials or phishing.

• Manipulating customer psychology through urgency and fear-based scams.

Banks must adopt adaptive fraud prevention strategies, regularly update AI fraud detection models, and educate customers about emerging fraud tactics to stay ahead.

---