Think Fraud Prevention Should Be Frictionless? How About Effortless?

The payments industry has long been chasing the ideal of a frictionless experience. The problem? Achieving that is close to impossible when security is also a priority.

When it comes to fraud and customer experience, “those two often clash,” Brian Oh, head of digital products – security and fraud at FIS Global, told PYMNTS. “They do not go hand in hand — oil and water there.”

As fraudsters become more sophisticated, however, the security imperative is growing for financial companies that must strike a delicate balance between security and convenience.

“We don’t look for frictionless; we look for effortless,” Oh said. “When we do add friction, how easy is it for a good actor to pass through? And for bad actors, is it enough friction that they decide to go somewhere else?”

Fraudsters are opportunists.

“It’s like being chased by a brown bear,” he said. “You just have to be faster than the next person. Fraudsters jump from institution to institution looking for the easiest target.”

One of the biggest pain points in fraud prevention is authentication. As cybercriminals exploit weaknesses in traditional methods — SMS one-time passcodes, passwords and passkeys — financial institutions are scrambling for alternatives.

“Multifactor authentication is degrading,” Oh said. “What used to be effortless before is now getting more friction-filled. Some banks don’t trust SMS anymore because of SIM swapping. Others find passwordless authentication too complicated for the average person.”

The solution? A more nuanced approach. Rather than relying solely on credentials, firms like FIS are doubling down on behavioral biometrics and machine learning.

“How do we leverage behavioral markers — like whether you’re right-handed or left-handed, how you hold your phone, how you type?” Oh said. “Only 11% of the population is left-handed, so if we know a user is left-handed and suddenly they’re acting like they’re right-handed, that’s a red flag.”

By layering these subtle markers with transactional patterns, financial institutions can introduce security measures only when something seems off, minimizing disruption while keeping fraudsters at bay.

One of FIS’s biggest advantages is its network, Oh said. With over 6,000 financial institutions as partners, the company, including Atelio, has access to vast datasets, allowing it to identify fraud patterns before they spread.

“When a fraud ring hits one bank, they’re not just hitting one bank,” Oh said. “They’re hitting 10, 20 or 50. Because we work with so many institutions, if fraudsters try to move from one bank to another, they’re still hitting the same defenses. Eventually, they just give up and go elsewhere.”

Collective defense is a useful strategy. Instead of each bank tackling fraud independently, FIS works to enable a shared intelligence approach, ensuring that lessons learned from one attack can benefit the entire network.

One of the most exciting frontiers in fraud prevention, according to Oh, is rethinking identity verification. Blockchain has been hyped as a potential solution, but its real-world applications remain limited. Oh said he envisions a future where micro-ledgers — closed, localized blockchain-like environments — play a crucial role.

“If you take the ledger-based concept of blockchain and bring it down to a micro-level — a closed environment that can verify itself — you get something much more viable,” he said.

Beyond blockchain, FIS is also exploring how contextual data can improve identity verification.

“If you book a flight to Mexico on United and then land in Mexico, we should know you’re there,” Oh said. “That transaction shouldn’t get flagged as suspicious. By pulling in data from multiple sources, we can make the process truly effortless.”

For businesses looking to strengthen their fraud defenses without overhauling their entire system, Oh shared a few key recommendations.

• Enhance Phone-Based Verification: Check phone numbers against mobile network operators to confirm they haven’t been recently swapped, ported or set up as VoIP.
• Use Device Fingerprinting: Identify trusted devices and apply additional scrutiny to new ones.
• Delay High-Risk Transactions: If a new device tries to send money via Zelle, delay the transaction for a few days. “Fraudsters don’t want to wait,” Oh said. “They’ll move on.”
• Use Collective Intelligence: If fraudsters fail at one bank, they should fail at the next. Working with industry partners can create a stronger collective defense.

Ultimately, fraud prevention is an arms race with no finish line.

“It’s an infinite game,” Oh said. “You can never rest.”

By focusing on layered security, behavioral intelligence and collective defense, FIS is helping businesses stay one step ahead. As fraudsters continue evolving, the challenge isn’t just making security stronger — it’s making it smarter.

“You don’t need a sledgehammer to hang a picture,” Oh said. “You just need the right tool for the job.”

The post Think Fraud Prevention Should Be Frictionless? How About Effortless? appeared first on PYMNTS.com.