How Feedzai Stops Fraudulent Onboarding and Blocks Bot Attacks

 

How do criminals manage to blend in among legitimate customers during onboarding? Bots are emerging as their not-so-secret weapon. The challenge for banks isn’t a lack of information. It’s the struggle to connect the dots in real time. As a result, synthetic identities among newly created accounts rose by 18% in the first half of 2024, according to recent US data.

Automated bot attacks are changing the game for fraudsters, allowing bad actors to create multiple new accounts at speed and scale, using a combination of real and invented information to commit synthetic identity fraud. The result is an avalanche of wasted third-party verification costs, fraud losses, reputational damage, and an influx of money mule accounts. 

It’s time to rethink the conventional approaches to onboarding. In this article, we’ll explore how to shift customer onboarding from a one-off checklist task to a continuous, adaptive process. Read and learn how to secure trust in one of the most critical stages in banking operations. 

Key Takeaways

• Criminals use a combination of compromised data and cheap, readily available infrastructure to commit synthetic identity fraud at scale through automated bot attacks.
• Conventional approaches to new account fraud, including rules, device fingerprinting, behavioral checks, or manual reviews, often work in pockets and either result in too much friction for real customers or too many genuine customers being rejected.
• Feedzai’s Digital Trust solution blends device and network intelligence, behavioral patterns, and other critical signals into a single, explainable risk view of onboarding fraud risk.
• Using Digital Trust for New Account Fraud, banks can block fraud at the front door, embrace progressive verification, and keep genuine customers moving while making it progressively harder for bots to break in.

A New Account Problem in Plain Sight

The onboarding stage is crucial for establishing strong bank-customer relationships. But it’s also highly vulnerable to abuse by fraudsters, especially because banks often lack historical data for new customers. 

That’s where fraudsters get creative. Sophisticated bots leverage stolen customer credentials, automated tools, and easily accessible infrastructure (such as residential proxies, Bots-as-a-Service, and fortified headless browsers) to execute synthetic fraud on a massive scale. These fake personas are created using a combination of compromised customer information and manufactured details that are hard for even seasoned professionals to detect. 

Imagine the Bots as the highway and the fraudulent schemes, synthetic IDs, mule networks, stolen credentials, etc as the vehicles. On a dirt track those attack vectors would still exist, but only on a highway can they travel with the scale and speed we see today.

The consequences are easy to spot: wasted verification spend, higher fraud losses, inflated operational costs, regulatory risk, and reputational damage when these accounts are abused for money mule schemes or loan fraud. 

What makes the problem especially painful is speed. Attacks can create hundreds or thousands of accounts in minutes, and modern bots can mimic human behavior well enough to evade simple checks. Adding too many security checks risks upsetting legitimate customers, who expect a seamless onboarding experience.

Where Current Solutions Fall Short

Most organizations employ a combination of rules, device fingerprinting, behavioral checks, and manual review. Unfortunately, these controls are static defenses against a dynamic threat. 

Rules-based systems are slow, brittle, and easily bypassed by attackers who are constantly adapting. Simple device fingerprinting is a temporary fix, quickly defeated by sophisticated tools that mimic human behavior. 

Attackers iterate faster than static rules, residential IPs, and instrumentation can defeat naive fingerprinting, and siloed signals lead to inconsistent decisions. If they succeed, bad actors will immediately abuse financial services. They may open loans without ever paying off the balance or open credit cards and leave the bank holding the bill. Money mules can also use accounts to facilitate the movement of illicit funds.

How Feedzai Digital Trust Tackles New Account Fraud Differently

Feedzai Digital Trust flips the script by treating every onboarding as a continuous, multi-dimensional trust decision, not a one-time checklist. The solution blends device and network intelligence, behavioral patterns, and other critical signals into a single, explainable risk view.

Here’s a breakdown of the key features and benefits that make Feedzai’s Digital Trust an intelligent and adaptive solution:

• Behavioral Biometrics. Behavioral biometrics goes beyond static data to analyze how a user interacts with an application. It studies the nuances of human behavior, such as typing patterns and speed, mouse movements, and data entry fluency (e.g., the user’s familiarity with the application form).
• Non-human Behavior Monitoring. The Digital Trust solution is specifically designed to detect and stop automated bot attacks before they can cause widespread damage. It identifies the use of scripts, bots, or emulators used for brute-force attacks, stopping them from creating hundreds of fake accounts in minutes.
• Device and Network Intelligence. The solution also assesses the risk of the device and network that an applicant uses. It can determine if a device has been rooted, or if it’s on a blacklist of known fraudulent devices. It also analyzes network anomalies, checking if a VPN, proxy, or TOR connection is masking the user’s true location.
• Privacy-first Design. The solution is designed to track devices and behavior without compromising user privacy. It delivers scripts as first-party content and ensures compatibility with modern browser protections, providing reliable device tracking that remains effective as privacy standards evolve.

What Sets Feedzai’s Digital Trust Apart

Stopping new account fraud is about preventing long-term value loss, not just avoiding short-term headaches. Digital Trust enables you to reduce costly downstream verification and manual reviews, lower fraud loss and regulatory exposure, and protect customer experience with targeted, low-friction controls. 

Importantly, you gain a single, auditable decisioning layer that seamlessly integrates into existing onboarding flows and generates risk alerts to highlight specific risks to risk teams and auditors. This makes remediation faster and policies easier to manage.

In summary, Digital Trust allows your organization to:

1. Catch fraud at the front door. Risk is assessed in real time as applicants fill forms, so mitigation happens before accounts are opened or funded.
2. Escalate with purpose, not pain. Progressive friction, then verification. Keep genuine customers moving while making it harder for bots.
3. See the links others miss. Visual link analysis and clustering reveal shared infrastructure or behavior across accounts, enabling you to take decisive, high-impact action rather than chasing individual signals.

Bot-created accounts and synthetic identity fraud are business-scale problems that require a multi-layered, adaptive response. Using both device intelligence and network intelligence, instrumentation detection, behavioral analysis, and progressive mitigation are fused into a real-time decisioning layer, stopping fraud where it starts: during onboarding. Feedzai Digital Trust provides that layer, helping organizations prevent losses, preserve reputation, and onboard genuine customers with confidence.

• Blog: New Account Fraud: How to Prevent & Detect Against It?
• Report: Fraud-Free Account Opening with Third-Party Data
• Solution Sheet: Stop Fraudsters at the Front Door
• Solution: New Account Fraud Detection & Prevention Solution