Fighting tomorrow’s fraud with today’s intelligence: reflections from The Asian Banker Summit 2025

Last month, I had the privilege of joining an esteemed panel at The Asian Banker Summit 2025 in Jakarta, where we tackled one of the most pressing challenges in financial services today: next-generation cybersecurity and fraud detection. As the digital landscape evolves, so too do the tactics of fraudsters – and it’s clear that legacy systems are no longer enough.

The new face of fraud

Traditional cybersecurity and fraud tools are struggling to keep up with fraudsters who now operate with consumer-grade tools. One of the most eye-opening discussions we had centred around the rise of App Cloner – a malicious tool that’s growing at an alarming rate. This isn’t just another piece of malware. It’s a full-fledged fraud toolkit in a single app, capable of:

• Cloning apps for multiple fake sessions
• Spoofing locations to bypass geo-verification
• Device ID spoofing to evade detection by traditional device fingerprinting
• Using fake camera overlays to bypass liveness checks

What’s most concerning is that these tools are now accessible to non-technical criminals. The barrier to entry for fraud has never been lower.

Why device intelligence is the new frontline

Traditional fraud detection systems focus on rules-based systems that uses predefined rules to identify potential instances of fraud based on certain conditions. But in today’s threat landscape, that’s not enough. Device intelligence is emerging as a critical layer of defence – because it provides a deeper layer of insights that traditional methods often miss.

At GBG, we’ve seen how device intelligence can:

• Detect cloned, jailbroken, or emulated devices
• Flag GPS spoofing and app tampering
• Establish persistent, tamper-proof device identities
• Identify hidden malware or remote access tools often used in social engineering attacks
• Detect subtle deviations such as unusual login times, navigation patterns and device motion that may indicate fraud

In our 2024 Global Fraud Report, 42% of APAC respondents cited SMS interception as the most prevalent mobile-based fraud technique. That’s a clear signal: we need to move beyond static defences.

Augmenting AI with device signals

AI and machine learning are transforming fraud detection, enabling systems to adapt in real-time. But their true power is unlocked when combined with device-level data. By integrating device intelligence with behavioural and transactional analytics, we can:

• Score fraud risk more accurately
• Reduce false positives
• Gain a 360° view of user activity

This multi-dimensional approach is how we stay ahead of fraud rings that are constantly evolving.

Final thoughts: Building cybersecurity and fraud resilience – a layered approach

Fraud prevention isn’t about a single tool—it’s about defence in depth. Here’s my takeaway from the panel discussion:

1. Embed device intelligence across onboarding, login, and transaction flows
2. Adopt zero trust at the device level – never trust a device just because it logged in once
3. Move to secure, frictionless authentication – multi-factor authentication must evolve beyond SMSes, OTPs, which are increasingly vulnerable to man-in-the-middle (MitM) attacks
4. Invest in collaborative intelligence – sharing anonymized data of compromised devices across institutions to identify fraud

To fight tomorrow’s fraud, we need to know the user, the device and behaviour to connect the dots. Only by combining user authentication upon point of login, customer’s risk profiles based on historical patterns and device intelligence can we make informed, real-time risk decisions. Device intelligence isn’t just a “nice to have” anymore – it’s a core requirement for building fraud resilience in the digital age.

Let’s not wait for the next wave of fraud to hit. Let’s be ready for it.

Enjoyed this read? Dive deeper into the conversation by watching the full panel discussion here: