Fragmented Payments Data Is Giving Fraudsters the Upper Hand

Watch more: Virtual Roundtable With Trulioo’s Kiran Kumar and Mastercard’s Kurt Weiss

Trust in both financial services and public consciousness has traditionally been treated as a checkpoint.

A customer opened an account, submitted documents, cleared know-your-customer (KYC) reviews and, in effect, crossed the threshold. Once inside, they were largely treated as trusted unless something went obviously wrong.

It was the same with personal relationships. Trust was a threshold. Only now, as personal and financial lives increasingly migrate online, trust is being forced to follow them both. But in a digital environment, trust must be continuous. It can’t be a moment. Moments, in a digital setting, are incredibly exploitable.

To explore what this shift may hold for more advanced security along the payments and financial services perimeter, PYMNTS sat down with Mastercard Vice President of Product Kurt Weiss, and Trulioo Vice President of Product Kiran Kumar.

The operational reality today is one where fraud, account takeovers and synthetic identities are pushing banks and FinTechs to move beyond one-time KYC and build continuous, risk-based trust across onboarding, authentication and payments.

“Gone are the days where trust was treated like a binary gate at the point of account opening. Trust was an event; now, it’s a profile,” Kumar said.

In practice, this can be hard to execute. Institutions need infrastructure that can ingest multiple signals, interpret them quickly and govern the next action coherently.

“Every interaction is a valuable piece of information, and you want to be able to store it, flag it, share it across your organization,” Weiss said, stressing that when those signals are siloed, the organization loses the ability to recognize that “the person who came in door A is the same as the person who came in door B.”

“We can’t take advantage of AI if we don’t have well-labeled data,” he said.

Kumar echoed this, describing how siloed systems lead to risk signals that fail to “talk to each other,” undermining the holistic view required for effective trust management.

The operational stakes of relying on fragmented data infrastructure are also rising as the nature of fraud itself evolves. Synthetic identities, which are typically fabricated persona built from a mix of real and fake data and brought to life with AI, have become more sophisticated, democratized and scalable. Unlike traditional fraud, synthetic identities are designed to pass initial checks and build credibility over time.

Detecting them requires a shift from verification to what Kumar called “verification as interrogation,” a deeper, context-driven analysis that goes beyond surface-level checks.

For Mastercard, which processes billions of transactions across its network, the company sits at a vantage point where patterns of trust and fraud are increasingly fluid and necessarily collected.

“The goal for us is to figure out what inputs we can get from different lifecycle events, then design and make standard our collection around it so that we can provide a greater level of insight and security tied to how these identities are performing across the entire ecosystem,” Weiss said.

The operational challenge of modern fraud prevention lies in orchestrating the vast array of signals required to build and feed an identity profile. Behavioral patterns, device intelligence, transactional data and digital footprints must be layered together in a way that produces actionable insight.

“It’s about orchestration of these signals and creating context to that entity,” Kumar said, noting that the profile is not just about confirming who someone is, but whether they remain consistent over time.

“Are they still who they said they are? Are they behaving consistently? Has their risk posture changed? And letting those signals dynamically update the confidence score,” he added.

Yet intelligence alone is insufficient without the infrastructure to act on it. Weiss pointed to a persistent gap in many organizations: the inability to translate risk signals into real-time decisions.

“Could you actually deliver a risk score there? Could you action on that?” he asked. “Often that is limited because the infrastructure isn’t quite extending to all of these lifecycle events.”

After all, in many enterprises, identity verification, authentication and fraud detection operate as separate workflows, each with its own data models and ownership.

For a long time, identity and compliance were treated primarily as defensive functions, necessary constraints on growth. The new framing is more expansive. Trust, in this view, is not only a control problem. It is also a product problem, a customer-experience problem and, ultimately, a revenue problem.

Weiss pointed to a growing trend among financial institutions to design onboarding experiences that evolve alongside the user’s relationship with the brand.

“What is the consumer experience that you want to provide?” he said. “And how can you insert some of these interrogations not as friction, but as things that make sense?”

It’s a notable change in emphasis, one that is no longer only about fraud prevention but increasingly about good-customer recognition.

“Trust is really relational,” Kumar said. “It’s not transactional.”

The post Fragmented Payments Data Is Giving Fraudsters the Upper Hand appeared first on PYMNTS.com.