Why Financial Crime Needs a Shared, Data-Driven Response

Historically, financial fraud has relied on familiar approaches including phishing emails, cloned websites and cold calls from malicious actors pretending to be a bank. But more recently, the threat landscape has shifted in ways that are both measurable and significant, with criminal activity increasingly migrating towards encrypted digital environments.

Revolut's latest Consumer Security and Financial Crime Report, produced in partnership with Juniper Research, sets this evolution out in more detail, offering a detailed examination of fraud trends in the fintech sector in recent years. 

Drawing on transaction and reporting data across its global customer base, it indicates a clear directional shift: APP fraud is migrating away from traditional social networks and towards encrypted messaging platforms, with material consequences for consumers, financial institutions and regulators alike.

The platform at the centre of the report's most striking findings is Telegram, the cloud-based and cross platform social media and instant messaging service. While Meta's applications – Facebook, Instagram and WhatsApp – still account for the largest share of reported scams globally at 44%, Telegram's trajectory is the most cause for concern for financial institutions. 

Revolut’s report records a 233% year-on-year increase in fraud cases originating on the platform, a rate of growth that reflects how deliberately and effectively criminals have adapted to its features. 

End-to-end encryption and large private group channels create an operating environment that is structurally difficult to monitor, and the research data demonstrates clear consequences – Telegram now accounts for one in five reported scams worldwide, and more than half of all job scams, a category that has itself tripled in volume over the past year.

TikTok's share of fraud cases has also increased sixfold year-on-year, still small in absolute terms, but a meaningful signal of where criminal attention is turning as the platform's user base grows. 

In the UK, the dominant threat remains more traditional; purchase scams account for 54.9% of all reported cases, a figure that has held relatively constant and speaks to vulnerabilities in routine consumer transactions rather than sophisticated financial deception. 

Underpinning these trends is a commercial dynamic that the report is direct in identifying. Social media platforms generated an estimated £3.8bn in revenue from fraudulent advertisements targeting European users in 2025, a figure that sits alongside the 17% rise in APP fraud volumes recorded by UK Finance in the first half of the same year. 

That increase occurred after the introduction of a mandatory reimbursement regime, a policy designed to sharpen incentives across the payments ecosystem. The implication is clear: financial institutions are absorbing greater liability while the platforms on which much of this fraud originates remain largely insulated from its costs.

The report's response to this misalignment is a set of policy recommendations timed to coincide with the UK Government's forthcoming Fraud Strategy. It calls for mandatory participation in cross-sector data-sharing schemes, backed by enforcement action for non-compliance. It also leaves open the prospect of further regulatory intervention if the largest platforms fail to achieve meaningful reductions in fraud originating on their services. The argument is not new, but the weight of data assembled here gives it renewed force and a clearer evidential foundation.

Mastercard

Mastercard occupies a distinctive position in the fraud prevention landscape, defined by the scale of transactional intelligence it has accumulated across decades of global operations. That data advantage has become increasingly central to its fraud strategy, and its most significant recent development in the space reflects that.

Launched in late 2025 following the company's acquisition of cyber threat intelligence firm Recorded Future, Mastercard Threat Intelligence represents the first offering of its kind applied to payments at scale.

The product integrates Mastercard's fraud insights and network visibility with Recorded Future's curated threat data, enabling fraud and cybersecurity teams at issuing and acquiring banks to detect and respond to cyber-enabled fraud in a more coordinated, proactive way. The gap it addresses is significant: 60% of global fraud leaders report learning about cyber breaches only after losses have begun to accumulate.

The underlying argument is that fraud and cybersecurity teams have historically operated in silos, an arrangement that benefits neither. 

During market testing, the platform's intelligence data helped partners identify and remove malicious domains linked to an estimated US$120m in fraud across nearly 9,500 e-commerce sites.

Stripe

Stripe Radar operates from a structurally different premise to most fraud prevention tools. Rather than offering a standalone detection layer, it is built into Stripe's payments infrastructure and trained continuously on the full volume of transactions flowing through the network.

The practical implication of that design choice is significant. With over US$1.4tn in payments processed annually across 197 countries, Radar's machine learning models have access to a dataset few independent fraud tools can approach in breadth or recency.

Every transaction is assigned a risk score in real time, evaluated across hundreds of signals, device fingerprints, IP reputation, behavioural patterns, card network data and issuer responses before a decision is made to approve, flag or block.

There is a 92% probability that any given card has been seen previously on the Stripe network, a figure that materially improves the accuracy of those assessments. 

Radar reduces fraud by an average of 38%, according to Stripe's own data, while adaptive rules introduced in 2025 allow risk thresholds to incorporate issuer intelligence dynamically, reducing false positive rates and recovering revenue that stricter blanket rules would otherwise forfeit.

What distinguishes Radar's architecture is its iterative character. Models have evolved from logistic regression to deep neural networks as the training dataset has grown, with each architectural change producing measurable improvements in detection performance. 

The system is also increasingly capable of protecting non-card payment methods, including ACH and SEPA transactions, relevant as businesses expand beyond traditional card rails and malicious actors adjust their targeting accordingly.

Sumsub

Sumsub approaches fraud prevention from the identity layer outward, a strategic orientation that reflects its origins as a KYC and compliance platform and its subsequent expansion into full-cycle fraud detection. 

The company's Identity Fraud Report 2025-2026, drawn from over four million fraud attempts and survey data from more than 1,500 fraud professionals and end-users, offers one of the more granular accounts of how identity-based fraud is evolving at the operational level.

The report's headline finding, a 180% year-on-year increase in sophisticated, multi-step fraud, points to a structural shift in the threat environment. 

Where 2024 saw widespread deployment of accessible fraud-as-a-service toolkits, 2025 brought a consolidation into fewer but more organised operations, with synthetic identities, deepfakes and coordinated account abuse replacing lower-skill mass attempts.

The platform's own data indicates that 76% of fraud attempts occur post-onboarding, during routine user activity such as logins and transactions, a finding that has directly informed Sumsub's expansion into device intelligence and continuous behavioural monitoring.

The company's product architecture reflects this, combining KYC, transaction monitoring, device fingerprinting and fraud network detection within a single integration, with the aim of providing consistent risk assessment across the full customer lifecycle rather than at discrete checkpoints.

With over 4,000 clients across fintech, crypto and e-commerce, and recognition from Gartner as a sector leader, Sumsub's positioning is that identity and fraud prevention are inseparable problems, and should be addressed by a single, configurable platform rather than assembled from disconnected point solutions.