Anthropic’s AI model Mythos, part of its Claude software, represented a clear threat to banks and financial institutions in South Africa.

This is according to Bijan Sanii, CEO of Canadian fraud detection provider INETCO.

“South African banks and financial institutions should be concerned,” Sanii told MyBroadband in an emailed Q&A. “Not because Mythos is necessarily being used in fraud scams and bank fraud schemes today, but because it signals where the cyber threat environment is heading.”

Anthropic, one of the world’s most important generative AI makers, positioned Mythos as an extremely capable AI model designed to identify vulnerabilities in critical software beyond human capabilities. The company decided to release Mythos under heavily restricted access through “Project Glasswing” to prevent the model from falling into the wrong hands.

On 21 April, Bloomberg reported that unauthorised users had gained access to Mythos.

“Even restricted AI tools can leak, be misused or be accessed,” said Sanii. “For South African institutions, the issue is that AI is accelerating the discovery, testing and potential weaponisation of software weaknesses.”

Sanii said he expected other models as powerful as Mythos to emerge in the coming years, which could help attackers map environments, identify weak points, and chain vulnerabilities much faster.

Last week, San Francisco-based security firm Theori employed an “AI hacker” called Xint Code to uncover a high-severity Linux vulnerability that could have allowed attackers to gain a root shell. The flaw affected mainstream Linux distributions using kernels built since 2017 and was discovered after a researcher set the AI to follow an insight into an underexplored bug class in Linux’s crypto subsystem.

“In effect, Mythos is accelerating the shift from a slower cyber world built around periodic reviews and after-the-fact remediation to one where banks need in-flight detection and real-time resilience.”

These risks could be amplified for local financial institutions. While large global technology firms and select banks were granted early defensive access to Mythos, most South African firms were excluded. Sanii said that this could widen the gap between organisations that can test and strengthen systems against AI-assisted attacks and those that must defend without this advantage.

Financial institutions under attack in South Africa

Adumo, one of South Africa’s largest payment processors that processes over R100 billion annually, was the target of a data breach in April that involved an external application connected to its system. That same week, the country’s largest bank by assets, Standard Bank, announced that private client information had been shared online. This followed a major data breach by a threat actor called “Rootboy.” While it was not confirmed whether AI was used in the attacks, cybersecurity firm Check Point Software told MyBroadband that hackers were using AI to aid their attacks in South Africa and worldwide.

“AI-assisted tools can help attackers discover and exploit vulnerabilities much faster,” explained Sanii. “Banks should treat AI cyber risk as a governance and resilience issue, not only an IT issue.”

He said that financial institutions in South Africa should expand red-team and penetration-testing programmes to reflect the growth of AI-assisted attack methods. That meant not only testing individual applications but also how vulnerabilities could be chained across APIs, identity systems, payment environments and, crucially, legacy platforms.

“Then there’s the issue of third parties,” he said. “A weakness outside the bank’s own walls can still become a banking problem if it affects customer access.”

Local banks, insurers, retailers, fintechs and payment providers depend on scores of external vendors, processors, cloud platforms, call centres and software services providers.

“The reported Mythos access issue is a reminder that trusted partners can become an exposure point,” he added.

He said the threat Mythos poses to local financial institutions extends beyond the Anthropic AI model. Instead, its development is a signal that cyberattack capabilities are becoming faster.

“South African banks and companies that adapt now will be much better positioned than those that continue to treat cybersecurity as a back-office technology issue.”

The post INETCO’s Bijan Sanii on the threat every South African bank should be worried about appeared first on INETCO Payment Security Solutions.

As highlighted in the article, INETCO CEO Bijan Sanii points out a critical truth:

The truth of the matter is, there’s hundreds of pretty significant financial institutions that are not well protected, that don’t have an ability to inoculate themselves against this.

The conversation is being fueled by the emergence of AI technology capable of identifying software vulnerabilities at a speed and scale that was previously unimaginable. What once took skilled attackers months or years can now potentially be achieved in hours.

The shift to “machine-speed” risk

At the heart of the issue is a growing imbalance: AI is accelerating the discovery of vulnerabilities faster than organizations can remediate them.

This creates what experts are calling a remediation gap — a widening window between when a weakness is identified and when it can be fixed. For banks operating complex interconnected systems, that gap represents real exposure.

Legacy infrastructure and third-party dependencies only compound the problem. Many financial institutions still rely on older technologies and vendor ecosystems that weren’t designed for this level of scrutiny or speed.

Public confidence vs. private concern

While some bank leaders are publicly downplaying the risks, the reality behind the scenes appears more nuanced. Security teams are actively testing these new AI capabilities, reassessing their defenses and grappling with how to respond to threats that operate at machine speed.

This isn’t just a theoretical risk. It’s a rapidly evolving operational challenge.

Why this matters now

The rise of AI-powered vulnerability discovery changes the rules of the game:

• Attack surfaces expand faster as systems are analyzed more deeply
• Time-to-exploit shrinks dramatically
• Detection systems that rely on delayed data are too slow to catch threats in real time

In this environment, prevention alone is no longer enough. Financial institutions need the ability to see, understand and respond to threats as they happen, not after the fact.

The role of real-time transaction intelligence

This is where real-time visibility and the ability to harness field-level transaction intelligence in milliseconds plays a critical role, and where Know Your Transaction (KYT) becomes essential. KYT enables continuous real-time analysis of transaction behavior, allowing financial institutions to detect anomalies and payment fraud as it unfolds. 

Explore how KYT strengthens real-time payment fraud detection and prevention in our latest blog.

Gaining access to real-time transaction intelligence will help organizations enhance their ability to:

• Identify subtle behavioral patterns indicative of emerging threats
• Detect and prevent payment fraud and system misuse in real time
• Strengthen cyber-resiliency across legacy and modern environments

In a world where AI can expose vulnerabilities instantly, real-time intelligence becomes the foundation of defense.

Closing the remediation gap

The real question isn’t whether AI will reshape the threat landscape, because it already has. What must be asked now is whether financial institutions can adapt quickly enough to keep pace.

Closing the remediation gap requires more than faster patching cycles. It demands in-flight detection and continuous prevention and visibility across every transaction flowing through the system.

That’s the difference between reacting to threats and staying ahead of them.

Read the full article in American Banker. Source: American Banker, “Knock on wood: Are banks doing enough to cope with Mythos?”, April 30, 2026 by Penny Crosman

FAQ

What is real-time transaction intelligence?

Real-time transaction intelligence is the ability to decode, correlate and analyze every element of a transaction as it happens across systems, channels and networks in milliseconds.

It goes far beyond simple transaction monitoring. It involves:

• Decoding: Inspecting full transaction payloads, not just summaries or logs
• Correlation: Linking activity across channels, sessions, devices and systems
• Contextual analysis: Understanding behavior, timing and anomalies in real time

This level of intelligence enables organizations to move from after-the-fact detection to prevention that starts while transactions are in flight. 

Why does this matter?

AI-powered threats operate at machine speed, so defenses must as well.

Without real-time transaction intelligence, attacks can complete before alerts are generated, fraud signals remain hidden in fragmented systems and security tools lack the context needed to act precisely.

With it, suspicious behavior can be identified mid-transaction, threats can be stopped before authorization or completion and false positives can be reduced through deeper context.

What types of attacks can real-time transaction intelligence help prevent?

Real-time transaction intelligence is particularly effective against:

• Man-in-the-middle (MITM) attacks altering transaction data in-flight
• Malware-driven manipulation of payment requests or responses
• Authorized push payment (APP) fraud using social engineering
• Credential compromise and account takeover with subtle behavioral shifts
• Zero-day exploits that bypass traditional signature-based defenses

How can financial institutions fight AI-powered threats with AI?

As AI accelerates the speed and sophistication of attacks, traditional defenses are no longer sufficient. Static rules, delayed detection and perimeter-based controls cannot keep pace with threats that learn and adapt in real time.

Modern financial institutions must now fight AI with AI. This means combining real-time transaction intelligence for deep visibility and context, self-learning AI models that continuously adapt to behavior, transaction firewall capabilities that monitor transactions in flight, and AI-driven investigation agents that accelerate response and decisioning.

Together, these capabilities form a closed-loop defense system that can detect, decide and act within the lifecycle of a transaction, not after it.

How does transaction intelligence power modern payment fraud prevention?

Defending against AI-driven threats requires more than visibility. It requires a modernized fraud prevention stack that combines transaction intelligence with AI, automation and precision controls, including:

Complete transaction visibility

Provides a full 360-degree view of every message field — application payload, metadata, network data, request/response timing — across all payment channels with no blind spots.

Real-time, end-to-end integrity 

Monitors transactions in-flight from initiation to authorization and back. This enables detection of MITM attacks, malware-based manipulation and zero-day threats before completion.

Self-training individualized AI models

Creates a unique behavioral model for every user, card, device and terminal that self-updates after every transaction.

Transaction field-level blocking

Delivers precision-blocking of specific fraudulent transactions without disrupting legitimate ones, outsmarting WAFs that can only block at IP or port level.

AI-powered investigation agent

Accelerates fraud investigation with AI-driven agents specifically built for payment fraud. These systems automatically triage alerts, surface the most relevant cases for immediate analyst attention, reduce the operational burden of manual false positive reviews and provide explainable AI decisions for faster action.

The result is up to 40% faster investigation and response times, enabling analysts to focus on high-priority threats.

The post Are banks ready for AI-powered cyber threats? appeared first on INETCO Payment Security Solutions.

But today, that’s no longer enough. 

While real-time payments, open banking and global transaction flows have created unprecedented convenience for customers, they’ve also opened the door to faster, more sophisticated financial crime as fraudsters attack through legitimate front doors using stolen identities, synthetic profiles and mule accounts that pass initial checks. Indeed, according to data from our friends at Sumsub, 76 percent of fraud happens after onboarding.

That’s where Know Your Transaction (KYT) comes in. KYT refers to the continuous monitoring and analysis of financial transactions to detect suspicious or anomalous behaviour. Rather than focusing solely on identity and due diligence, KYT focuses on activity and carrying out continuous checks to inform real-time risk scoring — how, when, where and why money moves.

By analyzing behavioral consistency and transaction patterns such as frequency, velocity, counterparties and device signals, KYT enables financial institutions to identify risks that static identity and basic authentication checks simply can’t capture. The key objective is that suspicious transactions are flagged and blocked before they are authorized. This shifts fraud prevention from a reactive investigation process to a proactive, predictive defense.

How is this best accomplished? Keep reading to learn more.  

Why KYT is critical in today’s payments landscape

Faster payments leave no room for delays

From Brazil’s Pix and India’s Unified Payments Interface (UPI) to Indonesia’s BI-FAST and Colombia’s Bre-B, real-time and near-instant payment rails are becoming the norm. According to a study by Juniper Research, the total value of money moving through instant payments is on track to surpass the $100 trillion mark in 2029, up from $60 trillion in 2025. 

Because of this, the window to detect fraud is shrinking dramatically. Fast-moving funds equate to instant and irreversible fraud, with traditional batch-based monitoring systems that flag activity hours or days later no longer being viable. Fraud must be detected as it happens, not after funds are stolen.

The rise of mule account networks

Mule accounts have become a cornerstone of modern fraud operations. Often opened with legitimate credentials, these accounts are used to receive and rapidly transfer illicit funds across networks, making detection and recovery difficult.

KYT plays a critical role in identifying mule activity by flagging patterns such as:

• Sudden unusual spikes in transaction volume
• Rapid movement of funds across multiple accounts, including immediate withdrawals after deposits 
• Repeated transfers to newly added recipients or suddenly reactivated dormant accounts 
• Short gaps between inbound and outbound transactions 
• Shared device fingerprints across accounts
• Anomalous login behavior, including high-risk geolocations or IP addresses

These signals often only emerge at the transaction level, and not during onboarding.

Increasing regulatory expectations

Regulators around the world are placing greater emphasis on ongoing transaction monitoring as part of anti-money laundering (AML) and counter-terrorist financing (CTF) programs. The United Arab Emirates, for instance, recently implemented a new AML law, while a recent report from the Paris-based Financial Action Task Force (FATF) confirmed that Saudi Arabia has made fundamental changes to its AML/CFT law to bring its legal and institutional framework in line with FATF’s updated recommendations.

With financial institutions expected to not only identify suspicious activity, but to do so quickly and accurately, KYT is becoming a foundational requirement. For example, it is a cornerstone of TrustNET, a unified AI-driven platform that combines identity verification, compliance orchestration, payment fraud prevention and real-time transaction monitoring into a single framework. Created through a strategic partnership between Ghana-based BlueSPACE, INETCO and Sumsub, TrustNET integrates global technology expertise with regional fintech leadership to help financial institutions strengthen security, meet regulatory requirements and deliver trusted digital financial services across Africa. According to a report published by AfricaNenda Foundation in partnership with the World Bank Group and the United Nations Economic Commission for Africa, as of late 2025 Africa has 36 live instant payment systems across 31 countries, with around 19 more under development. These systems processed 64 billion transactions in 2024.

Legacy systems have blind spots

Many traditional fraud systems rely on limited data, siloed visibility or rule-based detection that has very limited data elements to evaluate. This makes it challenging for teams in fraud prevention to adapt to new attack patterns. As fraud becomes more dynamic, automated and coordinated, these systems fall behind.

Modern fraud prevention requires access to real-time granular data, behavioural analytics and adaptive intelligence.

What effective KYT looks like

A robust KYT strategy goes far beyond silo-based retrospective monitoring. It requires fraud analysis at the individual transaction level, including: 

• Continuous real-time transaction monitoring across the end-to-end transaction journey and across all channels
• Field-level visibility to analyze granular data elements related to the individual messages sent as part of a payment journey 
• Behavioural models that constantly self-learn after every transaction to identify new fraud patterns and emerging threats
• Individual machine learning models built to perform analysis per entity (e.g. account, card, device, terminal) to deliver more accurate and dynamic risk scoring
• The incorporation of analyst decisions into model training, ensuring that human expertise continuously improves detection accuracy
• Automated alerting and workflow-driven investigation response mechanisms
• Real-time risk advice for every transaction and explainable AI for transparent, high-fidelity decisioning that provides clear reasoning for actions taken 
• Precise controls such as alerts, facilitation of step-up verification, throttling or transaction blocking for high-risk payments with early signals linked to money mule indicators

Together, these capabilities allow financial institutions to move from reactive detection to proactive prevention.

How INETCO BullzAI enables real-time KYT

INETCO BullzAI provides the infrastructure and intelligence needed to bring KYT to life in modern payment environments. Key features include:

Real-time transaction monitoring: INETCO BullzAI monitors transactions as they occur across ATMs, POS systems, digital banking channels and payment networks, ensuring that suspicious activity can be identified and stopped instantly.

Deep transaction visibility: By decoding and analyzing transaction message data at a granular level, INETCO BullzAI delivers a comprehensive view of each transaction journey. This level of visibility allows institutions to detect subtle anomalies that would otherwise go unnoticed.

Detection of complex fraud patterns: INETCO BullzAI’s analytics capabilities are designed to identify multi-vector fraud scenarios, including:

• Mule account networks
• Account takeover attempts
• Bot-driven attacks
• Anomalous transaction flows

These patterns often span multiple systems and touchpoints requiring a unified real-time view.

AI-driven behavioural analysis: Adaptive models continuously learn from transaction behaviour, enabling more accurate risk scoring and reducing false positives. This helps institutions focus on real threats without disrupting legitimate customers.

Transaction intelligence is critical to fraud prevention

As financial crime becomes more automated, distributed and data-driven, siloed approaches to compliance will continue to fall short. That’s why continuous real-time transaction intelligence is the only way forward.

By combining real-time monitoring, deep transaction visibility and adaptive analytics, INETCO BullzAI empowers organizations to detect threats earlier, respond faster and prevent fraud before it impacts customers or the bottom line.

In a world where money moves instantly, security has to move even faster to maintain confidence and trust. 
If your payment fraud strategy still relies on static rules or delayed reviews, now is the time to evolve. Learn how INETCO BullzAI can help you stay ahead of payment fraud and compliance risk in 2026 and beyond by scheduling a demo today.

The post The ABCs of KYT: How this key process combats payment fraud appeared first on INETCO Payment Security Solutions.

A fraud or cyberattack can quickly become a liquidity event when it disrupts settlement funds, triggers abnormal transaction flows or forces payment services offline. That is why banks, payment processors and instant payment networks need real-time visibility into transaction activity, settlement exposure and emerging operational risk.

Consider BTG Pactual’s temporary suspension of Pix operations after a March 22 cyberattack diverted roughly $18 million USD from reserve funds. This was not only a cybersecurity incident. It was also a payments resilience and liquidity risk event. When money moves instantly, institutions need to see abnormal transaction activity as it unfolds, understand what it means for exposure and settlement and respond before disruption spreads.

For banks and payment processors, intraday liquidity monitoring is no longer just a back-office task. It is a real-time operational requirement.

What is intraday liquidity monitoring?

Intraday liquidity monitoring is the real-time tracking of incoming and outgoing payment flows and available cash positions to ensure banks can meet immediate, 24/7 payment obligations without exceeding daily maximum limits and risking liquidity shortfalls. Its purpose is to help financial institutions meet payment obligations on time, avoid settlement disruption and respond quickly when abnormal transaction patterns emerge. The latter include rapid acceleration of outbound payments, atypical timings, repeated small-value authorizations and unusually large or clustered transaction volumes.

In a real-time payments environment, that means answering critical questions as activity unfolds: Are transaction flows rising abnormally? Are settlement thresholds being approached? Is the activity operational, seasonal or potentially fraudulent? 

The larger lesson behind the March 22 cyberattack

This recent operational supply-chain compromise matters not just because funds were diverted, but because it exposed how quickly payment-system risk can escalate. Reports indicated that the incident involved funds held in the bank’s reserve account at the Central Bank of Brazil for settlement activity. Hackers penetrated the bank’s internal systems and diverted approximately $100 million reais ($18 million USD) from its settlement reserves. The funds were dispersed across seven banks and partially converted to cryptocurrency before being flagged. Pix services were temporarily suspended at the institution as a precaution, while customer accounts and personal data were not compromised. Most of the diverted amount (73 million reais) was reportedly recovered and services restored within 24 hours, but the disruption still underscores how a cyber event can put immediate pressure on the operational plumbing behind instant payments. 

This marked the third significant supply-chain attack on the Pix ecosystem in under a year, with each following a clear pattern: Instead of going after individual account holders, attackers have shifted their attention to the settlement infrastructure that links financial institutions and payment service providers to the broader payments system. The broader takeaway is clear: In fast payments, a fraud or cyberattack does not need to compromise customer accounts to create serious operational and liquidity pressure. If reserve funds, settlement capacity or transaction flows are affected, institutions may be forced to act immediately to contain risk, protect reputation and trust and limit fraud loss.

That is the challenge in any fast-moving payment environment globally: operators need to see, in real time, when transaction flows begin to threaten intraday liquidity thresholds, settlement capacity or service continuity. The recent wave of attacks indicates that real-time protection mechanisms have not kept pace with evolving threat tactics.

How does a fraud or cyberattack become a liquidity event?

A fraud or cyberattack can become a liquidity event when it causes an institution’s payment obligations to exceed daily maximum liquidity usage limits, causing the organization to suspend payment activity, delay settlement processes and face regulatory scrutiny or penalty fines. This could be due to attacks that divert reserve funds or create abnormal transaction volume or velocity spikes, resulting in negative cash outflows or internal fraud such as malware, transaction injection/manipulation or Shadow AI. In real-time payments, even a short disruption can create immediate, unrecoverable exposure because transactions settle so quickly and continuously.

How can financial institutions and payment service providers block threats targeting liquidity reserves in real time?

There are a number of emerging fraud requirements that will help banks and payment service providers detect and block threats targeting instant payment operational supply chains and liquidity reserves. These include real-time end-to-end transaction monitoring for millisecond fraud detection. A solution such as INETCO BullzAI is specifically designed to perform real-time decoding and correlation of every transaction end-to-end, revealing granular network-level protocol intelligence, response and request timings of every message link, application messages, metadata and device intelligence. This enables continuous know your transaction (KYT) analysis and improves the accuracy and speed of alerts, risk scores and AI behavioural models. The result is the ability to block supply chain attacks in-flight using the INETCO BullzAI transaction firewall, precisely reducing the risk of fraud loss, settlement disruption and liquidity thresholds being surpassed. 

INETCO’s approach stands out because it’s based on a simple premise: financial institutions and payment service providers need to continuously monitor every incoming and outgoing payment transaction themselves. They need to see every cash balance, settlement obligation and in-flight payment in one view and take immediate, AI-driven action to block or suspend suspicious activity. Machine learning models built to analyze the individual behaviours of every account, card and device can self-learn and update after every transaction to pre-emptively spot attacks before fraud loss occurs.  

Rather than relying on batch reports or notifications from central banks, teams can monitor transaction values, payment flows, issuer activity and broader network behaviours as events unfold. This is especially important as hidden payment fraud — such as transaction amounts that fall below fraud thresholds — quietly strains liquidity long before it’s identified.

Why fraud and liquidity can no longer be separated

With INETCO BullzAI, liquidity monitoring is not treated as an isolated function. It sits alongside real-time transaction monitoring and fraud detection and prevention as part of one platform supporting multiple use cases across every payment type and channel.

That reflects what payment operators are increasingly seeing in the real world. A liquidity spike may be operational. It may be seasonal. But it may also be linked to fraud, abnormal behaviour, system misuse or a compromise elsewhere in the payment chain.

In other words, fraud monitoring and intraday liquidity monitoring should no longer be viewed as separate disciplines. In a real-time payments environment, suspicious transaction behaviour can quickly create liquidity pressure, and liquidity stress can be an early signal that something else is wrong.

To learn more about how INETCO BullzAI helps payment networks and financial institutions monitor liquidity in real time, detect abnormal transaction activity earlier and protect payment operations under pressure, schedule a demo today.

The post How to stop fraud and cyberattacks from becoming liquidity ordeals appeared first on INETCO Payment Security Solutions.

This recognition highlights the real world impact our customers are making to prevent payment fraud and strengthen cyber resiliency across global payment ecosystems.

Recognizing innovation in Canada

The Canadian Business Awards celebrate organizations driving innovation and measurable impact across Canada’s economy. Now in its tenth year, the program recognizes companies shaping the future of business through performance and leadership.

Being selected reinforces the growing importance of real time payment fraud detection and prevention in today’s digital economy.

Why this matters

As payment fraud increases in speed and sophistication, financial institutions and payment processors need real time intelligence to detect and stop threats without disrupting legitimate transactions.

With INETCO BullzAI, organizations detect and stop payment fraud in real time while gaining visibility into transaction behavior across complex systems, helping them strengthen cyber resiliency without friction and protect customer trust.

This award reflects the results our customers achieve every day. We thank our customers for trusting INETCO to protect their payment environments and our partners for helping deliver stronger and more resilient ecosystems.

The post INETCO wins 2026 fraud detection and cybersecurity software award appeared first on INETCO Payment Security Solutions.

When it comes to fraud prevention, most of us know that small steps can make a big difference: use strong passwords and a password manager, turn on multifactor authentication, and so on. But for banks, fintechs and payment processors, those small steps are just the beginning. 

Supported by Fraud-as-a-Service (FaaS) resources and AI-powered bots, cybercriminals are moving faster and more stealthily than ever, and fraud attempts are no longer just phishing emails. Real-time payment scams, account takeovers, and synthetic identity fraud are draining billions from financial institutions. Criminals don’t even need passwords if they can mimic digital behavior, and with AI-driven multi-channel attacks, that’s exactly what they’re doing. Banks are struggling to keep pace, and the cost of falling behind is impacting their ability to outsmart fraudsters, stay compliant, and keep customers safe. 

What’s needed is a fundamental shift: fraud prevention solutions must evolve in milliseconds, not hours or days. That means harnessing transaction intelligence, AI and machine learning to spot anomalies instantly, and building proactive systems capable of adapting and intercepting new and evolving attacks before they complete without disrupting legitimate customer activity.

The scale of the challenge is staggering. Globally, digital fraudsters stole over $1 trillion in 2024 — often targeting the most vulnerable populations — with a 71% year-over-year increase in cyberattacks using stolen or compromised credentials. To make matters worse for banks, the cost of fighting fraud typically dwarfs the value of fraud being detected.

Despite spending untold billions on fraud detection, too many banks and payment processors still rely on reactive models that wait until suspicious behavior has been flagged, or until losses have already occurred, before updating systems and rules. That approach no longer works. Fraudsters today are using AI to adapt in real time, often outpacing traditional defenses. 

This is not just a technological problem, it is also a trust problem. If banks cannot ensure that every transaction is safe, customers lose confidence — and when confidence falters, inclusion, innovation, and growth all suffer.

The good news is that the shift from reactive to proactive protection is starting to happen en masse. According to the Gartner® Hype Cycle for Fraud and Financial Crime Prevention, 2025 report, “while it is a boon in many areas, criminals are, sadly but inevitably, using Generative AI (GenAI) to create evermore convincing deepfakes and phishing attacks. Banks and vendors are fighting back by using GenAI to detect these new kinds of attacks, to explain and score fraud patterns, and to augment their existing systems by making them more accurate, more efficient and more productive.”

As fraud rates climb globally, and as more people enter the financial system for the first time, the responsibility to protect them grows heavier. Every attack that succeeds erodes trust not only in one institution, but across the entire digital economy.

For those of us building fraud prevention solutions, the mission is clear: empower financial institutions to protect every customer every moment of every day. For banks, the challenge is equally clear: recognize that fraud prevention is not an operational cost, but a strategic investment in trust, inclusion, and long-term growth.

Trust is the foundation of financial empowerment. Without it, innovation cannot flourish. With it, we can ensure that every person — whether in Johannesburg, Riyadh, São Paulo, Mexico City or Vancouver — feels safe engaging in the digital economy.

Gartner, Hype Cycle for Fraud and Financial Crime Prevention, 2025, Vatsal Sharma, Pete Redshaw, 21 July 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and HYPE CYCLE is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. 

Article by INETCO CEO and Founder, Bijan Sanii, originally published in The 2026 State of Fintech by York Public Relations.

The post Why fraud prevention must evolve in milliseconds, not hours or days appeared first on INETCO Payment Security Solutions.

March 11, 2026 – ACCRA, GHANA – As West Africa’s financial sector undergoes rapid digital transformation, regulators and financial institutions face increasing pressure to deliver frictionless customer experiences that enable safe, inclusive participation in the global digital economy. Rising to this challenge, BlueSPACE, INETCO and Sumsub have joined forces to launch TrustNET, a unified AI-driven platform that delivers a powerful end-to-end framework for secure, compliant banking.

TrustNET provides a cohesive, AI-driven solution that bridges onboarding, compliance management, fraud prevention, and infrastructure resilience. By integrating Sumsub’s world-class identity verification and compliance orchestration, INETCO’s real-time payment fraud prevention and transaction monitoring, and BlueSPACE’s deep regional expertise in financial technology integration, the alliance provides a modern solution that secures the entire digital payments journey. 

“The launch of TrustNET represents a pivotal moment in financial integrity in West Africa. By combining our deep local market insights with global AI innovation from INETCO and Sumsub, we are bolstering the security and integrity of Ghana and the broader West African financial ecosystem. This alliance empowers regulators and banks to fight increasingly sophisticated financial crime while fostering greater financial inclusion.”

Samuel Amanor, Founder and CEO at BlueSPACE

A new standard for financial resilience

The TrustNET platform offers a comprehensive suite of next-gen capabilities designed to meet the evolving regulatory demands of the West African region, including:

• Advanced AI compliance: Automated identity verification for individuals and businesses to orchestrate Know Your Customer (KYC), Know Your Business (KYB) and Anti-Money Laundering (AML) onboarding workflows that adapt instantly to evolving regulatory requirements.

• AI-enhanced fraud defence: Real-time transaction monitoring and individualized machine learning models for every user, card and device to instantly detect behavioral drift and block new and evolving payment fraud threats with precision, without affecting legitimate customer transactions. 

• Infrastructure resilience: Balancing digital-first banking with a security-first mindset.

“In an era of high-speed digital payments, real-time visibility is non-negotiable,” said Bijan Sanii, CEO at INETCO. “TrustNET integrates real-time transaction monitoring and AI-powered payment fraud prevention to ensure every end-to-end payment is secure, allowing regulators and banks to scale digital payments confidently.”

“Secure digital banking starts with building compliant and fraud-proof user verification flows without slowing down the customer journey, and that’s exactly what the Sumsub platform delivers to its clients and partners within the fintech space,” said Richy Emah, Regional Director for North/West Africa at Sumsub. “With TrustNET, we are enabling regulators and financial institutions to onboard and verify users instantly and accurately, reducing friction without compromising safety.”

To mark the launch, the partners are hosting an exclusive executive roundtable on March 11, 2026, at the Kempinski Hotel Gold Coast City, Accra, bringing together senior banking leaders, CIOs, CISOs, Heads of Compliance and Fraud Risk executives to explore the future of AI-driven financial integrity in Ghana.

Financial institutions across West Africa can now leverage TrustNET to satisfy stringent onboarding compliance, modernize payment fraud defense and build lasting customer trust. To learn more, contact onyekachi@bluespaceafrica.com.

About TrustNET

TrustNET is a unified AI-driven platform that delivers a powerful end-to-end framework for secure, compliant banking. Created through a strategic partnership between BlueSPACE, INETCO and Sumsub, TrustNET combines identity verification, compliance orchestration, payment fraud prevention and real-time transaction monitoring into a single framework. By integrating global technology expertise with regional fintech leadership, TrustNET helps financial institutions strengthen security, meet regulatory requirements and deliver trusted digital financial services across Africa.

Media contact

BlueSPACE Financial Cloud
info@bluespaceafrica.com

INETCO
Kathleen Reid
media@inetco.com

Sumsub
Elize Engle
pr1@tishalacommunications.com

The post BlueSPACE, INETCO and Sumsub launch ‘TrustNET’ to advance AI-driven financial security in West Africa appeared first on INETCO Payment Security Solutions.

Romance scams have evolved from simple fake profiles into highly organized, AI-powered operations that target victims with alarming precision. What used to be a few convincing messages is now deepfake video, scripted emotional manipulation and coordinated financial coaching.

The scale of the problem is hard to ignore: according to Barclays, nearly one in five UK adults say they’ve either been targeted by a romance scam or know someone who has, and among those targeted, 40% lost money, with the average loss in 2025 reaching £7,000 (about $9,550).

These aren’t just “lonely hearts” schemes. In many cases, they’re the on-ramp to larger investment scams, where victims are slowly groomed and then directed into fraudulent cryptocurrency platforms.

For banks, credit unions and payment processors, this presents a difficult reality: the customer often authorizes the payment.

And that changes everything.

The new face of heartbreak: deepfakes and “love-bombing”

By 2026, generative AI has fundamentally changed how romance scams work.

Scammers can create realistic personas, complete with AI-generated profile photos and even live video calls that appear authentic. They move quickly, building emotional trust through “love-bombing” and constant attention. Once trust is established, a crisis appears. A medical emergency. A frozen account. A “can’t-miss” crypto investment opportunity.

Because the victim believes they’re helping someone they care about, they authorize the transaction themselves. Traditional fraud tools that focus on stolen credentials or compromised accounts often miss this type of payment fraud entirely.

The transaction looks legitimate on the surface. The intent behind it is not.

Why proactive, AI-driven fraud prevention matters

This is where INETCO BullzAI makes a measurable difference.

INETCO BullzAI does not wait for a transaction to reach the authorization host. It monitors the entire transaction journey in milliseconds, analyzing behavior, device signals and payment context before the funds leave the institution. That speed matters, especially with real-time payments and irreversible transfers now common.

Behavioral modeling

INETCO BullzAI builds dynamic machine learning models for each customer and device. If a customer who typically makes everyday retail purchases suddenly initiates a high-value transfer to a new crypto exchange, the system evaluates intent and context in real time.

Surgical precision blocking

Most legacy systems take a blunt-force approach, blocking entire accounts or IP addresses and frustrating legitimate users. INETCO BullzAI uses a transaction firewall to block specific suspicious transactions in real time. That means protection without unnecessary friction, even during peak seasons like Valentine’s Day.

Millisecond intervention for faster payments

Romance scams often rely on irrevocable payment rails. With millisecond-level decisioning, financial institutions can stop payment fraud before completion, not after settlement.

What to watch for this Valentine’s Day

Technology plays a critical role, but awareness still matters. While AI offers a powerful back-end defense, users should stay vigilant for these common signs:

• Rapid escalation to encrypted messaging apps like WhatsApp
• Consistent excuses to avoid in-person meetings or genuine live video interaction (scammers often avoid this)
• Investment “coaching” or promises of quick crypto gains that seem too good to be true
• Romance scams typically begin with fake profiles on dating sites or social media before financial requests are made.

Moving from reactive to real-time protection

Romance scams are no longer isolated incidents. They are structured, AI-enabled operations designed to exploit trust and bypass traditional controls. Financial institutions need protection that operates at the same speed as modern payments.

With INETCO BullzAI, banks and payment providers can move beyond reactive fraud management and toward proactive, millisecond-level defense.

This Valentine’s Day, proactively protect your clients from heartbreak and don’t let your institution become the unwitting middleman in a romance scam.

To see how INETCO BullzAI detects and stops payment fraud before it completes, request a demo with our team.

The post Heartbreak prevention in milliseconds: how AI is reshaping romance scam defense appeared first on INETCO Payment Security Solutions.

Advances in artificial intelligence (AI), automation and digital identity are reshaping how legitimate businesses operate. Unfortunately, those same technologies are also being adopted by fraudsters at scale. Based on industry research and what we’re observing across real-time payment environments, we believe 2026 will be defined by a new generation of emerging fraud threats, zero-day attacks and countermeasures.

Below are six trends our team believes will have a significant impact on financial institutions and payment processors this year:

1. Agentic AI will accelerate payment fraud at machine speed
   Fraud is increasingly being executed by software and agentic bots acting autonomously. Agentic AI systems can initiate actions, adapt tactics and scale attacks across payment transaction channels far faster than manual schemes ever could. AI-driven phishing attacks, synthetic identities and deepfakes are more convincing than ever before, with a level of realism that is bypassing verification checks and human judgement. Traditional threshold-based systems simply can’t react in the milliseconds it takes to detect and prevent this type of payment fraud. Real-time understanding of intent, behavior and context will be table stakes this year, especially for banks and payment processors charged with safeguarding customers’ financial information and maintaining their trust.
2. Connected devices will continue to expand the attack surface
   The proliferation of IoT and connected consumer devices creates additional entry points for payment fraud. Whether it’s a compromised point-of-sale terminal or a network endpoint anomaly, these security gaps offer new opportunities for credential harvesting and social-engineering extensions. That’s why fraud prevention must extend beyond traditional digital channels.
3. Visa VAMP will drive compliance-centric fraud risk
   Visa’s Acquirer Monitoring Program (VAMP) continues to reshape how payment network providers, acquirers and merchants are judged on payment fraud and dispute performance. Visa VAMP is driving a compliance-centric risk by effectively turning merchant fraud levels into an enforceable obligation for acquiring banks and merchants, rather than a purely operational issue. Under VAMP, failure to adequately monitor merchants, detect elevated fraud and card testing instantly, apply consistent fraud controls and document remediation actions can be treated as non-compliance, leading to monitoring programs, penalties or mandated merchant termination.
   
   The program makes fraud management expectations resemble regulatory requirements where gaps in monitoring, inconsistent enforcement or weak evidence trails expose banks to audit, financial and reputational risk. With stricter thresholds now enforced, organizations face compliance-driven friction if payment fraud ratios aren’t tightly managed, making holistic control essential.
4. Ghost tap and PhantomCard fraud will become even more sophisticated
   Contactless and digital wallet technologies are being exploited by invisible “tap-to-pay” schemes that generate unauthorized transactions without cardholders’ awareness. These attacks mimic legitimate tap behaviors, requiring context-aware detection at the device, terminal and card session level rather than simple velocity checks.
5. Governments will step up fraud-fighting efforts
   In 2025, Canada — like other jurisdictions — launched a National Anti-Fraud Strategy and a new Financial Crimes Agency acknowledging that fraud is outpacing traditional defenses. These measures underscore a broader shift: payment fraud prevention must evolve faster than the threats themselves.
   
   Fraud-as-a-service marketplaces, cloned card tools and AI-enabled exploit kits underscore the need for collective action — from cross-industry intelligence sharing to real-time analytics — rather than reactive flagging after losses occur. Predictive and real-time detection across the entire payment flow will be a critical part of policy and enforcement.
6. More fraud will successfully hide inside legitimate payment traffic
   Fraud will increasingly be concealed within legitimate payment traffic, driven by AI-enabled attack sophistication, compromised customer devices and techniques such as low-value card testing and transaction probing that closely mimic normal user behavior. These attacks are difficult to detect without disrupting genuine customers.
   
   To avoid false declines and unnecessary customer friction, banks and processors must move beyond blunt IP- or port-level blocking and adopt message-level transaction analysis. By capturing data directly at the network level and decoding every transaction field across each hop of the payment journey, banks and processors gain the rich, real-time insight needed to precisely stop malicious transactions before they have a chance to complete – without interrupting legitimate transactions or customer access.

What our predictions mean for payment fraud teams

In short, 2026 will separate reactive payment fraud programs from those built for resilience. Payment fraud prevention can no longer be treated as a back-office function. Rather, it must operate at the same speed and intelligence level as the threats it faces.

Key priorities we believe organizations should focus on include:

• Real-time transaction intelligence to stop payment fraud before completion
• Continuous behavioral analytics for each specific user, card, device or terminal – not periodic reviews relying on broad segment behaviors or static rules
• Cross-channel visibility that breaks down payment silos across all banking channels, including ATM, POS, digital, cards and real-time payments
• Unified frameworks that blend fraud and cybersecurity
• Message-level transaction blocking to stop bad events – not entire IPs or ports
• Explainable, auditable AI models that support compliance and trust

AI can be a double-edged sword, but when applied responsibly, it is one of the most powerful tools for proactive defense in a world where payment fraud strategies are becoming more autonomous.

Putting predictions into practice with INETCO BullzAI

By combining advanced behavioral analytics, AI-driven decisioning and real-time transaction monitoring to detect and stop payment fraud as it happens, INETCO BullzAI addresses emerging threats like nothing else on the market today. Its analysis of intent, context and patterns across every interaction helps financial institutions identify sophisticated attacks that traditional systems miss.

INETCO BullzAI also supports compliance with frameworks like Visa VAMP and the evolving regulatory expectations around payment fraud prevention, giving teams the visibility and control needed to manage performance ratios, detect high-risk vectors like enumeration or account compromises and prevent penalties or processing restrictions.

If your payment fraud strategy still relies on static rules or delayed reviews, now is the time to evolve. INETCO BullzAI enables teams to move from reactive fraud management to proactive, AI-powered protection without compromising performance, customer experience or compliance.

Learn how INETCO BullzAI can help you stay ahead of payment fraud and compliance risk in 2026 and beyond by scheduling a demo today.

The post INETCO team shares fraud predictions for 2026 appeared first on INETCO Payment Security Solutions.

December 18, 2025 – Vancouver, Canada and Jeddah, Saudi Arabia – As digital payments accelerate and financial crime grows increasingly sophisticated across the Middle East, Alhamrani Universal, Saudi Arabia’s leading fintech solutions provider, is strengthening regional payments security through the deployment of the INETCO BullzAI cyber-fraud prevention platform. Introduced through INETCO’s global partner, Stanchion Payments, this collaboration reflects a shared commitment to building a trusted, resilient and inclusive payment ecosystem that drives accessibility and economic growth.

Alhamrani Universal, the region’s largest ATM solution provider, plays a pivotal role in supporting Saudi Vision 2030 and advancing digital transformation – partnering with banks and merchants across the Middle East to deliver innovative payment experiences that are secure and seamless. With INETCO BullzAI, the company gains real-time visibility into every step of the transaction journey across self-service and digital channels, ensuring that every terminal is legitimate, every transaction is secure and every settlement is completed smoothly and reliably.

INETCO BullzAI gives us real-time visibility across thousands of self-service and digital payment transactions – revealing which financial institutions and merchants are active, how transactions are performing and where suspicious behaviors or anomalies occur. By understanding the behavioral patterns of every user, terminal and device, we can scale our business with confidence, respond instantly to emerging threats and reinforce the trust our customers, partners and regulators place in Alhamrani Universal as a leader in secure digital transformation.

Mario Rouhana, Chief Operation Officer, Alhamrani Universal

According to the 2025 Global Digital Trust Insights report for the Middle East from PricewaterhouseCoopers (PwC), the rapid expansion of generative AI and cloud technologies has significantly increased the cyberattack surface for many of the region’s financial services companies, increasing their vulnerability and exposure to new and evolving threats. In fact, 15% of organisations surveyed reported breaches costing over $100,000 USD, while 13% suffered losses exceeding $1 million USD.

Alhamrani Universal’s decision to deploy INETCO BullzAI to monitor its evolving self-service and digital payments ecosystem was driven by the platform’s ability to:

• Monitor every transaction in real-time with zero performance impact by providing visibility across all payment activity, eliminating network blind spots and safeguarding against unauthorised or unregistered terminals operating outside SAMA’s licensed ecosystem.
• Deliver deeper payments intelligence and insights with full access to transaction message fields for flexible, no-code rule creation, adaptive behavioural modeling, increased detection accuracy and detailed reporting on transaction volumes, spending behavior and terminal activity.
• Adapt instantly to new and evolving threats with self-training machine learning models that continuously analyze the behavioral patterns of individual users, terminals or devices, updating after every transaction to instantly detect and stop zero-day fraud attacks – without relying on external vendors or data scientists.
• Stop fraud and cyber-attacks before they complete with a patented AI-powered transaction firewall that pre-emptively blocks high-risk terminals and non-compliant activity, preventing BIN attacks, malware, account takeovers, AI-driven bot attacks and card-present/card-not-present fraud—all without disrupting legitimate transactions.

“As threat actors exploit new vulnerabilities, the financial, reputational and regulatory stakes are higher than ever,” said Steve Kirrage, CEO of Stanchion Payments. “To stay resilient and maintain trust, leaders like Alhamrani Universal are embedding real-time fraud prevention and stronger compliance into their strategy. Stanchion is proud to support solutions like INETCO BullzAI that align to our shared commitment to faster settlements, lower fraud losses and trusted digital payment experiences.”

“INETCO, together with partners like Stanchion, are helping financial institutions in more than 30 countries strengthen real-time fraud detection and prevention,” said Bijan Sanii, CEO and Founder of INETCO. “In rapidly digitizing markets across the Middle East, fraud attacks — from online phishing scams to card-not-present schemes to account takeovers — are evolving faster than legacy systems can respond. As these threats evolve, strategic innovators like Alhamrani Universal are setting a new standard for trust and resilience by embedding modern AI-driven protection to prevent zero-day fraud and ensure every transaction is fast, secure and reliable.”

About INETCO

Outsmart fraudsters, stay compliant and keep customers safe with INETCO. Monitoring more than 100 billion transactions annually, INETCO is the trusted choice for financial institutions, fintechs and payment service providers worldwide to deliver the payments reliability and security that all people deserve — every moment, every day. Embrace the power of end-to-end visibility, AI-driven behavioral modelling and real-time fraud prevention to secure unparalleled confidence in every transaction. www.inetco.com

Media contact

Kathleen Reid
media@inetco.com

The post Alhamrani Universal, Stanchion Payments and INETCO team to fight payment fraud across the Middle East appeared first on INETCO Payment Security Solutions.