The increasing digitisation of financial services has brought both opportunity and risk. Among the most pressing challenges US banks face today is a dramatic rise in fraud during online account openings. While digital banking enables faster, more convenient customer onboarding, it has also opened the door to even more sophisticated attacks—driven primarily by artificial intelligence (AI). Cybercriminals are now exploiting generative AI, deepfakes, and social engineering tools to bypass traditional verification systems, leaving financial institutions scrambling to secure their front doors.
According to 2024 data, identity fraud cost US consumers a staggering $47bn, up $4bn from 2023, with synthetic identity fraud as one of the fastest-growing threats. While this figure reflects identity fraud across all sectors and not banking specifically, it underscores the broader landscape in which synthetic identity fraud—one of the fastest-growing threats—has become a pressing concern for financial institutions. As US banks push for more seamless digital experiences, they must also adapt to this evolving fraud landscape or risk losing customer trust, financial stability, and regulatory compliance.
Go deeper with GlobalData
AI is powering a new class of fraud
Unlike traditional fraud tactics, AI-powered schemes operate with alarming realism and scale. Fraudsters today are using generative AI tools to craft synthetic identities—combinations of real and fictitious personal data that mimic legitimate applicants. These identities often evade detection by outdated verification systems reliant on static data points like social security numbers or past addresses.
Equally concerning is the ongoing rise of deepfake technology. In 2024, there was a reported 1,300% increase in deepfake attacks compared to the previous year, with bad actors using AI-generated video and voice impersonations to bypass remote onboarding systems. These techniques allow fraudsters to simulate live video calls, fool identity checks, and even deceive customer service agents or facial recognition systems.
Another emerging trend involves injection attacks, where hackers infiltrate mobile banking or onboarding apps and feed fraudulent images or video into the identity verification process. These attacks are particularly dangerous when criminals gain access to an app’s camera interface and override it with pre-recorded or manipulated footage. Unlike traditional deepfakes, injection attacks can bypass even advanced liveness detection and biometric verification systems, making them a growing concern for mobile-first financial services.
AI-powered phishing bots and advanced social engineering tactics are also being used to gather information or directly manipulate customers into disclosing sensitive credentials. Once an account is fraudulently opened, instant payment platforms allow criminals to quickly move funds, often before banks have any chance to flag or halt the transactions.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataBut the threat doesn’t stop there. Evolving malware such as “banking trojans” and “keyloggers” are targeting online applications and capturing credentials mid-process. The increasing use of digital wallets has further expanded the attack surface for financial institutions.
These developments are occurring in tandem with rising supply chain risks. Many banks rely on third-party vendors for identity verification, document processing, or onboarding services—often without full visibility into those vendors’ cybersecurity measures. This creates additional blind spots where attackers can slip through.
Global lessons and emerging solutions
To counteract these trends, US banks must look to international examples where stronger identity frameworks have helped reduce fraud. In regions like the EU and parts of Asia, financial institutions and governments have implemented digital identity ecosystems anchored in biometrics, eIDs, and real-time document authentication. Countries like India, for instance, have successfully embedded digital identity verification into public and private sector services, which has curtailed fraud and built citizen trust in online platforms.
Biometric authentication—including facial recognition, fingerprint scans, and voice analysis—adds a dynamic layer of verification that is difficult for even AI to replicate convincingly. Combined with liveness detection (which ensures that a human, not a spoofed video or image, is present), this technology can block deepfake and synthetic identity attacks at the point of onboarding.
Equally important is real-time document authentication. This involves verifying government-issued IDs against live camera feeds and secure databases, using forensic analysis to flag signs of forgery. When integrated with biometric systems, document checks provide a multi-factor authentication framework that drastically reduces fraud risk.
For financial institutions, this means investing in identity solutions that are interoperable across both digital and in-person channels. A customer who opens an account online should be subject to the same level of scrutiny as one who walks into a branch. Unifying these systems not only improves security but also helps banks deliver consistent and trusted customer experiences.
Compliance is another key driver of security investment. Regulatory bodies are placing increasing emphasis on Know Your Customer (KYC) processes, customer due diligence, and fraud prevention. The Financial Action Task Force (FATF) and EU’s AML Regulation are examples of frameworks pushing banks to modernise their onboarding and verification systems. Rather than view compliance as a constraint, forward-looking institutions see it as a roadmap for digital change.
Future-proofing onboarding and rebuilding trust
The cost of fraud goes far beyond monetary loss, as it erodes customer confidence. In a time when consumers expect seamless and secure experiences, a single data breach or wave of fraudulent account activity can permanently damage a brand’s reputation. According to industry data, 90% of consumers say security is their top priority when opening a bank account online, surpassing convenience and speed.
To reassure customers and regulators alike, US banks must take proactive steps. Investing in next-generation identity verification platforms is a significant piece. These systems must be capable of detecting not only known fraud patterns, but also subtle anomalies that indicate emerging threats.
Education is also important—both for customers and employees. Customers should be informed about new authentication measures, how their data is protected, and how they can report suspicious activity. Employees, especially those in customer service and onboarding roles, must be trained to recognise deepfakes, manipulated documents, and social engineering tactics.
Ultimately, the key to combating banking fraud lies in building layered, adaptive security—integrating real-time identity verification, biometrics, behavioural analysis, and threat intelligence into a unified platform. This approach not only meets evolving regulatory demands but also positions banks to scale digital operations without sacrificing trust.
Edgar Salib is the Global Vice President of Veridos America, a joint venture between Giesecke+Devrient and Bundesdruckerei
