Stolen credentials, synthetic identities, account takeovers and first-party abuse can all look ‘legitimate’ if you rely on a single identity check. At the same time, aggressive controls create friction, false positives and lost revenue...
That’s why leading merchants at the Fraud Prevention Summit are moving beyond one-off Know Your Customer (KYC) style verification towards a layered decisioning model: combining identity verification with behavioural signals, device intelligence and transaction analysis to make more accurate calls and reduce unnecessary challenges for genuine customers.
Identity verification is necessary, but rarely sufficient
Document checks and selfie verification still play a role, particularly for high-risk categories, high-value orders or regulated products. But fraudsters increasingly work around static identity steps: using mule identities, compromised documents, or accounts that were verified months earlier.
Best practice is to treat identity verification as one input in a broader risk picture, not the single gatekeeper.
Behavioural biometrics: detecting intent, not just identity
Behavioural analytics helps answer the question: does this user behave like a genuine customer? It looks at interaction patterns such as typing cadence, mouse movement, touch pressure, scrolling behaviour and navigation flows.
These signals are hard to fake at scale and particularly effective against bots, credential stuffing and scripted fraud journeys. Just as importantly, behavioural models can reduce false positives by recognising normal customer behaviour even when other signals look unusual (e.g., travelling, new device, or urgent purchase).
The key is transparency and governance: behavioural data should be used proportionately, with clear privacy controls and a focus on risk moments rather than always-on monitoring.
Device intelligence: building a “known good” baseline
Device fingerprinting and device reputation tools allow merchants to recognise repeat customers and flag suspicious patterns, such as:
- many accounts created from a single device
- device changes immediately before high-value purchases
- emulator or tampered device indicators
- risky network signals (certain proxies/VPN patterns)
For omnichannel retailers, device intelligence also supports continuity across web and app experiences, helping teams build a more reliable view of customer trust over time.
Leading merchants use device intelligence to reduce friction: trusted devices glide through, while unknown or high-risk devices trigger step-up verification.
Transaction analysis: context is everything
Even a verified identity and “normal” device can be used for fraud if the transaction context is wrong. Transaction analytics layers in signals such as basket composition, delivery choices, payment retries, velocity, return history and dispute patterns.
This is particularly important for first-party fraud and friendly fraud behaviours, which often emerge in post-purchase journeys. By linking identity and transaction history, merchants can apply controls where loss exposure is highest, such as expedited shipping, reship requests, gift cards, or unusually high return rates.
The 2026 model: risk-based orchestration and step-up checks
The most effective approach is orchestration: start with low-friction checks, then step up only when risk increases. For example:
- Low risk: allow through based on trusted device + normal behaviour
- Medium risk: request additional verification (one-time passcode, knowledge check, bank-linked verification)
- High risk: require stronger proof (ID verification, manual review, delayed fulfilment)
This reduces false positives by avoiding “always verify everyone” policies, while still blocking high-confidence fraud.
Better decisions, better outcomes
Winning merchants are not those with the toughest gates: they’re the ones making smarter decisions. By combining identity verification, behavioural data and device intelligence, fraud teams can stop more attacks, challenge fewer genuine customers, and build a security posture that scales with growth.
Are you searching for Digital Identity Verification solutions for your organisation? The Fraud Prevention Summit can help!
Photo by Vitaly Gariev on Unsplash
