SHIELD, recognized as a 2024 Cybersecurity Tech Ascension Award winner, is at the forefront of combating digital fraud with its innovative device-first risk AI platform. In this exclusive Q&A, SHIELD CEO Justin Lie shares insights into the company's approach to fraud prevention, the challenges facing digital businesses, and what the future holds for mobile fraud threats.
Can you provide an overview of SHIELD and its solutions?
Founded in 2008, SHIELD is a device-first risk AI platform that helps digital businesses worldwide eliminate fake accounts and stop all fraudulent activity.
SHIELD identifies the root of fraud - the physical device behind fake accounts - with the global standard for device identification (SHIELD Device ID). This capability, combined with real-time actionable risk intelligence, empowering businesses to stay ahead of new and unknown fraud threats without the need for personally identifiable information. By stopping fraud in its tracks, we help businesses know who to trust and build trust with their users, fostering a healthier platform and more sustainable growth.
Which types of businesses and geography does SHIELD serve?
SHIELD has offices around the globe, including San Francisco, London, Berlin, Bangkok, Jakarta, Bengaluru, Beijing, and Singapore. We serve businesses of all parts of the world across a wide variety of industries - including mobility, digital banking, e-wallets, e-commerce, delivery services, iGaming, and more.
We are trusted by industry leaders like:
inDrive, the second most downloaded mobility app globally;
Mobile Premier League (MPL), one of the world's largest mobile and skill gaming platforms;
Atlas Reality, the top real estate metaverse globally with 1.5 million US players;
TrueMoney, Southeast Asia’s leading fintech brand;
Maya, the #1 digital bank app in the Philippines;
Meesho, India’s fastest-growing e-commerce company with over 120 million monthly active users;
Swiggy, India’s leading on-demand convenience platform.
What are the most significant mobile fraud threats that businesses need to be aware of?
Fraudsters are increasingly targeting mobile apps because of the easy accessibility of sophisticated tools and methods to commit fraud. These tools, readily available on the black market, allow fraudsters to conduct high-velocity attacks, manipulate device profiles, spoof IP addresses, and clone mobile apps, making it challenging for businesses to distinguish between legitimate and fraudulent users. Additionally, open source and deepfake tools are becoming more prolific in the market.
Mobile apps face various fraud threats depending on their industry, each with distinct characteristics and impacts. In the financial services sector, significant threats include account takeovers, where cybercriminals gain unauthorized access to user accounts to steal personal information and funds, and conduct unauthorized transactions or payment fraud.
In the gaming sector, promo abuse, bonus abuse, and collusion are major concerns, with fraudsters exploiting promotional offers and manipulating game outcomes for profit. Common threats in e-commerce are fraudulent purchases and promo abuse, where stolen credit card information is used for unauthorized buys or fake accounts are created to exploit discounts. Online food delivery and mobility services contend with location spoofing, artificial surge pricing, and incentive abuse, impacting operations and introducing unfair advantages.
Why is it important that apps and digital businesses invest in fraud prevention?
Investing in fraud prevention is crucial for apps and digital businesses to safeguard against financial losses, drive growth, and build trust with both users and investors. By mitigating risks associated with unauthorized transactions, account takeovers, and other fraudulent activities, effective fraud prevention protects a business’ bottom line.
A robust fraud prevention strategy supports business growth by eliminating fake users, allowing businesses to focus on serving and engaging with genuine customers. This approach not only improves the quality of user interactions but also ensures marketing and customer acquisition efforts are directed toward attracting legitimate users. With fewer resources wasted on managing fake accounts, businesses can enhance the user experience, build stronger relationships with real customers, and foster a more trustworthy platform.
Ultimately, a secure and trustworthy platform not only drives organic growth and improves overall business performance but also boosts investor confidence, positioning the company for long-term success.
What emerging fraud trends should we anticipate in 2025?
As technology continues to advance, we can expect fraudsters to adopt increasingly sophisticated tactics, posing new challenges for detection and prevention. Several emerging trends are likely to dominate the fraud landscape in 2025, with fraudsters using more AI-driven fraud techniques.
Bypassing KYC Protocols with Deepfakes: Fraudsters may use deepfake technology to create realistic yet fake audio, video, or text for malicious purposes. This includes bypassing Know Your Customer (KYC) checks by generating fake identities, documents, or biometrics. Such tactics could allow them to impersonate customers, open accounts, apply for loans, or access funds, thereby compromising digital transactions.
Enhancing Phishing Attacks with Generative AI: Generative AI will likely be used to create more convincing phishing attacks. By eliminating common errors in phishing messages, AI-enhanced attacks will appear more credible and harder to distinguish from legitimate communications. Additionally, AI can quickly generate sophisticated phishing pages, increasing the likelihood of victims being deceived into providing sensitive information. Generative AI also enables the creation of realistic deepfake content, allowing fraudsters to impersonate executives, employees, or trusted entities, leading to more effective social engineering attacks.
As these trends continue to evolve, businesses will need to stay ahead by investing in advanced fraud prevention strategies and technologies that don’t require personal identification information to protect against these emerging threats.