SIBS ROMANIA’s Post

As you probably heard recently the Vietnam’s State Bank is stepping up its fight against fraud by mandating facial biometrics for financial services. This has already led to the closure of 86 million bank accounts that failed biometric verification. Many account holders—especially foreign customers living abroad—suddenly found themselves cut off. To keep their accounts open, they literally had to fly back just to scan their faces and provide valid IDs. They couldn’t do it remotely because they provided non-biometric IDs during initial onboarding for KYC/AML compliance, and that was fine back then. If you look at the State Bank of Vietnam’s guidance carefully, now they are actually using two flows—(1) for users with biometric IDs, remote verification is available, but (2) for holders of non-biometric IDs, it’s forbidden. This is another sign that regulatory authorities worldwide are taking biometrics very seriously due to massive fraudulent activity. Some in the crypto space see this regulatory requirement as an argument against traditional banking—but the deeper issue is about digital identity and trust in general. Strong protection is vital, but it must be implemented with inclusion in mind. Otherwise, you risk undermining loyalty and losing customers. When it comes to security, the best practice here is a multilayered approach that goes beyond facial recognition alone. It should start with identity document verification—ideally, biometric documents, so the data stored in the RFID chip can also be checked—and then add liveness checks and other safeguards. The main issue with single-layer reliance (facial biometrics alone) is future-proofing. Even if today’s systems are robust, there is no guarantee they will remain secure against the next generation of AI-driven attacks. In addition, facial recognition systems are known to produce uneven results across demographics, with higher false rejection rates among elderly users, rural populations, and people with disabilities. The real innovation will come from identity systems that make the whole process seamless, so it’s both secure against fraud and comfortable for genuine users. That's a win-win for all types of finance—banking or blockchain. #IDVnews #Biometrics #BiometricChecks #Banking #KYC #AML #FraudPrevention Sources: https://lnkd.in/dYhejqB6 https://lnkd.in/dUh4VjRY

Cybercriminals are taking deepfake fraud to a new level. iProov has uncovered an iOS video injection tool capable of inserting AI-generated deepfakes directly into devices — bypassing weak KYC systems and exposing fintech apps to large-scale account takeovers. Why it matters for the Philippines: 📌 Over 42 million Filipinos now rely on digital wallets and online banking. 📌 Platforms like GCash, Maya, ShopeePay, and GrabPay are prime targets, given their mobile-first onboarding. 📌 Fraudsters can industrialize attacks, creating thousands of fake accounts for scams, laundering, or rewards exploitation. This discovery signals that simple selfie checks are no longer enough. Multi-layered defenses — real-time liveness detection, MDR, and science-driven biometrics — are becoming mission-critical for fintechs. As the Philippines cements its place as one of Southeast Asia’s fastest-growing fintech markets, will our digital defenses keep pace with AI-driven fraud? 👉 Read here to know more: https://lnkd.in/g-DTJJ_N #FintechNewsPH #iProov #Cybersecurity #FraudPrevention #Deepfake #DigitalIdentity #AIGeneratedDeepfakes

🇨🇦 Last week, Royal Canadian Mounted Police | Gendarmerie royale du Canada announced the largest crypto seizure in Canadian history, dismantling the digital asset exchange TradeOgre and taking control of more than $56 million in crypto. TRM Labs is proud to support the RCMP. For years TradeOgre operated in the shadows, outside the regulatory framework, offering anonymous trading without basic safeguards such as registration with FINTRAC or customer verification. That model, investigators say, turned the platform into a magnet for illicit finance, with the majority of funds flowing through it believed to be linked to criminal activity. The investigation began in June 2024 when Europol tipped Canadian authorities to suspicious activity. The RCMP’s Money Laundering Investigative Team took the lead, mapping out the platform’s infrastructure and piecing together how value moved through it. What they uncovered was a business that ignored AML requirements, enabling users to open accounts without disclosing identity and move millions in assets without scrutiny. TradeOgre became popular with privacy coin users, particularly Monero, but it also handled significant volumes of traceable assets like Bitcoin. Those transactions became the key to the case. Using blockchain intelligence, the RCMP traced wallets tied to the platform and followed flows of value across multiple hops. Despite attempts to obscure the movement of funds, investigators were able to link illicit proceeds from fraud schemes and organized crime networks directly into TradeOgre-controlled wallets. Those linkages provided the evidentiary foundation to obtain lawful seizure orders. Today when users navigate to TradeOgre’s website, they see a message that the platform and its holdings has been seized by the RCMP. Investigators continue to analyze records and transaction histories, and while no arrests have yet been announced, the case is expected to lead to charges as identities behind wallets are uncovered. For Canadian authorities, the seizure is more than a victory in one case. It demonstrates how law enforcement, armed with advanced tracing tools and international cooperation, can follow the footprints left on public ledgers and turn them into actionable leads. The significance of the TradeOgre case reaches across the industry. For exchanges, it underscores that compliance obligations—registration, AML programs, and know-your-customer checks—are non-negotiable. For criminals, it is proof that even platforms designed for secrecy leave trails that can be traced. And for regulators, it is a demonstration that global partnerships, from Europol’s intelligence to RCMP’s enforcement, are critical in confronting financial crime in the digital age.

💥 OTPs are dying. RBI just killed the old guard of payment security. 💥 From April 2026: 👉 2FA becomes mandatory for all digital payments 👉 One factor must be dynamic & unique to each transaction 👉 Cross-border payments get tougher checks 👉 Banks bear full liability if they fail security This is bigger than UPI’s launch—because without trust, there is no digital economy. With Bioauth feature getting launched in Global fintech festival, it's just the beginning. However I feel customer education is again a big driver here. Banks, fintechs, merchants, customers—everyone must adapt. The future of payments in India is passwordless, biometric, AI-driven, and open. Are you ready for life after OTPs? #Fintech #RBI #Innovation #Payments #CyberSecurity

Payments Pulse: How #AI is redefining #Risk in global #payments- Key Insights from Convera Report ✅ In 2023, the financial industry lost $485B globally to fraud ✅In 2023, an estimated $3.1B in illicit funds flowed through the financial system ✅ More than 50% of fraud now involves the use of artificial intelligence, marking a critical turning point in #cybersecurity ✅ Despite cross-border transactions representing only 11% of total card transactions, they account for 71% of card #payment fraud by value, ✅ The use of #deepfakes in attempted fraud has increased by 2,137% over the last three years #Bigdata #Artificialintelligence #Banking #Fraud #Riskmanagement #FinTech #Finserv #Regulation #Regtech #cybercrime Mike Flache Francesco Burelli Tony Moroney Panagiotis Kriaris Dr. Martha Boeckenfeld Prof. Dr. Ingrid Vasiliu-Feltes ®©. Spiros Margaris Alex Jimenez Nicolas Babin Nicolas Pinto Amitav Bhattacharjee Sam Boboev Enrico Molinari Dr. Khulood Almani🇸🇦 د.خلود المانع Efi Pylarinou Monica Jasuja Digital Growth Collective Victor Yaromin Helen Yu Dr. Debashis Dutta https://lnkd.in/gG-e2KWt?

The Reserve Bank of India has issued “Authentication Mechanisms for Digital Payment Transactions, 2025” (dated September 25, 2025), effective April 1, 2026 — a major step toward building secure, interoperable, and user-centric digital payments. Key Highlights Mandatory 2-Factor Authentication (2FA) – Every digital transaction must use at least two independent factors; one must be dynamic (OTP, biometric, or token). Exemptions: Small-value contactless, recurring e-mandates (post-first), Gift PPIs, PPI-MTS, NETC, offline small-value, IATA/GDS. Risk-Based Authentication – Issuers can apply additional checks using behavioral or contextual insights. #RBI #DigitalPayments #2FA #Authentication #FinTech #DPDPAct #Compliance #CyberSecurity #PaymentsInnovation Cross-Border CNP Transactions – Enhanced validation and risk-based mechanisms by Oct 1, 2026.

🇨🇦 🏧 Today CBC released Part 3 of its Feeding Fraud: The Crypto ATM Problem series — an important look at how criminals continue to exploit cash-to-crypto machines across Canada. Looking good David Coffey - and I made the cut! 😉 Today, crypto ATMs are often the last stop for fraud victims—people told by scammers to “just go to the nearest crypto ATM” and send their savings, never to see them again. The investigation highlights a clear issue: the framework for oversight is fragmented. FINTRAC requires registration and reporting, but day-to-day enforcement is challenging given the proliferation of machines and limited resources. The U.K. and Singapore have imposed ID requirements, transaction limits, and even bans until safeguards are in place. While there are few outright bans as compliance pioneer Jim Richards suggested in a comment on my last post, the reality is that we need to find ways to both educate potential scam victims, and ensure robust oversight of the machines. TRM Labs’ blockchain intelligence tools can track and trace these illicit flows, helping investigators connect wallets and uncover networks. But even the best technology depends, in part, on reporting — and that’s where the biggest gap lies. As I explain in the video, the overwhelming majority of victims never contact law enforcement or report their losses through platforms like Chainabuse. That means the visible data represents only a fraction of reality — the true scale of crypto ATM–linked fraud could be as much as 85% higher. Operators argue that tighter rules could stifle legitimate business. But as CBC’s reporting makes clear, voluntary compliance isn’t enough. Without consistent standards — ID verification, transaction caps, and licensing — crypto ATMs will remain one of the easiest tools for laundering fraud proceeds. 📺 Check out the full series here: https://lnkd.in/eXG6zEua And, a little inside baseball ⚾️ from the filming a few months back!

One of the topics I constantly follow - besides Web3 payments (crypto, stablecoins, etc.) - is detecting, stopping, and preventing financial crime. And here, digital identity plays a crucial role. That’s why I tuned into Sumsub’s webinar “Broken identity systems: how fraudsters exploit them—and how to fix it.” It left me with plenty of food for thought: We already have the technology to fight fraud (cryptography, digital signatures can even counter deepfakes); the real challenge is figuring out how and when to use it. I often think of identity platforms as tools to identify or authenticate someone. But the focus should actually be more on entitlements - what someone is allowed to do - achievable through selective disclosures. For example, proving I’m over 18 or entitled to perform a task, without revealing everything about myself (especially if I were, say, an undercover agent 😉). Identity schemes are cultural. Aadhaar works in India, but its model might not apply to Europe. Still, there’s a lot we can learn from it. Building an interoperable, effective, and efficient identity layer requires collaboration between public authorities (for trust), private players (for execution), and standards bodies (for interoperability). And yes - DeFi, crypto, and stablecoins are shaping the next payment infrastructure. The main users of stablecoins will soon be AI agents, so the real challenge becomes designing a cleaner, more efficient market infrastructure that can handle AI identity - not just the identity of the humans behind them. And when you have experts like David Birch mixing insights with humor, you don’t even notice how fast the time flies 🙂 #kyc #digitalidentity #DeFi #AI #Agents #deepfakes #cryptography https://lnkd.in/e49FsjFr

Building Consumer Confidence As real-time payments become the lifeblood of our economy, so too do they become a prime target for malicious actors. For October's fintech reflection, I'm focusing on the bedrock of our digital future: SECURITY. The speed of real-time payments is a double-edged sword. While it offers incredible convenience, it also demands that our defenses are equally swift and sophisticated. How resilient are we as an ecosystem in the face of bad actors and threats? Combating this cannot be a solitary mission. True security is a collective endeavour. This brings me to a critical tool in our arsenal - The Industry Fraud Desk. For it to work as intended, we must move from a concept to committed practice. This requires: 🔒 Breaking Down Silos: Fraud patterns don't respect institutional boundaries. Holding threat intelligence within closed-loop systems only protects the fraudsters, not the public. We must normalize the transparent and rapid sharing of data and attack signatures. 🤝 Active & Open Collaboration: The Fraud Desk should be the central nervous system for our collective defense. This means all players — banks, fintechs and switches must actively contribute data and insights to build a unified, real-time threat picture. 🛡️ From Information to Action: Shared data must translate into shared solutions. By pooling our knowledge, we can move faster to identify vulnerabilities, standardize best practices in authentication and strengthen the entire chain not just individual links. Consumer confidence & trust is the ultimate currency of fintech. It is hard-won and easily lost. Every successful, collaborative defense we mount isn't just stopping a fraud; it's investing in that confidence. The strength of our network is determined by its weakest link. We have to fortify the entire chain, together. #Fintech #Cybersecurity #RealTimePayments #IndustryFraudDesk #Collaboration #NIBSS #FinancialInclusion #ConsumerTrust #Nigeria

🚨 Delhi Police Uncover Cambodia-Backed International Cyber Scam Gang 🚨 A major cyber fraud racket linked to Cambodia was busted by Indian law enforcement, exposing a multi-state scam operation targeting Indian investors with fake IPO promises. This gang laundered crores through mule bank accounts and cryptocurrency wallets, involving sophisticated international money laundering networks. 💸🌍 ▶️Technical Insights: 🔹 The scammers operated from highly secure compounds in Cambodia, controlled by Chinese-backed organized crime groups, making cross-border tracking complex. 🔐🔍 🔹 Forensic experts used advanced digital forensics tools to analyze communication patterns and transaction trails across multiple accounts and crypto wallets. 🖥️🔗 🔹 Cryptocurrency layering and mule account networks added layers of obfuscation, requiring blockchain forensic investigation techniques to trace illicit funds movement. ⛓️💱 🔹 Mobile devices, laptops, SIM cards, and other evidence were seized to reconstruct communication timelines and identify network nodes. 📲💻 ▶️Case Highlights: 🔹 The gang promised high returns on fake IPO investments, duping victims across four Indian states 📈🎭. 🔹 Arrests made in Haryana, Punjab, Himachal Pradesh, and Rajasthan disrupted the transnational scam network 🚓🚨. 🔹 Recovery of Rs 4.25 crore in fraud money traced through mule accounts and crypto platforms, with 13 mobile phones and laptops recovered. 💼💰 ▶️Wider Context: 🔹 Over ₹7,000 crore has been lost by Indian citizens to cross-border cyber scams in 2025 alone, primarily flowing through Southeast Asia hubs like Cambodia. 📉🌏 🔹 The scams involve sophisticated fraud modes including digital arrest scams, task-based scams, and fake stock trading schemes. 🔹 India’s cybercrime challenges include loopholes in banking transaction verifications, ghost SIM card issuance, and weak immigration controls exploited by cybercriminals. At Cyber Intelligence Global LLP, we stress the importance of deep digital forensics, blockchain analytics, and cyber vigilance to counter such threats proactively. Stay informed, secure your digital footprint, and report suspicious activities immediately! 🔐🛡️ 📩 Reach out to explore how we can enhance your forensic toolkit. ➡️ www.cyberintglobal.com | +91-9716638340 | info@cyberintglobal.com #CyberFraud #DigitalForensics #Cryptoforensics #CyberSecurity #IndiaCyberCrime #CIGlobal #FraudPrevention