Financial institutions have spent years building sophisticated fraud detection systems, but the economics of fraud are still moving in the wrong direction.
Global fraud losses for banking institutions are projected to climb from $23 billion in 2025 to $58.3 billion by 2030, and much of it comes down to a fundamental problem with how the industry approaches prevention.
While most of the attention goes toward strengthening authentication and transaction monitoring, attackers are increasingly exploiting the moments before either of those controls comes into play.
Candescent, the digital banking platform serving more than 1,300 financial institutions and over 30 million registered users, is moving to close the gap. The company recently partnered with Memcyco to bring real-time scam and digital impersonation detection into its Intelligent Banking platform, giving its clients earlier visibility into threats before they lead to account takeover or fraud losses.
Fraud Happens Before the Login
Fraud protection in the banking industry focuses primarily on two moments: when a customer logs in, and when they make transactions. That makes sense when the most visible fraud signals appear inside the bank's own digital environment.
But most fraud attempts start way earlier, in places the bank does not directly control. It can start with a fake search result, a cloned support page, a text message posing as a fraud alert, or a call from someone pretending to be a bank employee.
While these interactions happen outside the bank's systems, they still shape what later appears inside them. A deceived customer may enter valid credentials, approve an MFA prompt, or initiate a payment in a way that looks legitimate from a traditional fraud-monitoring perspective.
For 2025, the FBI reported more than 5,100 account takeover complaints and over $262 million in related losses, with many incidents involving criminals impersonating financial institutions and customer or technical support personnel to obtain login credentials, MFA codes, or one-time passcodes. What's been missing is the ability to identify and disrupt attacks while they're still happening.
Why the Candescent Deal Matters
Candescent's decision to integrate Memcyco reflects growing recognition that fraud prevention in banking must start earlier, when customers are exposed to impersonation and scam activity.
Memcyco's technology will be integrated into Candescent's experience layer, where financial institutions manage customer interactions across digital channels. The goal is to give banks and credit unions earlier visibility into attacks as they unfold, rather than waiting until unauthorized access or suspicious payments trigger an alert.
Platforms like Memcyco monitor for fake sites and impersonation attempts in real time. As soon as they detect a cloned site, they alert the affected institution and actively disrupt the attack in progress by feeding fake credentials to fraudulent sites while working to take them down.
The Shift from Reactive to Preemptive Fraud Defense
The same thinking is beginning to show up across the wider financial sector. JPMorgan Chase recently committed nearly $14 million to scam-prevention initiatives focused on prevention, consumer education, and real-time detection.
The focus is shifting from simply responding to fraud events to reducing the number of customers who reach that point in the first place. If a bank can detect a fake site, an impersonation attempt, or an exposed customer while the attack is still active, it has a chance to warn the user, disrupt the scam infrastructure, and stop credentials or funds from being abused.
Moving forward, we'll see if the rest of the digital banking industry will move from taking reactive action towards intervening before scams happen to their customers in the first place.
ⓒ 2026 TECHTIMES.com All rights reserved. Do not reproduce without permission.
