Why we built the Truepic Risk Network

Authored by Phillip Denis, Truepic’s Chief Revenue Officer

Some of the world’s largest and most influential financial institutions and service companies rely on Truepic Vision to securely and efficiently digitize their processes today. With over 50 million images and videos securely authenticated and verified from over 150 countries, Truepic’s technology has become a staple in enterprise workflows. 

Last week, Truepic announced the launch of its latest initiative, its Risk Network, the world’s first shared intelligence system for visual and device-level risk signals. This distributed network is the product of years of experience in providing image and data authenticity technology. By testing device and image integrity, Truepic is uniquely able to transform those results into an anonymous, shared intelligence layer that strengthens protection across financial services. The need for such an infrastructure was not always obvious, but evolving and sophisticated fraud patterns helped highlight the necessity for device-level intelligence to mitigate visual risk. 

Similar tactics, multiple victims 

It has been shown that fraud is significantly increasing and the majority of fraud is driven by sophisticated rings, often operating internationally and leveraging AI. The Risk Network is built on a simple thesis: sophisticated fraud actors don’t stop at one institution; they quickly replicate the same tactics across many and in almost rapid succession. Recent studies have shown that fraud rings often target commercial and governmental services using the same personas and tactics. According to Socure, it is estimated that between 2%-12% of all government loan applications come from international fraud rings. 

We saw this too. 

A financial services company focused on business verification using Truepic’s Vision platform flagged suspicious images that were submitted as proof of a business located in a major midwestern U.S. city. The digital media was submitted by the claimed business owner, but the client noticed inconsistencies, most notably that the building in the images did not resemble infrastructure typical of that city. This warranted the client requesting that Truepic take a deeper look at the images and related data. Upon additional scrutiny, we identified other anomalies, such as pictures of screens, all building angles originating from the same vantage point and several images appearing to be photos of other photos. These strange patterns warranted a deeper investigation. 

The Truepic investigation determined that the images and device originated from a sophisticated actor, likely a fraud ring, employing advanced fraud techniques to spoof locations. The fraudulent images were actually coming from Eastern Europe, not the United States. This sophisticated group of fraudsters went to great lengths to cover tracks, such as printing out fake signage to hang on the exterior of their buildings and using advanced spoofing techniques to try and hide their location. 

The review also uncovered that commonalities such as the device profile and location had submitted similar fabricated images to eight other clients in the same industry within the same period of time. Such cases illustrate that fraudsters rarely target a single institution; instead, they exploit their investments in fake personas, businesses, and techniques to attack as many enterprises as possible within a sector, usually in a compressed time period. 

This type of sophisticated fraud does not stop at business verification. We identified similar-style fraud patterns in other industries such as home lending. For example, we saw fraudulent actors recycle and reuse devices and tactics to take out multiple loans from different lenders based on the same property. In one egregious case, a fraudster took multiple loans totaling over $13 million on a property valued at less than $1 million. All loan applications were almost simultaneous or during the same period of time.

For every institution receiving images or an application, they recognized a new application without understanding that this user and the device used to capture these images were associated with past fraudulent transactions. 

Stopping this from happening again 

These cases helped crystallize a key insight: for financial services, effective information sharing is essential to mitigating visual risk in the AI era. Had the Truepic Risk Network been in place, the device used would have been flagged across every financial institution it targeted with the same technique. The alerts would remain fully anonymized, but the shared intelligence would still provide immense value, empowering institutions to preempt fraud, strengthen their defenses, and collectively reduce visual risk across the industry.

The more financial organizations participate, the power and efficacy of this collective shield against fraud will only continue to grow.

The Risk Network transforms isolated defenses into a collective shield. With every new institution that joins, the system becomes more powerful, protecting not only individual enterprises but also the integrity of financial services as a whole.