Identity fraud
Fraudsters use fake, stolen, or synthetic identity documents to open new accounts and exploit organizations. In some cases, they combine real and fabricated personal information to create entirely new identities that do not belong to any single real person.FrankieOne detects identity fraud during onboarding by screening email addresses and phone numbers against known fraud networks, and by analyzing device and behavioral signals for patterns associated with fraudulent identities. For example, a mismatch between email age and phone registration date, combined with a device flagged for emulator use, would raise the entity’s risk score. Cross-referencing multiple signals helps identify synthetic identities that may pass individual data checks.Relevant signals: Email check, Phone check, Device signals, Behavioral biometrics, Location check
Account takeover
Criminals use stolen credentials to impersonate legitimate customers and gain unauthorized control of their accounts.FrankieOne identifies account takeover attempts by comparing device fingerprints and behavioral biometrics against the entity’s established patterns. Unusual typing cadence, unfamiliar devices, or sessions originating from high-risk IP addresses trigger additional verification or manual review.Relevant signals: Device signals, Behavioral biometrics, Location check, Activity monitoring
Fraud farms and automated account creation
Organized crime rings use automated scripts, bots, and coordinated human operators to rapidly create large numbers of fraudulent accounts.FrankieOne flags fraud farm activity by detecting multiple accounts linked to the same device or IP address, identifying emulator, remote desktop, and headless browser usage, and recognising automated input patterns. Behavioral biometrics detect bot-driven sessions through signals such as unnaturally consistent typing speed, absence of mouse hesitation, and rapid form completion across multiple sessions.Relevant signals: Device signals, Behavioral biometrics, Location check
Money mule accounts
Accounts are created by recruited individuals to illegally transfer or launder money on behalf of criminals.FrankieOne helps identify potential money mule accounts by screening contact details against fraud provider networks and assessing risk signals at onboarding. High-risk phone numbers (such as VoIP lines), disposable email addresses, and device signals associated with known fraud rings contribute to elevated risk scores that trigger manual review before onboarding is completed.Relevant signals: Email check, Phone check, Device signals, Transaction monitoring, Activity monitoring
Loan and credit application fraud
Loan and credit application fraud occurs when fraudsters apply for loans or credit using false information or stolen identities. They may manipulate financial details or misrepresent their income and employment.FrankieOne helps detect application fraud at onboarding by validating contact details against fraud provider networks and identifying suspicious device and behavioral signals during the application session. Device intelligence flags emulators, VPN usage, and devices linked to multiple applications.Relevant signals: Email check, Phone check, Device signals, Behavioral biometrics
Scams
Scams are a form of social engineering fraud where criminals manipulate people into sharing sensitive information or transferring funds directly to the criminal. Methods include phishing emails, fake investment schemes, and impersonation.While onboarding fraud checks do not directly detect social engineering, activity monitoring can identify unusual session behavior after a scam has been initiated — such as login from an unfamiliar device, rapid changes to account details, or atypical fund transfer patterns.Relevant signals: Device signals, Behavioral biometrics, Transaction monitoring, activity monitoring
Promo abuse and multiple account creation
Individuals create multiple accounts to exploit sign-up bonuses, referral rewards, or promotional offers. This is common in gaming, wagering, and fintech platforms.FrankieOne identifies multi-accounting by detecting multiple sessions or accounts linked to the same device fingerprint or IP address. Device intelligence flags shared devices, emulators, and VPN usage that are commonly associated with promo abuse at scale.Relevant signals: Device signals, Location check