Fraud is becoming more sophisticated, more coordinated, and harder to contain.
Speakers from Payments Canada, Symcor, Okta, EQ Bank and Questrade examined how the threat landscape is shifting, and whether businesses are equipped to respond at Open Banking Expo Canada on March 5.
The discussion made one thing clear: fraud in an Open Banking world is not just increasing, it is changing in nature.
Stephanie Zee, chief product officer at Payments Canada, opened the session by highlighting a growing dual risk. While new APIs introduce technical vulnerabilities, the greater challenge may lie in “human hacking”, where fraudsters exploit behaviour, urgency and trust, rather than systems alone.
This shift is already visible across markets. Tanya Woods, managing director, government and regulatory affairs and policy counsel at Questrade Financial Group, noted that every major technological evolution, from early internet platforms to crypto, has followed a similar pattern. New infrastructure creates new opportunities, and fraud evolves alongside it.
What makes the current moment different is the addition of AI.
From deepfake impersonation to increasingly convincing scams, fraud is becoming harder for consumers to detect. Even basic protections, such as recognising a legitimate website or communication, are being undermined.
As a result, the panel stressed that fraud prevention can no longer be treated as a purely technical challenge.
Data sharing as a defence
Consumer-Driven Banking introduces new risks, but it also creates new tools to combat them.
Jay Lu, director of product at Symcor, pointed to the role of data sharing in improving fraud detection, particularly when insights extend beyond a single institution. By combining signals across organisations, patterns can be identified earlier and with greater accuracy.
However, he cautioned that data sharing alone is not enough. Effective fraud prevention requires a multi-layered approach, combining rules-based detection with more advanced behavioural analysis.
Tushar Tyagi, director of product at EQ Bank, expanded on this, highlighting two key advantages of Open Banking. First, it enables richer data context, allowing institutions to understand customer behaviour beyond their own boundaries. Second, it supports real-time data exchange through APIs, enabling faster decision-making in environments where transactions must be approved in seconds.
In practice, this represents a significant shift from today’s largely siloed and often delayed fraud detection processes.
The challenge of balancing security and experience
While stronger controls are essential, the panel was clear that they cannot come at the expense of customer experience.
Symcor’s Lu said: “In an API world where fraud is being detected in real time, how do we make sure that consumers continue to have a satisfactory banking experience, even if a transaction has been denied or put on hold?
“I think as a group working in the service provider space and the banks who are my clients, connectively we need to build the use case centered around customers.”
Tyagi explained: “The right customer experience and security controls, these are not mutually exclusive. If one goes up, the other doesn’t go down. Strong controls, they don’t add bad user experience, bad technologies do add bad user experience.”
Instead, poor technology choices are often responsible for friction.
Moving away from outdated methods, such as screen scraping and password-based authentication, can simultaneously improve both security and usability.
Emerging approaches, including adaptive authentication and passkeys, were highlighted as examples of how this balance can be achieved. Lower-risk interactions can remain seamless, while higher-risk transactions introduce additional controls.
However, this requires careful design.
“It’s that customer view, the customer lens. I really like the name… Consumer-Driven Banking,” said Luis Santos, senior solutions engineer at Okta.
“So, in our world of identity, we’re always trying to find that balance. It’s the convenience versus security. And as you said, you can’t put one up and the other one goes down.”
Santos continued: “When we think of identity and customers and being able to complete transactions, it is that taking everything we just talked about – how someone logged in, what modalities they have available, data sharing, third-party risk signals… So after login, before they complete a transaction, and then augmenting that with strong customer authentication.
“What you get then is high security and an amazing user experience.”
As Zee noted, consumer expectations have shifted significantly. In an environment where users expect instant responses, even small delays can lead to frustration or abandonment. This creates a tension between speed and safety that organisations must actively manage.
“If it’s a riskier transaction, we need to set the expectation that there will be some good friction in order to ensure that your transaction is safe and sound and it’s going to the right place,” Zee added.
A broader ecosystem problem
One of the most striking themes of the session was the scale of the challenge.
Woods emphasised that fraud cannot be addressed by financial institutions alone. The ecosystem extends far beyond banks and fintechs, encompassing governments, telecom providers, internet service providers and global technology platforms.
At present, these actors are not fully connected.
Government agencies hold valuable intelligence, but data sharing between departments remains limited. Similarly, private sector organisations often lack the ability to share information with each other in real time due to legal and regulatory constraints.
This fragmentation limits the effectiveness of fraud prevention efforts.
“We need interoperable systems that can just automatically share the data,” Woods noted. “And on top of it, we actually need to bring our consumers into the story with us. We need to think of how we’re going to reward them for helping us catch a problem early.”
Further reading: Digital identity: The foundation of trust in a data-driven economy
