The art of preventing fraud without slowing down business: how to balance security, services, and growth
Season 7 Episode 01
Transcript
Juan José Ríos (Host – Plus TI): Preventing fraud without slowing down business. That is one of the biggest challenges facing financial institutions and fintech companies today: protecting users, maintaining agility, and allowing the business to grow, all at the same time.
Welcome to Mundo Financiero Seguro, the Plus TI podcast. I'm Juan José Ríos, and today we're going to talk about how to strike that balance between security, service, and growth without compromising customer trust or experience.
To explore this topic further, we are joined by Gabriela Alvarado from Monterrey, Mexico. She is the director of operations at Fintech On Demand and leads both the Fraud Prevention Unit and the Customer Service team, which presents her with the daily challenge of protecting without slowing down and growing without exposing herself.
Héctor Morales, product manager for payment methods and transactional security at Plus TI, will also join this conversation, contributing his technological and strategic perspective on this balance.
Thank you both for joining us. Welcome.
Gabriela Alvarado: Thank you very much, Juan José. It is a pleasure to be here with you discussing this very important topic.
Héctor Morales: Thank you very much, Juan José. It's always a pleasure to be with you.
Juan José Ríos: Gabriela, I want to start with you because you work right at the intersection of security and customer experience. From your perspective, how can financial and fintech companies prevent fraud without affecting that experience they care so much about?
Gabriela Alvarado: Of course, Juan José. We often forget to put the customer at the center of everything we do. Institutions grow, and in that process, the fraud prevention area becomes isolated from the product or service, without receiving sufficient feedback. That ends up affecting both security and the customer experience.
I always tell my teams that, even though our job is literally to prevent fraud, we must never forget that the customer is at the center of everything we do. That must be our focus.
And how do we do one thing without affecting the other? First, by getting to know our customers very well. Not by treating them all the same or applying overly cumbersome processes. We need to build profiles by segment: understand typical amounts, transaction times, average ticket size, and type of business.
For example, if a customer normally makes small transactions in physical stores and suddenly there is a wave of large transactions in e-commerce, we will clearly take action. But if we are talking about a customer who, based on their profile, buys flights, books hotels, or rents cars—where the average ticket price is high—an alert should not automatically stop the transaction.
Not all transactions require the same level of friction. If you classify risk by behavior, you can request additional steps only when truly necessary: extra authentication, a push notification, an OTP, depending on how your institution operates.
The key is to prevent this without the customer feeling like it's a barrier, because we know that when a customer can't buy, they're likely to use another payment method and are unlikely to return to using yours as their primary method.
Juan José Ríos: I really like what you mentioned: understanding the customer, what they buy, when, and how. Something that always generates debate is the balance between technology and human judgment. In your experience, what role should each play today to achieve truly effective prevention?
Gabriela Alvarado: I always say that this is based on three pillars: processes, people, and technology. If one is missing, you cannot build a solid foundation.
You can have people with great analytical skills, but without the right technology, you will fall behind. You can have cutting-edge technology, but without clear processes and well-defined policies, it won't work either. And technology is not magic: you have to know how to use it and have the right people to operate it.
Today, there is a lot of talk about artificial intelligence and machine learning, but without the right processes and trained people, none of that generates real value.
Organizational culture is also key. Institutions grow and fragment into silos, which hinders feedback between areas, especially from customer service to fraud. Fostering a culture of prevention—both internally and externally—is essential.
The best anti-fraud strategies work when everyone understands not only what the controls are, but why they are in place. It's not just about stopping transactions, but about protecting the person who is trying to make the transaction. That's where these three pillars come together to build a solid strategy.
Juan José Ríos: Let's talk about growth now. Many companies want to increase authorization levels, move more volume, and approve faster, but without opening windows to risk. How can a company increase its authorizations while remaining protected?
Gabriela Alvarado: That's probably the most valuable question for any business, because that's where profitability lies. If you block transactions for fear of fraud, you lose revenue. But if you authorize them without control, you also lose money. The trick is to find the right balance.
That balance is achieved by making data-driven decisions. The companies that authorize the most are not necessarily the ones that take the most risks, but rather the ones that know their data best: probability models, historical analysis, behavior patterns. That tells you where you can be flexible without compromising too much.
Second, there are the fine adjustments. Not everything is black and white; it's not just a matter of approving or rejecting. You can approve with conditions: limit amounts, request double validation, verify devices, check geolocation, among others.
It all depends on how well you know your customer segment, because that makes control something intelligent rather than a hindrance.
In addition, fraud prevention can be positioned as an improvement in unit economics. When you reduce claims and chargebacks and authorize more valid transactions, you improve profitability per customer. So preventing fraud is not just about protection, but about operating as efficiently as possible.
It is not a question of authorizing more or rejecting less, but rather of authorizing better: allowing what we want to happen to happen, and blocking what we don't want to happen.
And communication with the customer is essential. Today there are many channels: WhatsApp, SMS, email, phone calls. It makes a big difference whether a customer receives advance notification about a compromised card or is faced with a rejection just when they are trying to pay for something urgent. That detail makes all the difference.
Juan José Ríos: Very clear, Gabriela. Now, Héctor, from a technological perspective, how can prevention solutions support that balance between preventing, serving, and growing?
Héctor Morales: Thank you, Juan José. In addition to what Gabriela already mentioned, I would like to highlight some key features of technological support models.
First, systems must use multiple evaluation criteria to correctly profile each customer and avoid triggering alerts when behavior is normal for that profile. Our goal is to trigger few alerts, only when it is really worthwhile, but to detect a lot, combining different detection technologies.
On the one hand, there are expert models, which allow known fraud patterns in the industry to be identified. On the other hand, there is machine learning, which learns from new patterns specific to each institution.
It is very important that investigators correctly classify cases: marking what was fraud as fraud, and what was not as non-fraud. This way, the systems learn, refine their accuracy, and detect better.
It is also essential to generate a risk score, not just an alert. Based on that score, the most appropriate action is defined: block, validate, or allow to continue.
On digital channels, when there are gray areas, we must confirm with the customer in the least confrontational way possible, using methods appropriate for each situation and each profile.
Juan José Ríos: In that sense, Héctor, what must a tool do well in order to avoid becoming an obstacle?
Héctor Morales: You need to fine-tune your detection model: correctly define alert levels, acceptable percentages, frequency of contact with the customer, and performance indicators.
All of this must be measured continuously to ensure that the tool supports the operation and does not become an unnecessary source of friction.
Juan José Ríos: To conclude this section, could you tell us a little more about optimal contact mechanisms and how they support fraud prevention?
Héctor Morales: Of course. The goal is to intervene as little as possible with the customer. If we know that a transaction is normal, we should not contact them. If we are sure that it is fraud—for example, multiple transfers from the same device to different accounts—we must act immediately, block and protect the funds, and only then contact them when appropriate.
We must also be very careful with two-factor authentication mechanisms. Today, there are malicious programs capable of intercepting them, so our systems must identify the most secure method for each case.
Confirmation strategies must be very well structured. If we are going to interact via WhatsApp, for example, the questions must be clear, simple, and robust. If the system does not understand a response because of a capital letter, an accent, or a period, it causes frustration. Ideally, buttons should be used: "Yes" or "No."
I really liked what Gabriela said about not losing touch with the customer. You should always ask if the solution worked as expected.
In addition, we must adapt to customer preferences. Recent studies in Latin America show that 87% prefer WhatsApp as their primary channel, while email is losing relevance.
Finally, detection models can also identify business opportunities. For example, if a customer goes into overdraft because they are facing a medical emergency, offering them immediate support greatly increases their loyalty. We can create rules that not only prevent fraud, but also enable positive experiences at critical moments.
Juan José Ríos: We are coming to the end of the episode. Gabriela, what would be your main conclusions?
Gabriela Alvarado: I have learned several things, but I would summarize them in six points:
- Get to know your customer well. We can't treat them all the same. We need to profile and segment them.
- Adopt a dynamic risk model. Rules must be updated according to behavior, season, product, and profile. What is valid today may be obsolete tomorrow.
- Invest in clear and human communication. Customers must feel confident in who is contacting them and know that it is not another scam.
- Automate repetitive tasks and strengthen critical ones. Technology should free up the team to focus on the most relevant cases.
- Measure what matters. Authorizations, false positives, and chargebacks form the key triad for determining whether your anti-fraud strategy enables or hinders business.
- Build culture, not just processes or technology. We must constantly train, communicate, and provide feedback, because prevention is a daily task and everyone's responsibility.
In summary, fraud is combated with systems, but prevented with purpose. We must take care of the customer, the business, and the team equally. If we prevent better, we serve better, and ultimately, we grow better. Thank you very much.
Juan José Ríos: Thank you, Gabriela. I'll take that away with me: we have to take care of the customer. Héctor, now your summary.
Héctor Morales: Gabriela has already summarized six key points, so I will add one more: the system must be able to accurately measure the level of risk in order to take the appropriate action in each case, issuing alerts sparingly and only when there is a significant deviation from the customer's normal behavior.
Juan José Ríos: Today it became clear that preventing fraud without slowing down business is not a pipe dream; it is a balance that can be achieved when we combine good technology, solid operations, and a customer-centric vision.
We understood that security and service should not compete, but rather work as strategic allies to drive growth.
Gabriela, thank you very much for sharing how this balance is experienced from an operational and customer perspective.
Héctor, thank you also for showing us how technology can be an enabler rather than a hindrance when implemented intelligently.
And to those of you listening, thank you for joining us in this conversation. Your interest and time make this space possible, where we seek to provide clarity and practical tools to address the challenges of fraud in our region.
I'm Juan José Ríos, and this was Mundo Financiero Seguro, the Plus TI podcast.
We'll hear you in the next episode. Until next time.
