In conversation with Editor Ankur Sharma, The News Strike, JP Mishra, Founder & CEO of Deep Algorithm, argues that traditional rule-based fraud detection systems are rapidly losing relevance as AI-powered attackers exploit their reactive nature and predictable benchmarks. He highlights that behavioural AI offers a far more adaptive defense by continuously analyzing anomalies in user sessions, keystroke dynamics, device usage, and interaction patterns to predict fraud before it unfolds, without disrupting genuine users.
Responses from JP Mishra, Founder CEO, Deep Algorithm
- Are traditional rule-based fraud systems becoming obsolete in the face of behavioural AI-driven attacks?
Rule-based security approach, while it continues to be used, is fast turning out to be irrelevant as the hackers learn to operate with more agility and AI powered tech. By design rule based systems are reactive, they detect patterns observed in the past. So if a new type of attack is being planned, there is a good chance such systems won’t be able to catch it before an attack actually unfolds. On the other hand, attackers understand this limitation so they take advantage of a battlefield that operates with set rules by studying the patterns and the rule benchmarks to design an attack that can circumvent such security infrastructure.
With AI in cybersecurity, it now gives us a chance to build a more adaptive approach. So we use AI to understand anomalies in the behaviour of the user and its interaction with the system. Our behavioural AI, which doesn’t rely on predefined signatures, instead it continuously monitors ‘normal’ behaviour and looks for subtle anomalies like user session behaviour, key stroke pressure, duration, speed to detect anomalies in real time.
The core limitation of rule-based systems is not accuracy, but speed. By the time new rules are defined and deployed, attack techniques have already evolved. In today’s threat landscape, relying solely on static rules is no longer sufficient—organisations need dynamic, intelligence-driven systems to stay ahead.
2.How reliable are behavioural patterns in predicting fraud before it actually happens?
Behaviour is often the final layer of identity—and one of the hardest to consistently replicate—making it a highly reliable indicator when analysed over time and across channels. Signals such as keystroke dynamics, scroll patterns, and session behaviour can reveal anomalies several interactions before a fraudulent action occurs.
However, the challenge isn’t just about detecting a fraud but it has to be designed in a way where it doesnt affect genuine users. If the burden of the security starts to affect systems’ performance it can lead to dissatisfaction among the real customers leading to business impact.
3.How does I4C-enabled tracking help in actually recovering lost funds, not just identifying fraud?
I4C initiative by the Govt is a potential game changer. It brings together all the key stakeholders— banks, law enforcement and payment networks. When an attack occurs and it results in loss of money, just discovering such an attack is only half a puzzle solved. This is where I4C comes in. By enabling real time coordination and info exchange among the key parties, it can lead to rapid accounts freezing and recovery of the lost funds. The speed of action and providing actionable intelligence matters as in such cases the only winning strategy is to act before threat actors can move the money.
4.What is the real success rate of recovering capital in near real-time, and what makes it possible?
The uncomfortable truth is that recovery rates drop sharply with every passing minute. But with advance AI led security approach, a fraud when detected and acted upon can make recovery a realistic goal. This can be achieved by deploying real time fraud detection tools, automated alert systems and highly responsive inter-bank coordination and collaboration.
5.How are banks redefining “digital trust” in an era of instant transactions and invisible fraud?
Trust is the most important currency in any business. Add digital to it, and it becomes critical because loss of trust is a reputational risk. Thus, in today’s threat landscape, digital trust is not achieved by just one time checking at the login point. It is monitored continuously in the background without hampering the user experience.
With our tech offerings, banks are now able to build this safe environment, where they monitor behavioural activities like app usage, device on which app is being accessed etc to continuously earn their customers’ digital trust.
Their aim is to build a fast and a safe banking environment for genuine customers and quietly adding such checks so that they can protect the interest of their customers if an unfortunate event takes place.
6.What are the biggest vulnerabilities in India’s BFSI ecosystem today?
To put it bluntly, it is human behaviour. Technology can adapted, further refined with tighter controls but one can never fully account for human behaviour integrated with the machine. Thats why social engineering attacks continue to be the biggest concern area as they can still find their way around the most advanced tech defences built into the system.
On one side, mule account ecosystems continue to flourish making recovery of funds even harder and on the other hand, over reliance on OTP led authentication only provides for an exploitable entry point.
7. What are the biggest barriers to scaling deep-tech cybersecurity solutions across markets?
There are several key factors to consider here. It ranges from data and security laws of every country differ from one another, presence of established vendors in those markets make it difficult for new entrants as they have to then go through long procurement cycles, which means scaling a business in a new country can be slow and expensive and geopolitics also plays a role in defining the success of a new company in another country.
Lets examine them in a more nuanced manner.
Scaling in global markets is not just about tech challenge. It is a question of trust, understanding their regulations and real world complexities. Since each country follows its own set of data and security laws, often that means reworking your products even before you enter the market.
Large organisations have a tendency to work with established vendors. This makes is hard for new entrants to breakthrough quickly. They have to go through long procurement cycles and even if they get a chance to work with large companies, the quantum of work outsourced is not a high ticket one, at least in the beginning.
Then comes the threat landscape which differs across regions, that requires security products to be tailored to those regions translating into high costs without any clarity on the returns, specially if you are in a price sensitive market.
On top of all this, geopolitical concerns are always at play. In a nutshell, scaling cybersecurity is not just about building powerful and effective tools but it is also about navigating all the above factors.
8.. If you had to redesign cybersecurity systems from scratch today, what would you do differently?
I would build systems around a Zero Trust approach—where nothing is automatically trusted, and everything is continuously checked in the background, not just at login.
Threat information should be shared across organisations rather than kept private—because fraudsters collaborate, and defending against them requires the same level of coordination.
Also, instead of only protecting the outer boundaries of systems, the focus should be on securing what truly matters, like data and transactions.
Security should be invisible. The best systems keep users safe without slowing them down, ensuring strong protection without adding inconvenience.
.jpg)