- Key insight: Passive, real-time call fraud scoring reduced fraud exposure and improved member experience for MSUFCU.
- Expert quote: Fraud strategist Frank McKenna said humans can’t reliably detect deepfakes; banks must use AI defenses.
- Supporting data: Pindrop report found that deepfake calls rose 1,300% year‑over‑year.
Source: Bullets generated by AI with editorial review
As deepfake-driven fraud becomes an increasingly acute issue for financial institutions, one credit union brought in outside help to assist its call center agents in detecting fraudulent deepfake calls.
Processing Content
East Landing-based Michigan State University Federal Credit Union partnered with the security tech company Pindrop, launching its Passport and Protect products in the credit union’s call center in August 2024. Pindrop is an information security company that provides risk scoring for phone calls to detect fraud and authenticate callers.
Colleen Cole, vice president of MSUFCU’s member service center, told American Banker that the $8.26 billion-asset credit union had three goals when it chose to work with Pindrop: reducing fraud without adding friction, increasing operational efficiency to reduce costs and improving the member side of the contact center experience.
“Partnerships are critical to creating a really robust fraud program that doesn’t put friction in the members hands,” Cole told American Banker. “Partners like Pindrop know our organization’s goals and know the type of fraud we’re seeing.”
Between the launch date and September 2025, the 367,000-member credit union traced $2.57 million in avoided fraud exposure from catching deepfake calls.
Frank McKenna, chief innovation officer at Point Predictive and author of the industry blog Frank on Fraud, told American Banker that the $2.57 million figure means that MSUFCU successfully caught close to a quarter of a million dollars a month in known AI-powered attacks.
“$2.57 million on the bottom line is a significant amount for them,” McKenna said. “They have that immediate benefit, but I would expect it to grow year over year for them because these AI attacks are going to be far more frequent,” he said.
Cole said that the credit union’s Net Promoter Score increased by 10% from 57 to 63 immediately after the Pindrop implementation due to an average of 58 seconds cut from authentication time per call.
“There was an immediate jump, and then it’s been maintained and sustained since then,” she said. “The change happened in our data the month following our go-live, and nothing else significant changed in our process during that time.”
The 58 seconds of authentication was previously needed for a call center agent to ask a member manual security questions at the beginning of a connected call. Now, Pindrop’s systems conduct a series of passive authentications on the call before a customer is connected with an agent.
“Instead of relying on those traditional questions, they are able to get a real-time score, and that’s really what helped shorten that average call time,” Pindrop customer success manager Kristapher Massenburg told American Banker. “Once that call comes through, the agent is presented with data which tells them the risk assessment and allows them to adjust accordingly based on what’s presented to them on their agent desktop.”
The August 2024-September 2025 data tracking is the first year that MSUFCU has precisely tracked avoided fraud exposure in its call center. The tracking ability is another reason the credit union brought in Pindrop’s products, according to Cole.
“We didn’t realistically have a system that gave us full visibility into fraud exposure, particularly in the contact center,” she said. “We had a good handle on everything from transactional fraud monitoring, but for what the calls coming in were and what that exposure was, there weren’t great tools for that. The Protect product has helped us start measuring this much more accurately.”
The Department of the Treasury has been warning banks about deepfake fraud
McKenna shared his anecdotal experience of creating a deepfake voice recording of himself and going to industry conferences where he surveyed attendees to see if they could identify the deepfake versus a real voice recording side by side.
“Overwhelmingly, 80% of the people identify the deepfake voice clone as my real voice,” he said. “People cannot tell a deepfake apart. Deepfakes are so good that if you’re a bank or credit union and you’re relying on your analyst or your underwriter or your call center agent to hear a deepfake, it’s an impossible task.”
A 2025
McKenna said smaller financial institutions such as credit unions are now experiencing “big bank fraud problems” that many of them have not faced before.
“They’re being targeted as the big banks start to implement more technologies and get more sophisticated at stopping fraud,” he said. “Fraudsters are targeting credit unions and smaller community banks because they know that they have not invested in the sophisticated technology that the bigger banks have.”
McKenna noted that to tackle this challenge, credit unions and small banks are much more likely to buy a third-party fraud product over building one of their own.
“In the case of these really sophisticated tools, there’s no way that they [MSUFCU] would have been able to create anything close to what Pindrop had,” he said. “The only way to battle fraud in 2025, 2026 and beyond is leveraging good AI to fight the bad AI. Humans will play a critical piece, as they still do, but you have to have some filter up front.”
