Your strongest defence against Buy Now Pay Later and loan fraud is already installed in your customer’s device.
BNPL and loan providers live or die by trust and user experience – one security slip can undo it all. XConnect’s approach uses what every customer already has: their SIM. It transforms the mobile network into a live, invisible layer of verification – frictionless for users, impossible to fake, and perfectly aligned with the speed and scale of modern payments and lending.
First-party fraud accounts for all reported 2024 fraud
0%
Source - Lexis Nexis
Fraud solutions used for new BNPL account abuse
0%
Source - Riskseal.io
UK BNPL sector growth rate in 2024 (now ~ £20.5bn)
0%
Source - Pyments.com
Four Ways Fraudsters Are Breaking Your Security - and Customer Trust.
BNPL providers and lenders are under siege from every angle – and the attackers are getting smarter with AI to help them.
- Identity theft – fraudsters exploit every weak link in verification, posing as real customers to drain accounts and damage trust.
- SIM swap fraud – a single call to a mobile operator and suddenly your customer’s number, and their one-time passcodes, belong to someone else.
- Phishing and man-in-the-middle attacks – slick, convincing scams that don’t just trick users, they bypass entire security systems in real time.
- Generative AI threats – deepfake voices, cloned identities, and synthetic data make even the best biometric checks look outdated.
The result? A battlefield where traditional defences are no longer enough – and the strongest line of defence now lies in the network itself.
How XConnect solves what lenders struggle with
BNPL platforms and lenders don’t need another security layer – they need one that actually works. XConnect delivers exactly that, using the most trusted element in mobile communication: the SIM.
The SIM is already in every customer’s pocket – silent, universal, and hardware-secure. XConnect turns it into a real-time source of truth, powering authentication and verification that can’t be hacked, spoofed, or socially engineered.
Unhackable and unspoofable, this is security at the network level, invisible to users, impossible to fake, and built for the realities of contemp lending.
SAFr Auth – the end of 2FA as you know it
Lenders have spent years layering on authentication. Passwords, PINs, OTPs – all designed to keep fraud out, yet all dependent on the weakest link in the chain: people. SAFr Auth changes that.
Built on the cryptographic security of the SIM and eSIM, it verifies identity directly with the mobile network – not the user. No codes, no passwords, no prompts to click or approve. Just instant, silent, network-level authentication.
It can’t be phished, spoofed or tricked. And because the customer does nothing, there’s nothing for criminals to exploit. SAFr Auth takes the human out of the login – and fraud out of the equation.
MPM KYC Match – instant, accurate, network-level verification
Lenders live or die by the quality of their KYC data. MPM KYC Match gives them something no document scan or database lookup can – verified identity direct from the mobile network.
It cross-checks customer details like name, address, and date of birth against live operator records in seconds, confirming that the person holding the phone is who they claim to be.
Combine it with SIM Swap and other network checks, and you get full KYC and AML assurance in a single API call – fast, compliant, and fraud-resistant.
For customers, onboarding becomes effortless. No endless forms, no back-and-forth reviews – just real-time verification that works silently in the background, cutting friction and fraud in one move.
Account Takeovers - How fraudsters become your customers
SIM Swap Check – stop fraud before it starts
Every major fraud begins the same way – with control of a customer’s number. SIM Swap Check from XConnect detects the takeover in real time, before loan approvals are made.
It works at network level, monitoring SIM changes live through direct operator connections and feeding that intelligence straight into your risk engine. If a SIM has been swapped, you know instantly – and can block, flag, or step up authentication before a fraudster gets in.
Call Forward Check – the invisible threat banks can’t afford to miss
Even when a SIM stays the same, fraudsters can still hijack calls. By secretly activating unconditional call forwarding, they redirect incoming calls – including OTPs, fraud alerts, and call centre callbacks – straight to their own number.
XConnect’s Call Forward check spots this instantly. It verifies, in real time, whether a customer’s calls are being diverted and flags suspicious activity before a transaction is approved. It’s a simple check that shuts down one of the most dangerous, low-effort attacks in lending fraud today.
SAFr Pulse – fixing BNPL or loan onboarding at the source
BNPL platforms and lenders' success can be measured by their bysuccess at onboarding. Every false positive, every abandoned signup, every fraudulent account eats into conversion and trust. Traditional data checks are slow, patchy, and expensive – and when the data’s wrong, the damage spreads fast across every system that touches it.
XConnect’s SAFr Pulse changes that. It utilises live mobile network intelligence to verify customer data in real–time, ensuring that a number is active, reachable, and genuinely belongs to the person entering it. By tapping directly into operator-level signals, SAFr Pulse exposes bad data before it pollutes your customer base.
In milliseconds, lenders gain a live picture of user authenticity – detecting fake, inactive, or recycled numbers that lead to fraud, churn, and wasted marketing spend. The result: cleaner onboarding, higher conversion, less fraud and lower acquisition costs.
SAFr Pulse gives lenders something they’ve never had before – confidence in every mobile number at the moment it’s entered. No friction, no guesswork, no dead ends. Just real customers, verified instantly, from the network itself.
1. Unbreakable by design
The SIM’s cryptographic security lives in hardware, not software, making it resistant to cloning, spoofing and remote attacks. It’s the most proven, tamper-resistant chip in every customer’s pocket – trusted by regulators and built for fintech-grade protection.
2. The source of truth
No screenshots, no selfies, no guesswork. The SIM connects directly to the operator’s network, confirming the real identity behind the mobile number in real time. When it says a customer is genuine, fintechs can believe it.
3. Immune to device compromise
Because the SIM operates outside the phone’s OS, it’s isolated from malware, rogue apps and compromised browsers. Even if a customer’s phone is infected, the SIM’s identity signal remains clean, secure and verifiable.
4. Ready-made cryptography
Every SIM or eSIM carries its own secure keys for encryption, authentication and signing – built into the chip. lenders and BNPLs can use this hardware-level trust to authenticate users and authorise payments without relying on vulnerable software tokens.
5. Global coverage, instant reach
XConnect’s operator partnerships span billions of active SIMs worldwide. Whether onboarding a new customer or verifying a transaction abroad, BNPL platforms and lenders get the same instant, compliant, and high-assurance checks across every network and geography.
6. Frictionless for customers
No passwords, no OTPs, no QR codes. SIM-based verification happens silently in the background, turning security from an obstacle into an advantage – safer for lenders and platforms, effortless for customers, and finally human-proof.
Not just fraud prevention – You’re building trust that lasts
XConnect is transforming how BNPLs and lenders protect, verify, and engage their customers. Using the intelligence already built into every SIM and eSIM, we turn the mobile network itself into a live source of truth – verifying identity, detecting fraud, and authenticating users instantly and invisibly. This isn’t another layer of security – it’s a complete shift in how platforms fight fraud and build loyalty. From stopping SIM swap attacks to blocking account takeovers before they happen, our solutions protect customers without slowing them down.
The result? Stronger security, smoother journeys, and customers who actually trust the process. In a world where every login, payment, and loan application counts, XConnect helps lenders and Buy Now Pay Later providers deliver both safety and simplicity – two things your customers will never leave you for someone else.
Partners
XConnect works with the industry’s leading Identity vendors. Be part of our exclusive partner network and add best-in-class mobile identity services to your portfolio
Operators
Already on six continents, we’re on a mission to provide truly global mobile identity coverage, Unlock your network’s potential by working with XConnect.