LLM-Assisted Authentication and Fraud Detection

TL;DR

This paper presents LLM-based methods for authentication and fraud detection that improve flexibility, reduce false positives, and adapt to new scam tactics without retraining, enhancing security workflows.

Contribution

Introduces two novel LLM-enabled solutions: semantic-based authentication and a RAG-based fraud detection pipeline, improving robustness and adaptability over traditional methods.

Findings

Authentication accepts 99.5% of legitimate answers with 0.1% false acceptance.

Fraud detection reduces false positives from 17.2% to 3.5%.

LLMs enhance usability and robustness in security workflows.

Abstract

User authentication and fraud detection face growing challenges as digital systems expand and adversaries adopt increasingly sophisticated tactics. Traditional knowledge-based authentication remains rigid, requiring exact word-for-word string matches that fail to accommodate natural human memory and linguistic variation. Meanwhile, fraud-detection pipelines struggle to keep pace with rapidly evolving scam behaviors, leading to high false-positive rates and frequent retraining cycles required. This work introduces two complementary LLM-enabled solutions, namely, an LLM-assisted authentication mechanism that evaluates semantic correctness rather than exact wording, supported by document segmentation and a hybrid scoring method combining LLM judgement with cosine-similarity metrics and a RAG-based fraud-detection pipeline that grounds LLM reasoning in curated evidence to reduce hallucinations and adapt to emerging scam patterns without model retraining. Experiments show that the authentication system accepts 99.5% of legitimate non-exact answers while maintaining a 0.1% false-acceptance rate, and that the RAG-enhanced fraud detection reduces false positives from 17.2% to 3.5%. Together, these findings demonstrate that LLMs can significantly improve both usability and robustness in security workflows, offering a more adaptive , explainable, and human-aligned approach to authentication and fraud detection.