[/tools/fraud]

bot vs fraud farm
velocity / impossible-travel
device reputation

velocity & device-reputation

the money / account lens · taxonomy as-of 2026-06-15

bot detection vs fraud farms

bot detection asks 'is this a real browser driven by a real person?' fraud detection asks 'will this account cost money or take an account?' those are different questions, and the second one is the one that pays. the answer is reputation and velocity over accounts and time, not a fingerprint of a single session - because the hardest adversary is not a bot at all. a human fraud farm is real people on real phones with real fingers: every behavioral-biometric, captcha, and environment check passes, because there is nothing synthetic to catch. so the money lens leads with what the farm cannot cheaply rotate - the device's history, the velocity across accounts, the impossible-travel physics, the money-movement shape - and prices each fake identity until the abuse margin disappears.

as-of 2026-06-15

it is a different question

'is this automation?' and 'will this take an account or cost money?' do not have the same answer. a logged-in human on a clean browser can be committing account takeover; a headless scraper can be harmless. bot detection scores the session; fraud detection scores the identity and the action.

human fraud farms beat bot detection

the strongest adversary is real people doing the clicks: a room of operators on real phones over residential ip, paid per account. there is no synthetic kinematic to flag, no forged environment, no failed captcha - every bot signal passes because none of it is a bot. fingerprinting and behavioral biometrics structurally cannot catch a real human, which is precisely why the money lens exists.

device-reputation and velocity catch what fingerprinting cannot

a fingerprint describes one session. device-reputation and velocity reason across accounts and time: the device's history, how many accounts share it, how fast they were created, whether the geo-trajectory is physically possible. a human farm can pass every per-session check yet still betray itself in the fan-out, the velocity, and the shared cash-out path - the dimensions it cannot cheaply rotate.

the goal is to price the abuse, not to block the bot

you cannot make fraud impossible; you make it unprofitable. each reputation and velocity signal raises the per-account cost (a fresh aged device, a clean residential ip, a real-carrier number, a unique mule) until the cost of a fake identity exceeds what abusing it earns. fraud detection is economics, not a binary verdict.

the five lenses

each lens reasons across accounts and time, not over a single session. the rotation a fraud farm runs to escape one is the cost another re-imposes.

go deeper

→ ai-agent detection the human-operator / vlm lens: when the driver is a real person, not a bot.
→ bot-detector intel what each detector's loader probes to build a device id.
→ network details the ip / asn / proxy reputation view behind network-reputation.