Case Study: Cashplus stops a £10,000s bot attack with TransUnion TruValidate Device Risk

Fintech Company Cashplus Defeats Bot Attack Worth £10,000s Using Device Intelligence

Cashplus, a UK fintech, faced a sudden bot-driven fraud attack that flooded it with 9,500 fake debit card applications over a few days. Although the applicants’ personal details passed KYC checks, the attack used changing IPs, VPNs, and countries, making blacklisting impractical. Cashplus turned to TransUnion and its TruValidate Device Risk service to identify the campaign.

TransUnion’s solution exposed a common device type behind the attacks, allowing Cashplus to block the fraudulent applications and permanently stop the bot activity. The impact was significant: Cashplus saved an estimated £19,000 in KYC fees, prevented fraudulent accounts from being opened with £2,000 credit lines, and helped protect victims whose identities were being misused.

Cashplus

James Coveney

Fraud and Credit Manager