What The Nilson Report Tells Us About the Health Of Payments Systems In The World…
10 April 2026
NILSON REPORT DATA…
A careful reading of the authoritative Nilson Report discloses several telling insights exposed by especially the explosive success of ‘open payments networks’…
It is generally taken for granted - purely as an unexamined assumption - that “more KYC leads to more trust that leads to less fraud”
Nilson Report data however discredits that assumption…
While consumers are increasingly being burdened with ‘KYC bloat’ - usernames, login names, passwords, secret answers, biometrics, 2FAs/MFAs, CAPTCHAs, device binding… Nilson estimates that global fraud losses from card transactions alone nevertheless range somewhere between $28-30 billion annually, projected to exceed $40 billion over the next few years
This suggests something really interesting: fraud scales with transaction volumes - fraud is not inversely affected with identification controls
In other words… KYC does not eliminate fraud - it merely succeeds in taxing legitimate users while fraud persists
THE INCONVENIENT TRUTH…
The inconvenient truth is this: the system is just not winning its battle against fraud - instead, it merely succeeds in socialising its cost across all consumers
Some industry actors boast that “the rate of fraud (bps) is stabilising” or even “improving” - that is little comfort to Portia Mngomezulu - a client of MTN (South Africa) who recently lost approximately R94,000 after fraudsters executed a SIM swap, intercepted her OTPs and emptied her bank account
Rather than confronting absolute losses that continue to rise exponentially, they (disingenuously) hide behind rates that are skewed by a rapidly growing denominator - explosive transaction volumes
In the case of Portia Mngomezulu, the system did not fail because of insufficient identification - it failed because identification cannot establish identity
In other words - merely knowing who someone says he/she is, does not mean that the someone actually is who he/she says he/she is!
IDENTIFICATION vs IDENTITY…
All KYC measures merely attempt to confirm a claim to identity - they do not (and cannot) prove identity
As this one example (and it is not an edge case) demonstrates, it is not because the victim failed the system - she dutifully complied with every KYC demand imposed upon her by MTN…
Rather, the system failed her
The conclusion is just this: the payments industry has optimised everything… except the one thing that matters: knowing who the person actually is!
QiD solves the problem of identity theft/fraud by neuromorphically grounding identity, not in any form of user attestation or feature vector or derived biometric representation, but in the unique distinctiveness of the person behind the interaction instead
QiD simulates how we as humans identify people
