
Published on: August 19, 2025 Updated 2 times since publishing
With decades of experience tackling some of the toughest security and identity challenges — from serving as Chief Security Architect at Bank of America, to a visiting scientist role at Carnegie Mellon’s Software Engineering Institute, to advising organizations as a contributing analyst at Securosis — Gunnar brings a deep perspective on protecting digital commerce. At Forter, he focuses on enabling merchants to make fast, accurate identity decisions that stop fraud while ensuring legitimate customers enjoy a seamless experience.
In this SafetyDetectives interview, Gunnar shares how Forter leverages real-time signals across devices and behaviors, why identity has become the new perimeter in modern fraud prevention, and how retailers can balance customer trust with protection against increasingly sophisticated AI-driven fraud.
Can you introduce yourself and tell us about Forter?
I’m Gunnar Peterson, Chief Information Security Officer (CISO) at Forter – a provider of AI-powered fraud prevention and identity intelligence. I’ve spent my career working on some of the most complex security and identity challenges, from serving as chief security architect at Bank of America, to a visiting scientist role at Carnegie Mellon’s Software Engineering Institute, to advising organizations as a contributing analyst at Securosis. At Forter, I focus on helping merchants protect digital commerce at scale by making fast, accurate identity decisions that stop fraud without getting in the way of good customers.
How does Forter use real-time signals across sessions, devices, and behaviors to make accurate identity decisions?
Modern fraud prevention depends on combining a variety of signals, such as session data, device fingerprints, user behavior, and transaction history, to accurately identify the person behind each interaction. Forter’s risk models evaluate these signals in real time to distinguish between genuine customers and fraudulent actors. By continuously monitoring identity across the full customer journey, rather than just at the point of sale, companies can detect and block sophisticated fraud attempts, prevent policy abuse, and support innovative customer experiences. This flexible, real-time approach analyzes patterns across a global network, adapts to emerging attack methods, and helps merchants operate confidently in an evolving digital commerce landscape.
What makes identity the new perimeter in modern fraud prevention, and how does identity intelligence work in practice?
As commerce is increasingly conducted beyond traditional network boundaries, identity acts as the frontline defense. Instead of static identifiers, identity intelligence leverages ongoing analysis of user behavior, device signals, and network-wide data to build a continuously evolving profile. This dynamic understanding allows organizations to identify unusual or risky activity as it happens, rather than relying on one-time checks. As fraud tactics grow more sophisticated, treating identity as an adaptive, real-time boundary becomes essential for effective protection and operational resilience.
What are the key challenges in distinguishing between a loyal customer’s AI agent and a malicious bot?
The difficulty lies in separating intent from activity. A customer’s authorized AI agent may execute tasks in ways that resemble automation while being entirely legitimate. Malicious bots often exploit speed, scale, and stolen credentials, but increasingly mimic human-like patterns. Effective differentiation requires understanding the origin, authorization, and behavioral nuances of the actor, along with broader network intelligence to spot coordinated or abnormal activity. Striking this balance is crucial to blocking fraud without interrupting good customers or limiting the benefits AI agents can bring to the shopping experience.
What are the risks for retailers if they misclassify customers — either by blocking good ones or letting in fraudsters?
Incorrectly blocking legitimate customers not only frustrates shoppers but also drives them to competitors, resulting in lost revenue and damaged market position. Meanwhile, the rise of AI-powered fraud tools has dramatically lowered the barrier for attackers, enabling a wide range of bad actors, not just expert criminals, to launch automated attacks across the entire customer lifecycle. These attacks, spanning account creation, takeovers, purchases, and returns, operate at a scale and speed that traditional defenses struggle to counter. Beyond immediate financial losses and operational disruptions, inaccurate classification can skew data insights, weaken marketing effectiveness, and create costly inefficiencies across business functions. Effectively distinguishing genuine customers from sophisticated fraud is critical to safeguarding revenue and maintaining competitive advantage. Retailers that successfully navigate this complex landscape protect their bottom line and position themselves for sustainable growth.
As AI-driven automation grows, what should merchants be doing now to future-proof their fraud prevention strategies?
Businesses should treat automation as both a tool and a threat, investing in systems that can adapt to new behaviors from both legitimate AI agents and malicious actors. Key steps include capturing rich, multi-layered identity signals, leveraging global intelligence networks to detect emerging threats, and implementing adaptive policies that evolve alongside technology. Pairing these capabilities with human oversight ensures decisions remain transparent, explainable, and aligned with changing risk landscapes. It’s also important for merchants to continuously experiment and refine their approaches, as fraud tactics and legitimate use cases evolve quickly in the AI era.