Darwinium updates mobile SDKs to detect remote access scam activity

Industry News May 20, 2026 Share Darwinium updates mobile SDKs to detect remote access scam activity Darwinium has announced updates to its Android and iOS mobile SDKs. It enables banks, payment providers, and digital businesses to tackle the proliferation of remote access scams, including those that manipulate live sessions and account farming operations that run mule networks. “Most fraud platforms validate trust at a single moment, typically at login or payment, through device binding, authentication, or a step-up challenge,” said Alisdair Faulkner, CEO of Darwinium. “But agentic-fueled mobile fraud doesn’t happen at specific moments. It happens everywhere, in a complex path of subterfuge. A customer who has legitimately authenticated can still be coached, coerced, or silently observed into moving money. Even behavioral biometrics, when applied as a single check, can miss the moment a screen share starts, or a remote-access tool is activated mid-journey,” Faulkner continued. Darwinium’s SDK detects these signals continuously across the session, including: Live call detection on collaboration platforms: Google Meet, Microsoft Teams, and Slack huddles are increasingly used by scammers to social-engineer victims in real time Screen-sharing detection with context: For example, distinguishing a benign Google Cast to a television from a TeamViewer session that hands control to an attacker. Context is critical because the same underlying signal can represent very different risks With Darwinium, businesses gain visibility into what is actually happening during a session, not just who started it. It looks beyond the moment of cash out, when it’s often too late to prevent fraud. Account farming protection Where scams exploit a single victim, account farming exploits scale. It creates risk across industries by allowing fraudsters to operate multiple accounts from the same device or environment. In banking, this can support mule networks. In gaming and gambling, it can enable collusion rings and attempts to bypass geo-restrictions and in e-commerce and fintech, it can drive promotion and referral abuse. Darwinium’s capabilities now help identify the device evasion techniques behind these operations, such as: App cloning detection: Catching apps duplicated specifically to maintain multiple simultaneous identities Emulator detection: New coverage for iOS apps running on macOS via PlayCover, a growing technique for scaling mobile fraud from desktop environments App integrity checks via component hashes: Identifying repackaged, modified, or cloned applications used to run parallel fraudulent sessions Multiple user profiles on a single device: A low-effort but effective way to run several accounts from the same handset Mock location and GPS spoofing: Faking device location to circumvent geo-restrictions, bonus eligibility rules, and jurisdictional controls Banks in Southeast Asia are already applying these capabilities to identify mule networks at scale, with one of Darwinium’s banking customers linking more than 10,000 mule accounts to their underlying devices through combined device intelligence and forensics. The updated SDKs work within Darwinium’s broader journey-level fraud prevention platform, which unifies device, behavioral, and identity intelligence across every customer interaction. Rather than operating as a standalone device fingerprinting tool, Darwinium’s mobile SDK feeds real-time device integrity signals into the same risk engine that analyses web, API, and behavioral data, giving fraud teams a single, continuous view of trust and risk. More about Darwinium Share