RSAC 2026 Innovation Sandbox | Charm Security: AI Anti-Fraud Platform for New Types of Fraud
Company Profile
Charm Security (hereinafter referred to as Charm) is an innovative security company focused on preventing and solving fraud and deception using Agentic AI technology.
RSAC 2026 Innovation Sandbox | Charm Security: AI Anti-Fraud Platform for New Types of Fraud
Company Profile
Charm Security (hereinafter referred to as Charm) is an innovative security company focused on preventing and solving fraud and deception using Agentic AI technology. Founded in January 2025, the company has set up offices in Tel Aviv, Israel and New York, USA. With a core focus on financial security, it has become an emerging force that attracts much attention in this field. In March 2025, the Company completed a seed round financing of USD 8 million led by well-known investment institution Team8. The funds are mainly used for team expansion, product R&D acceleration and industry cooperation ecosystem construction, laying a solid capital foundation for large-scale business development. At present, the Company’s staff size is at the core development stage of 11-50 people [1-2].
In 2026, Charm was successfully shortlisted for the top ten of RSA Conference Innovation Sandbox (Innovation Sandbox), one of the most influential competitions in the global cybersecurity industry, which means that its technical solutions have been recognized by top security experts. The competition is the world’s top cybersecurity startup competition. The jury is composed of senior experts from international financial and technology giants such as Morgan Stanley, JPMorgan Chase, and Verizon. Being shortlisted not only means that Charm’s anti-fraud solutions have been highly recognized by the world’s top security experts and industry organizations, but also wins the company a special investment support of US$5 million for business growth and technological innovation [3].
Founding Team
Charm’s founding team is composed of a group of experts with deep backgrounds in the intersection of cybersecurity, financial technology, artificial intelligence and behavioral psychology.
Charm co-founder and CEO Roy Zur (Roy Zur is a global authority on anti-fraud and cybersecurity, with 20 years of practical experience in combating cybercrime. He served in the 8200 Cyber Intelligence Unit of the Israel Defense Forces for 15 years, at least as an officer. As a senior official, he led cyber intelligence, cybercrime crackdown and related personnel training. During this period, he deeply understood that “human factors” are the core shortcomings of network security, which has become the core logic of his subsequent entrepreneurship. Roy Zur has a dual professional background in law and cybersecurity. After retiring, he served as a legal adviser to the Israeli Supreme Court. In terms of educational background, he graduated from Tel Aviv University with a bachelor’s degree in commercial law and a master’s degree in law. He also received advanced business course training at Wharton School and Harvard University [4].
Figure 1 Charm co-founder and CEO Roy Zur
Chief Technology Officer Avichai Ben has been deeply involved in the fields of data science and AI anti-fraud for many years. He has worked in well-known companies such as Transmit Security and Microsoft and served as the head of data science. He has led and deeply participated in the research and development of AI anti-fraud detection systems for many large enterprises, and has accumulated rich practical experience and technical achievements in the implementation of AI technology, optimization of anti-fraud algorithms, and construction of intelligent risk control systems. He has profound professional accumulation in the fields of artificial intelligence, data modeling, network security risk control, etc., and forms a complementary advantage between technology and industry practice with Roy Zur. The dual professional capabilities and rich experience of the two in the fields of network security and AI have laid a solid technical foundation for Charm’s anti-fraud technology research and development and product innovation, and have also become the core strength support for the team to create an AI-driven social engineering fraud prevention and control solution [5].
Figure 2 Chief Technology Officer Avichai Ben (left)
Evolution of the Fraud Threats
The core focus of traditional fraud detection systems is on transaction anomaly monitoring (such as off-site login, large transfers, etc.) and identity verification links (such as biometrics, multi-factor authentication, etc.), which have effectively resisted the impact of traditional fraud models in the past period of time. However, with the rapid popularization and large-scale application of generative AI technology, the fraud model has undergone fundamental and subversive changes, which are specifically reflected in the following three aspects:
AI-enabled social engineering attacks: With the help of generative AI technology, attackers can quickly generate highly personalized and confusing phishing emails, counterfeit voices and deep fake videos, which greatly reduces the threshold for fraud implementation while significantly improving the success rate of deception, making it difficult for victims to distinguish between authenticity and falsehood.
Large-scale exploitation of human psychological vulnerabilities: The core of fraud has changed from the simple exploitation of technical loopholes to a systematic and large-scale attack on human cognitive biases, emotional weaknesses and social engineering, accurately grasping the psychology of victims and breaking through the cognitive barriers of traditional prevention and control.
Real-time interactive fraud: Scammers maintain continuous and high-frequency interactive communication with victims through real-time communication tools such as WhatsApp and WeChat, and dynamically induce them throughout the process. Traditional detection systems based on fixed rules are difficult to intervene in such real-time interactive scenarios and cannot achieve effective interception.
Urgency of Market Demand
The large-scale and intelligent upgrade of fraud has directly brought huge economic losses and industry pressure. According to statistics, the global economic losses caused by AI financial fraud exceeded USD 1 trillion in 2023 [5]. In this context, financial institutions not only have to bear the main liability for fraud losses, but also face increasingly stringent regulatory requirements around the world-regulators in countries and regions such as the United States, the United Kingdom, the European Union, Singapore, and Australia have successively issued relevant new regulations, further increasing the compensation liability and compliance costs of financial institutions. More importantly, once customers suffer property losses due to fraud, financial institutions will directly fall into a customer trust crisis, which will lead to customer loss and damage to brand reputation, forming an irreparable negative impact. Therefore, building an efficient and accurate new fraud prevention and control system has become an urgent need in the industry.
Insufficient Anti-Fraud Technology Path
Faced with the impact of new types of fraud, the existing fraud prevention and control solutions on the market generally have three prominent limitations that make it difficult to meet the industry’s prevention and control needs. The details are as follows:
Prevention and control lags behind, focusing on post-event response: Most solutions still remain at the level of post-event response. They often have to wait until the fraud is completed, funds are transferred in place, or users suffer actual losses before they will issue a delayed alarm. It is impossible to identify, block and effectively intervene in real time during the implementation of the fraud, and it is difficult to protect the safety of user property from the source.
Insufficient dimensional coverage and lack of psychological prevention and control: Most traditional prevention and control tools only focus on conventional data dimensions such as account information, capital flow, and equipment characteristics. They fail to integrate psychology-related technologies and analysis logic, and cannot effectively identify and deeply analyze key risk signals such as deceptive intentions, emotional manipulation, psychological oppression, and rhetoric induction hidden in communication dialogues. The ability to identify new types of fraud that rely on psychological manipulation is seriously insufficient.
The operation model is inefficient and relies on manpower investment: the overall prevention and control model tends to be labor-intensive. The verification, evidence collection, analysis and disposal of fraud cases often require a lot of manpower to review and judge one by one. Not only is the processing efficiency low and the response speed slow, but it will also generate high operating and labor costs, making it difficult to cope with the increasingly frequent and ever-changing massive fraud scenarios.
It is precisely based on the multiple backgrounds of threat evolution, market demand and technological gaps that Charm proposed “Break the Scam Curse” Spell), committed to building an AI intelligent agent platform that can deeply understand human psychology and achieve real-time intervention to fill the gap in industry prevention and control.
Charm Agentic AI Anti-Fraud System: Architecture, Technology and Practical Value
Charm is not just a “detection tool”, but a “virtual anti-fraud team” composed of multiple dedicated AI agents. These intelligent agents work together to cover fraud prevention, investigation, intervention, proactive discovery and other actions, forming a complete set of Agentic AI anti-fraud ecosystem.
Agent Type
Role Positioning
Core Functions
Technical features
Fraud Investigation Agent (Fraud Investigation Agent)
AI Fraud Investigation Expert
Signal correlation analysis across alarms, cases, and customer interactionsInterpreting the psychology of human intention and behaviorGuiding faster, higher confidence survey decisions
Based on the deep reasoning ability of a large-scale knowledge base, it can correlate fraud signals scattered in multi-source data
Fraud Frontline Agent (Fraud Frontline Agent)
AI Fraud Consultant
Real-time assistance in customer service centers, branches, wealth management and other channelsIdentify deception and manipulation signals in conversationsGuide the team to ask the right questions, intervene safely, and solve fraud scenarios immediately
Real-time NLP analysis + behavior pattern matching, millisecond response to fraudulent dialogue features
Anti-fraud intelligence agent (Fraud Intelligence Agent)
Adversarial AI Agents
Activities outside the organization’s boundaries, active contact with fraudulent infrastructure, imposters, mule networksGathering intelligence, discovering patterns, jamming operationsContinuously enrich the defense knowledge base through the Honey Bot network
Active intelligence collection, simulating legitimate user behavior to identify fraud infrastructure
Charm’s various agents achieve efficient collaboration by sharing intent graphs. The new fraud patterns discovered by the investigation agent can automatically update the detection rules of the front-line agent. The real-time threat data collected by the intelligence agent can be synchronized to all agents in real time. The new fraud scripts identified by the front-line agent will also be fed back to the investigation agent in a timely manner for in-depth analysis; It is precisely based on the multiple backgrounds of threat evolution, market demand and technology gaps that Charm proposed “Break the Scam Curse” Spell), committed to building an AI intelligent agent platform that deeply understands human psychology and supports real-time intervention, filling the gap in industry prevention and control [6].
Figure 3 Three Core Intelligent Agents
Charm’s core technological innovation lies in its patented HVETM (Human Vulnerabilities and Exploit Techniques) AI model-the world’s first AI framework trained specifically on human vulnerabilities and exploit techniques. Traditional anti-fraud technologies focus on “machine vulnerabilities” (such as abnormal transaction patterns), while HVETM focuses on “human vulnerabilities” (such as psychological weaknesses and cognitive biases), which fundamentally subverts the anti-fraud paradigm [7].
HVETM model training data
The training system of the HVETM model is composed of three pillars: behavioral psychology theory system, social engineering technology library, and real-time intention analysis engine.
At the behavioral psychology level, the model integrates more than 50 cognitive bias libraries including authority obedience, urgency bias, scarcity effect, confirmation bias, etc., covering emotional manipulation modes such as fear, greed, sympathy, and anger, and realizes the digital mapping and social engineering framework implementation of Cialdini’s six principles of influence.
At the social engineering level, the model relies on a fraud script library containing more than 10,000 known fraud scenarios, covering traditional fraud and emerging fraud types such as AI face-changing and Deepfake voice. It also has the ability to recognize fraudulent rhetoric patterns and adapt to cross-cultural fraud scenarios.
At the real-time intent analysis level, the model can detect natural language deception signals such as language ambiguity, avoidance mode, and emotional blackmail, and integrate multimodal risk signals such as voice intonation, dialogue rhythm, and interaction mode to achieve accurate identification of fraud intentions.
HVETM Workflow
The HVETM model first receives speech, text, video and behavioral data through a multi-source input layer, and then enters the feature extraction module, which simultaneously analyzes linguistic features (vocabulary selection, sentence structure, emotional polarity), acoustic features (pitch, intensity, speed, pauses), conversation dynamics (response time, topic continuity) and contextual association (historical interaction, relationship map).
After feature extraction, the data enters the HVETM inference engine. The core of the engine includes four major components: human vulnerability matcher (detecting 50+ psychological weaknesses), social engineering script matcher (matching 10,000+ fraud patterns), intention confidence calculator (output probability distribution) and intervention strategy generator (providing 8 types of intervention paths).
The final output layer generates three results: fraud risk assessment (0-100 points), interpretable report (detailed judgment basis) and recommended actions (disposal plan for the current scenario).
HVETM Core Advantages
The HVETM model has three core technical advantages: The first is explainability, which can provide a clear “decision-making basis” for each risk assessment, rather than black box output, so that risk control personnel can understand and trace the risk judgment logic; The second is adaptive learning, which continuously absorbs new fraud characteristics and behavior patterns through online learning mechanisms, continuously optimizes detection accuracy, and realizes the dynamic evolution of defense capabilities; The third is low false alarm rate. Relying on a deep understanding of human intentions, the false alarm rate of more than 80% in traditional systems has been greatly reduced to less than 20%, significantly reducing the interference of invalid alarms to business. In addition, the model also has multimodal signal fusion capabilities, which can integrate multi-dimensional data such as text, voice, and interactive behavior to achieve accurate identification of complex fraud scenarios; at the same time, it supports cross-cultural scenario adaptation, optimizes for social psychological characteristics in different countries and regions, and improves anti-fraud applicability worldwide.
Practical effect
According to customer data released by Charm, its platform has achieved significant improvements in core KPIs: The reduction in fraud losses increased from 10–15% of traditional systems to more than 30%, an increase of 2.5 times; The automatic rate of manual sorting has increased from 50% to 98%, reducing 80% of labor input; The survey time was shortened from an average of 45 minutes to 6 minutes, and the efficiency increased by 87%; The false alarm rate dropped from more than 80% to less than 20%, a reduction of 60%; At the same time, 24/7 real-time intervention capabilities have been added to provide all-weather protection without affecting customer experience [6].
Figure 4 Screenshot of the official website for implementation effect
At the case handling and closed-loop management level, the Charm platform achieves more efficient and higher quality case handling through end-to-end full process records of cases, clear decision-making basis explanations, and insights that can be directly used for management reporting, promoting continuous improvement, responsibility implementation and experience accumulation.
Figure 5 Charm Platform Interface
Innovation Ecological Cooperation: Technology + Psychological Support Closed Loop
Charm has reached in-depth cooperation with the mental health non-profit organization Give an Hour to jointly create a dual-track innovation paradigm of “technical prevention + psychological recovery” in the anti-fraud industry [8].
Founded in 2007, Give an Hour initially provided psychological support to veterans of the Iraq and Afghanistan wars. It has long been committed to providing free professional mental health services to soldiers, veterans and their families. Its current service network covers all 50 states in the United States, with an annual service scale of more than 20,000 people and more than 5,000 certified psychological counselors. It has a mature psychological intervention system and professional service capabilities [9].
The two sides have built a closed loop for handling fraud incidents from AI real-time identification, active intervention and interception to victim psychological assessment, psychological counseling, continuous support and social trust reconstruction, achieving seamless connection between technical prevention and control and psychological care. This cooperation model has both technical and psychological values. At the technical level, it relies on AI intelligent agents to achieve 24/7 real-time fraud prevention, active intelligence collection and threat blocking, which can reduce fraud losses by more than 30%; Psychologically, it can provide professional psychological intervention for victims of fraud, reduce the risk of post-traumatic stress disorder (PTSD), help them rebuild social trust, and effectively prevent “secondary deception” that may occur during periods of psychological vulnerability.
As the world’s first innovative practice to deeply integrate AI anti-fraud technology with professional psychological support, this cooperation upgrades the industry’s traditional “post-compensation” model to a full life cycle protection of “pre-emption + in-process intervention + post-recovery”, shifting from pure technical prevention and control to a new model that combines human-machine collaboration, technical efficiency and humanistic warmth, and elevating the goal of anti-fraud from simply reducing financial losses to a higher level of social trust restoration and public mental health protection.
Summary
Charm Security represents the third generation of anti-fraud technology evolution: the first generation is rule-based transaction monitoring from the 1990s to the early 2000s, the second generation is anomaly detection driven by machine learning from the 2010s to the 2020s, and the third generation is a real-time intervention model centered on AI agents combined with psychology since the 2020s.
With the industry attention brought by the RSAC innovation sandbox, Charm is expected to accelerate its market expansion from 2026 to 2027. If its technical route is effectively verified, it may promote a paradigm shift in the field of financial security, that is, from traditional “detecting abnormal transactions” to “understanding and protecting people’s decision-making processes.” Charm’s successful entry into this competition is not only an authoritative recognition of its technical strength and innovative concept, but also reflects the three core development trends of the current cybersecurity industry from the side:
First, the focus of security defense has been deeply extended from the traditional “protecting systems and assets” to “protecting people”, incorporating the cognitive security and psychological security of end users into the defense system to achieve full-dimensional protection of human-machine collaboration.
Second, the role of AI in the security field has been upgraded from an “auxiliary tool” to a “collaborative partner”, gradually possessing the ability to make autonomous decisions, close-loop disposal and independently complete complex tasks, becoming a true security intelligent agent.
Third, the boundaries between disciplines and fields continue to melt, and multiple disciplines such as cybersecurity, cognitive psychology, behavioral economics and financial supervision are accelerating cross-penetration and deep integration, promoting security solutions from technological confrontation to systematic governance.
In the context of generative AI making fraud more personalized and difficult to identify, Charm Security has proposed a very forward-looking solution, that is, using AI to fight AI-driven fraud and using psychology to crack the psychological manipulation in fraud. Regardless of its ultimate commercial results, this “people-centric” security concept has pointed out a new development direction for the entire cybersecurity industry.
References:
[1] https://finder.startupnationcentral.org/company_page/charm-security
[2] https://www.charmsecurity.com/
[3] https://www.rsaconference.com/library/press-release/finalists-announced-for-rsac-innovation-sandbox-contest-2026
[4] https://www.favikon.com/blog/who-is-roy-zur
[5] https://www.calcalistech.com/ctechnews/article/symyxgltke
[6] https://www.charmsecurity.com/#section-products
[7] https://www.charmsecurity.com/get-started
[8] https://www.businesswire.com/news/home/20250910455268/en/Charm-Security-and-Give-an-Hour-Unite-AI-and-Mental-Health-Expertise-to-Fight-Scams
[9] https://giveanhour.org/
The post RSAC 2026 Innovation Sandbox | Charm Security: AI Anti-Fraud Platform for New Types of Fraud appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
*** This is a Security Bloggers Network syndicated blog from NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. authored by NSFOCUS. Read the original post at: https://nsfocusglobal.com/rsac-2026-innovation-sandbox-charm-security-ai-anti-fraud-platform-for-new-types-of-fraud/
About Author
