Why Age of Information (AoI)  is no longer a reliable indicator of trust

For years, the history of digital identity attributes has been treated as a reliable indicator of trust in digital commerce and payments. The assumption was simple and intuitive. For example, a newly created email address may indicate risk, while an email that has existed for many years should suggest legitimacy and familiarity. As a result, “time‑on‑file” became a widely used input into orchestrating fraud and identity decisioning models across the industry.

As fraud techniques evolve, this long‑held assumption is starting to break down.

Evidence from ACI Worldwide’s real payment environments increasingly shows that allowing digital identity history to be assessed in isolation can be misleading. In some cases, it may even expose organizations to greater risk rather than protecting them.

The reason is straightforward: History does not always reflect trust, especially when fraud is allowed to hide inside it.

Most traditional fraud and identity decisioning models—used by banks, financial institutions, and merchants to assess transaction and account risk—treat history as a fixed attribute. They measure when an element was first seen, how long it has existed, and how broadly it has appeared. What these models cannot see is what has happened to that digital identity attribute over the span of years.

Once a digital identity attribute is compromised, the clock does not stop and restart to establish trust. The email continues to age. From the model’s perspective, trust keeps increasing, even if the email address is actively being used for fraud.

As fraudsters have become more sophisticated, they have learned to exploit this weakness. Rather than focusing solely on creating new identities, they increasingly target longstanding email accounts, knowing that mature digital histories often benefit from lower friction and higher approval rates. Over time, this allows fraudulent activity to blend seamlessly into segments that traditional models consider low risk.

ACI has analyzed email history as a digital identity signal, and a striking pattern emerged. While newer email addresses broadly aligned with higher fraud risk, some of the highest fraud rates appeared among email addresses that had existed for many years.

In fact, email addresses that had existed for more than nine years showed some of the highest observed fraud concentrations, withfraud rates of 69%¹ in this long‑tenured segment. This outcome completely contradicts the core assumption behind static email age models. Critically, this was not random fraud. The activity clustered heavily around account takeover, where long‑standing email accounts are compromised and then reused across multiple transactions and channels.

Longstanding emails should represent familiarity and stability. Instead, they were increasingly associated with high‑impact fraud.

The issue was not that email age had no value but that it was being measured without context. Without visibility into network‑wide behavior, these models could not distinguish between earned trust and inherited trust.

The fundamental problem with static email intelligence is that it treats time as trust. But time alone is not trust. Trust must be validated continuously. This is where network intelligence introduces a critical shift.

Rather than viewing email history as a one dimensional attribute, ACI’s network intelligence evaluates it as a living reputation that evolves based on observed behavior across the ecosystem.

Positive history growth is halted, risk is surfaced earlier, and compromised identities are prevented from quietly accumulating credibility. In this model, trust is never assumed to be permanent. It must be continually reaffirmed through clean, verified behavior.

When email history is assessed through a network‑aware lens, the relationship between trust and risk begins to realign. Newly created emails that exhibit suspicious behavior are identified early, before they can build reputation. At the same time, longstanding emails that continue to demonstrate legitimate behavior retain their value as indicators of familiarity.

Most importantly, high‑risk activity no longer hides behind long‑dated digital histories. Account takeover attempts targeting mature email accounts are surfaced where they should be: as elevated risk rather than being smoothed over by time‑based assumptions.

For both financial institutions and merchants, this translates directly into better decision‑making. With network intelligence applied, high‑risk behavior is surfaced early in low‑history segments where fraud rates of approximately 35%¹ are identified quickly and contained before reputation can form. At the same time, long‑tenured email identities show significantly lower fraud rates, dropping to around 12%¹, restoring alignment between familiarity and trust.

With fraud controls applied more precisely, customer friction is reduced where it is genuinely unnecessary, and losses can be contained earlier in the fraud lifecycle without sacrificing approval rates.

As fraud becomes increasingly AI‑driven, distributed, and adaptive, isolated data points are no longer enough. Signals that cannot learn from broader patterns or adapt to emerging behaviour will inevitably lag behind adversaries who exploit their limitations.

Email history remains a valuable signal for fraud prevention, but only when it is understood as reputation rather than age. Without network intelligence, history is just a clock. With it, history becomes contextual, meaningful, and actionable.

Read exclusive insights from 154 global financial crime leaders across banks, payment providers, merchants, and financial infrastructure firms, highlighting an industry at an inflection point: embracing AI in principle but still grappling with how to deploy it safely, confidently, and at scale to reduce fraud.  

ACI helps banks, financial institutions, and merchants strengthen fraud prevention strategies with continuous, network‑driven insights.