AI is reshaping industries, including the insurance industry. While insurers are adopting AI for automation and underwriting, fraudsters are using the same technology to create deepfakes: fake photos, videos, or documents convincing enough to fool even experienced claim adjusters. Sutirna Chakraborty of the IFoA's Professionalism, Regulation and Ethics Working Party explores how blockchain can tackle it.
In early 2025, a man in the Netherlands submitted multiple travel insurance claims. They were complete with what appeared to be authentic invoices, discharge summaries, and stamped doctors notes. But these were not scanned documents.
He used a generative AI tool to recreate real documents with fake names, altered dates, and adjusted diagnoses. All he needed was a good prompt. He had pocketed over €150,000 from six different insurers until a sharp-eyed claims analyst at one of the companies spotted that the same handwritten signature had appeared across multiple ‘different’ doctors.
Insurance fraud has always been a challenge. But what we are seeing now is a quiet revolution in how it is being done. According to the Coalition Against Insurance Fraud, the global insurance industry loses over $308.6 billion a year to fraud, an amount that can fund three million four-year college degrees and buy 81 billion school lunches. And with AI, that number is only going to rise.
So how do we fight fraud when it looks so real and fools even our best systems? That is where blockchain comes in. This article explores how blockchain, combined with smart contracts, can create tamper-proof verification systems that identify deepfake claims before they reach settlement.
Motor insurance is particularly vulnerable to visual fraud as it involves uploading images as proof for relatively lower value claims. These claims in most insurance companies are approved without much human review. Routine, auto-approved claims below the review threshold are the sweet spot for fraudsters using AI.
Apart from the loss that the insurer suffers in paying out fake claims, not being able to identify fake claims might have far reaching consequences. We actuaries rely on historical loss data for pricing policies. This exaggeration in claim numbers from fake claims, if not identified, can skew the actual frequency and severity patterns and inflate pure premiums. Unsuspecting customers might end up paying for the fraud created by scamsters.
A technology that might be useful to counter this type of fraud, and eventually many others I believe, would be the much talked about ‘blockchain’.
Blockchain is like a digital ledger that stores verified data. Each block stores important information. For an insurer, this data could include:
Each block is locked and identified by a hash function which is a mathematical formula that converts any input data into a unique alphanumeric code of fixed length. For example:
Input: Image file used in claim verification
Output hash: b2d5f3d6e91c25e4a0b9f9b6a4db9fa0e66d71c58cd81984ef22a3fabc2e5f31
Even a tiny change in input like adding one comma completely changes the hash. That is how blockchain detects tampering instantly. Moreover, this hash function only works one way: You can easily get the output hash from the input data. But you cannot reverse-engineer the input from the output. In other words, you cannot look at a hash and guess what data created it. That is why blockchain is secure even if someone sees the hash: they cannot fake or rebuild the original file.
Related blocks are chained together because each new block not only contains its own data but also includes the hash output of the previous block as one of its inputs.
So, the blockchain looks like this:
Block 1: Hash [Data 1]
Block 2: Hash [Data 2 + Block 1]
Block 3: Hash [Data 3 + Block 2]
This creates an unbreakable chain. If someone tries to change even one detail in any of the blocks, the chain breaks and the participants of the network immediately notice that something is wrong. That is how blockchain is supposed to be tamper proof.
In industries like insurance, we cannot use a public blockchain because customer data must remain private. So, insurers can use a private blockchain network: a closed system shared only among trusted participants such as insurance companies, hospitals, repair shops, and regulators.
This network uses something called ‘proof of authority’ (PoA) meaning only authorised members are allowed to add new blocks and access the blockchain. Every time an insurer or partner uploads a new record, it is hashed, timestamped, and permanently stored in the private blockchain.
Let us think of how insurers can tackle deepfake claims and exaggerated claims using blockchain. For claims resolution, insurers can mandate this step where the event photographs need to be captured through the insurer’s app on the policyholder’s phone. The app will automatically do these:
When the policyholder submits a claim, it will prevent it from being a deepfake claim as an actual picture needs to be captured with camera, time and GPS recorded. These details need which needs to match the information provided by the policyholder.
It also eliminates the possibility of exaggeration in repairs as the receipt uploaded by the policyholder will again be verified against the one uploaded by the repair shop.
They can also counter the double dipping instances with smart contracts. For simplicity, let us assume there are 3 insurers, A, B and C, in the private network. Suppose a policyholder took out a policy for his vehicle with insurer A. The information stored in the private network includes information about the car, its number plate and registration information, and period of risk cover. Suppose each information is stored as a block and it forms a blockchain.
Suppose in a case of double dipping, the policyholder tries to insure the car again with insurer B. When the smart contract is being created for insurer B it checks if there is any active contract with another insurer for the same vehicle. If found, it rejects the business.
Smart contracts can also check that the accident occurs within the period of risk cover and can automatically reject claims otherwise. So, it has potential to solve double dipping fraud.
Moreover, if the policyholder’s KYC information is included, then there will be a record of previous fraud, or fraud attempts, in this network that might be useful to prevent the hard fraud where the claim events are created intentionally. It can also check for signs using the smart contracts like if claims were made immediately after taking out a policy and if there is any double dipping involved, which is often how hard fraud operates. There is still a risk of this type of fraud happening, but it involves a lot of cost and planning and is not as scalable as AI fraud.
While the potential is immense, it is also a complex solution:
AI is changing everything, including how fraud works. And in this new world, the old defences simply do not apply. We cannot afford to wait for fraud to evolve, what we need now is the collective will to act. This is not the responsibility of one insurer, or one vendor; it is an industry-wide imperative.
If we want digital transformation to succeed, if we want trust to remain the foundation of what we do, we have to embed innovation at every layer of claims resolution. Let us make sure the insurance industry does not just respond to emerging fraud, but sets the global standard for staying ahead of it.
Rui Roriz, José Luis Pereira. (2019) Avoiding Insurance Fraud: A Blockchain-based Solution for the Vehicle Sector
Abbas Raad, Syed Danish Ali. (2025) Blockchain as a Tool for Health Insurance Fraud Detection: Strategic Shift for Actuaries
