The Model Context Protocol has been shipping across payments, data, and developer infrastructure for months. Now it has reached fraud prevention. Fingerprint, the device intelligence platform used for fraud detection across financial services and ecommerce, launched an open-source MCP server that connects its device intelligence data to any AI assistant or agent.

This is the first MCP implementation in the fraud prevention space. Fraud analysts and developers can now query Fingerprint's device intelligence events, identify patterns, and investigate anomalies using natural language prompts, without writing code and without being locked into any single AI vendor.

As we explained in our breakdown of MCP vs Agent Skills, the Model Context Protocol provides a standardised way for AI agents to connect to external systems. It is the infrastructure layer, the plumbing that lets an agent access data it could not otherwise reach.

Fingerprint's MCP server applies that pattern to device intelligence. The platform identifies devices visiting websites and applications using browser fingerprinting, device signals, and behavioural analysis. It assigns each device a persistent identifier and scores its risk based on hundreds of signals.

Previously, accessing that data required API calls, custom integrations, and dashboard navigation. With the MCP server, an analyst can open Claude, ChatGPT, or any MCP-compatible assistant and ask questions in plain English.

"Show me all high-risk device events from the past 24 hours."

"How many unique devices accessed this merchant's checkout page from the same IP range?"

"Flag any devices that changed browser fingerprints between sessions."

The AI assistant queries Fingerprint through the MCP server and returns insights immediately. Investigation cycles that took hours compress to seconds.

Fraud analysis is one of the most data-intensive disciplines in financial services. Analysts monitor millions of events, cross-reference device signals with transaction patterns, and look for anomalies across vast datasets. The tools they use, dashboards, query builders, custom scripts, are powerful but slow.

The AI fraud paradox we covered last week makes this worse. The same generative AI capabilities that 68 percent of banks now use for fraud detection are also available to fraudsters. Phishing campaigns that once cost thousands to mount now cost near zero. Deepfake identification documents are commercially available. The volume and sophistication of attacks are scaling faster than analyst teams can grow.

MCP does not solve the arms race. But it dramatically reduces the time between detecting a signal and understanding what it means. An analyst who can query device intelligence conversationally can investigate 10 incidents in the time it previously took to investigate one.

Fingerprint is not the first company to ship an MCP server in the payments and financial services space. Pagos launched an MCP server that lets teams query transaction data, approval rates, and fee breakdowns through AI assistants using natural language. The pattern is the same: take specialised operational data that lives behind dashboards and APIs, and make it accessible through conversational interfaces.

What makes Fingerprint's implementation notable is the domain. Payment data is valuable but relatively stable. Fraud data is adversarial. The signals change as attackers adapt. The queries need to be flexible because the patterns analysts are looking for shift constantly.

An MCP server in fraud prevention is not just a convenience layer. It is a force multiplier for teams that are already outnumbered by the scale of the attacks they face.

The implementation is open source, which means other fraud prevention vendors can study the approach, fork it, or build compatible servers. If MCP becomes the standard interface for AI-assisted fraud analysis, the vendors who adopt it early will have an advantage in how seamlessly their tools integrate with the AI workflows their customers are already building.

MCP adoption has been explosive. Downloads grew from 100,000 in November 2024 to over eight million by April 2025. The protocol is moving from developer tools and data platforms into operational infrastructure.

Fraud prevention is a natural next step. The data is complex, the queries are unpredictable, and the analysts are overloaded. But it also raises questions. When AI agents can query fraud signals in real time, the same access that empowers analysts could, if misconfigured, expose sensitive device intelligence to systems that should not have it.

Fingerprint's approach, open-source, vendor-agnostic, deployable within an organisation's own infrastructure, addresses some of those concerns. But as MCP servers proliferate across financial services, the governance of what agents can access and what they can do with it becomes a critical design decision.

The protocol that connects AI to everything is now connected to the systems that protect everything. That is progress. It also requires care.

When every fraud prevention tool speaks MCP, will the analysts querying them be humans or agents?