cd /news/artificial-intelligence/exclusive-googles-former-click-fraud… · home topics artificial-intelligence article
[ARTICLE · art-57398] src=fortune.com ↗ pub= topic=artificial-intelligence verified=true sentiment=· neutral

Google’s former ‘click fraud czar’ emerges from stealth with an on-device AI shield against AI-powered phishing, deepfakes, and other scams

Shuman Ghosemajumder, Google's former 'click fraud czar,' launched Reken, an on-device AI security platform, after two years in stealth. The startup's first product, Northstar, detects phishing and deepfake scams locally on devices to avoid cloud-based risks. Reken raised $10 million in seed funding from Greycroft and FPV Ventures.

read5 min views1 publishedJul 13, 2026
Google’s former ‘click fraud czar’ emerges from stealth with an on-device AI shield against AI-powered phishing, deepfakes, and other scams
Image: Fortune (auto-discovered)

Shuman Ghosemajumder made his name at Google as the “click fraud czar,” building the systems that kept cybercriminals from draining the company’s advertising business. He went on to found Shape Security, a cybersecurity company whose software was designed to stop hackers from deploying bots using fake accounts or stolen usernames and passwords to commit fraud. F5 acquired the company for $1 billion in 2020.

Now Ghosemajumder is back with a new startup that aims to take on what he calls the biggest security threat of the AI era: the collapse of trust in online communication. His company, Reken, is emerging from two years of stealth development today with an on-device AI security platform, as well as the first product for that platform, a phishing-and-fraud defense tool called Northstar.

Reken’s platform, which it calls the Reken Private Core, is a system of small, proprietary AI models that run directly on a user’s device rather than routing communications to the cloud. While some competitors, such as cybersecurity startups Abnormal and Doppel, use AI to analyze communications, most do that by transmitting data to cloud-based services.

Sending data to the cloud introduces further risks of data breaches as well as possible time lags that can frustrate users, Ghosemajumder said. Some of these cybersecurity companies are also using AI models from providers such as OpenAI, Anthropic, and Google DeepMind, which also introduces additional costs. Google and Apple are both reported to be working on AI-powered phishing detection software that would function on device, but neither has rolled out a product yet.

Ghosemajumder said the central R&D challenge was proving that Reken’s AI models could produce high-quality results on ordinary hardware—standard corporate laptops without GPUs—fast enough to block threats in real time.

“You could take an LLM and figure out a way to quantize it so that you could run it with fewer resources and run it on a machine that didn’t have GPUs, but if it still runs at the speed of a full LLM, then it’s not going to be able to produce a result in a timeframe that matters,” Ghosemajumder told Fortune. “But what we’re able to do is both.”

Ghosemajumder said that Northstar, the first product built on the Private Core, is designed to be an alternative to the corporate security-awareness training that he considers largely futile, especially as phishing scams and authorized push payment fraud become more sophisticated. “We shouldn’t be forcing employees to become forensic digital investigators,” he said. “We need just-in-time AI that detects the threats the human eye cannot see.”

While some tools attempt to cut down on AI-powered fraud by using other AI models to detect emails and messages that are AI-generated. But this approach is outmoded given the speed at which companies are adopting AI tools for business tasks. Most AI-generated text is harmless—someone asking a chatbot to draft an email, say—so flagging AI-generated content is useless as a security signal, Ghosemajumder said. Instead, Northstar also leans on positive signals, such as verifying when a message genuinely comes from a legitimate sender such as a bank or a retailer, so users aren’t left guessing whether a note purporting to be from Amazon is real. Ghosemajumder cofounded Reken in 2024 with his former Sharp Security colleague Rich Griffiths. The company raised $10 million in seed funding from a group of venture firms including Greycroft and FPV Ventures.

The problem Reken is chasing is escalating fast. The FBI’s Internet Crime Complaint Center logged $20.9 billion in reported cybercrime losses in 2025—a 26% jump in a single year—and for the first time added AI-related crime as a category, recording more than 22,000 complaints. A 2026 poll from Canadian bank RBC found that 83% of people now assume any online message is a scam unless proven otherwise.

“The internet is not safe, and is getting less safe every day because of AI. The fraud is too sophisticated now for humans to be able to recognize it,” Ghosemajumder said.

Even experts aren’t immune, he added: “You can fool anyone—even you and I, who are constantly steeped in this stuff. You catch us at the right moment when we’re distracted and you apply enough pressure that’s contextually relevant [and we will fall for it too].”

Ghosemajumder said Reken has already experienced AI-powered fraud attempts. An intern at the company began receiving messages impersonating Ghosemajumder in his first week—the result of criminals scraping LinkedIn to map a new hire’s reporting chain and identify exactly whom to imitate.

Beyond simply protecting individual devices, Reken’s more ambitious bet is that these individual deployments can be knit together into what it calls the Reken Network. When an organization adopts Northstar, its internal communications become verifiable; as that organization’s suppliers and partners adopt it too, they join a widening “protected circle.” Ghosemajumder likens the dynamic to Apple’s iMessage, which sorts the world into trusted blue bubbles and everyone else—but says Reken can go further in guaranteeing that in-network communication is trustworthy.

He is candid that harnessing data across that network raises privacy questions—issues he says he wrestled with at Google, where he co-founded an internal Privacy Council. Reken’s plan, he said, is to aggregate and anonymize threat intelligence so the network gets smarter without compromising individual users’ data.

Northstar is available starting Monday through an early access program for corporations, government agencies, and universities. Ghosemajumder said the product has already been tested in Fortune 500 environments, though he declined to name customers. Additional products are in development, and the company plans to let third parties build on the Private Core.

Whether Reken can deliver on its trust-layer ambitions remains to be seen—the network effects it envisions depend on wide adoption. But its founder’s wager is that in a world where, as he puts it, anyone can be fooled, the only defense is AI fast and private enough to watch your back without ever leaving your machine.

Subscribe to Fortune Gulf Brief. Every Tuesday, this new newsletter delivers clear-eyed, authoritative intelligence on the deals, decisions, policies, and power shifts shaping one of the world’s most consequential regions, written for the people who need to act on it.

── more in #artificial-intelligence 4 stories · sorted by recency
── more on @shuman ghosemajumder 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/exclusive-googles-fo…] indexed:0 read:5min 2026-07-13 ·