2025 Tekkie Award Co-Winner for Game Changer: Mahalo Banking

By Roy Urrico

Mahalo Banking, a Troy, Mich.-based CUSO that that specializes in online and mobile banking solutions for credit unions is a co-winner of the 2025 Game Changer Tekkie Award.

“We were honored to receive the Game Changer Tekkie Award — this recognition is a reflection of our team’s passion for creating meaningful, secure member-first technology. Winning in this category validates our commitment to building a platform that not only meets the current needs of credit unions and their members but also evolves to address the challenges and expectations looking ahead,” Denny Howell, COO of Mahalo, told Finopotamus. “This award celebrates the shared vision we have with our credit union partners—our progress and innovation are driven by collaboration, trust, and a commitment to delivering more, together.”

Recognizing the Challenge

Mahalo Banking recognized the urgency of tackling growing credit union concerns surrounding credential stuffing challenges and developed what it describes as “an industry-first security solution” engineered to safeguard credit unions and members.

Cybercriminals use automated weapons to test stolen login credentials against numerous accounts, to gain unauthorized access. As credit unions attempt to bolster their defenses against credential stuffing attacks, cybercriminals are leveraging artificial intelligence (AI) to create bots that mimic human behavior, making them indistinguishable from legitimate users and allowing them to evade traditional bot detection more effectively, according to Mahalo Banking.

Compromised credentials pose a direct threat to the security and integrity of member accounts. These security breaches often cause exponential increases in help desk support load, requiring significant resources and placing a strain on credit union operations and resources. Credential stuffing attacks also create member anxiety, confusion and distrust, undermining the credit union’s relationships with its members, Howell said.

CAT Protection

“Our solution positions credit unions at the forefront of innovation, inclusivity, and security. The platform’s Credential Assurance Technology (CAT) protects against credential stuffing attacks by disrupting bot activity and preventing unauthorized access – ensuring a safer, more trusted digital experience,” said Howell. “Most importantly, CAT achieves this level of security without any inconvenience to members’ login experience. While other solutions claim to reduce the risk of credential stuffing attacks, Mahalo provides the only solution that will eliminate the risk from all credential stuffing attacks.”

CAT proactively blocks bots before they can attempt unauthorized access, providing a more effective and future-proof solution, according to Mahalo. The technology also addresses a critical security threat often ignored: cookie hijacking. This attack method allows cybercriminals to take over an authenticated session without needing login credentials, putting members’ accounts and sensitive financial data at significant risk.

Integrity and Integration

Mahalo offers active session monitoring that continuously verifies the integrity of user sessions in real time. If a fraudster attempts to connect using a stolen session on a different device, Mahalo’s platform instantly detects the anomaly and terminates the session.

Mahalo also integrates real-time behavioral detection and automatic threat mitigation. By instantly detecting and terminating hijacked sessions, Mahalo eliminates attackers' opportunities, providing a stronger, more reliable defense against evolving cyber threats.

By preventing credential stuffing attacks, CAT significantly reduces help desk strain caused by member lockouts due to failed login attempts. This leads to decreased call center volumes, freeing credit union staff to focus on member service rather than account recovery. While security breaches can erode member trust, Mahalo describes how credit unions that implement CAT can assure members that their accounts are protected by cutting-edge technology, strengthening relationships and retention.

Delivering Results

Implementing CAT across multiple credit unions has delivered measurable and meaningful improvements in fraud prevention, member safety, and digital trust, according to Mahalo. For example:

• Harrisonburg, Va.-based Park View Federal Credit Union ($399.5 million; 13,930 members). CAT eliminated unauthorized account access via credential stuffing, setting a new internal security benchmark. Logs from Mahalo and Park View confirmed that 99% of credential stuffing attempts ceased within an hour. Additionally, during a recent social engineering attempt, several members unknowingly shared their login credentials with fraudsters but not one disclosed their CAT-enhanced multi-factor authentication (MFA) code, making this the first instance where Park View FCU recorded a 0% failure rate and complete mitigation of the attack.

• Fremont, Mich.-based Gerber Federal Credit Union ($244 million; 16,004 members). The credit union also realized similar decreases in fraud instances since implementing CAT in September 2024. Fraud via digital channels dropped by 30% when comparing the five months prior to the six months following implementation. Importantly, none of the post-implementation incidents stemmed from a failure in system security; each was the result of members voluntarily sharing credentials, granting device access, or falling victim to phishing scams, further validating CAT’s effectiveness when login integrity is maintained. The deployment of CAT not only improved fraud prevention but also increased member trust in digital banking, empowered staff to focus on member education and early intervention, and contributed to a more secure, digitally resilient banking environment.

• Brentwood, Tenn.-based Koin Credit Union ($37.5 million; 2,058 members). Because many members are older and more vulnerable to electronic fraud, CAT provided a crucial added layer of protection. The solution enabled staff to better educate members on secure digital banking practices during onboarding and day-to-day interactions. This focus on proactive education and member reassurance led to stronger digital adoption and trust. By highlighting the added protections tied to online banking profiles, Koin Credit Union has strengthened member confidence in the institution and built a more secure digital experience tailored to its community’s needs.

Across all three credit unions, Mahalo said CAT demonstrated its ability to be a transformative security enhancement—blocking unauthorized access, minimizing fraud-related losses, and enabling staff to focus more on member education and early intervention rather than post-fraud recovery.

Other Benefits

“While we knew that eliminating credential stuffing attacks would reduce fraud, we were surprised to see that the support ticket volume had been significantly reduced as well,” admitted Howell. “This makes perfect sense as credential stuffing attacks will often lead to a huge increase in support calls related to accounts being locked and members receiving attempted login messages. Because CAT eliminates accounts from being locked out via automated attacks, members are not impacted even if a credential stuffing attack is actively taking place. The member accounts remain secure and active with zero risk or impact to the member. We are especially proud that our platform is helping credit unions stay ahead of threats and focus more on delivering value to their members.”

Additionally, when it comes to delivering more value to members, Howell explained Mahalo’s “Thoughtful Banking” digital solution goes beyond The Americans with Disabilities Act (ADA) compliance to support neurodiverse members through features like dyslexic-friendly fonts, colorblind modes, left-hand navigation, and animation controls. “These user-centric features create a more inclusive experience that helps credit unions deepen member engagement and loyalty.”

Mahalo also continuously enhances its platform based on real feedback from its credit union partners, ensuring that it evolves to meet changing member needs, emphasized Howell. “In fact, we completed 63 client-driven platform enhancements across 2024 and 2025 — a reflection of our commitment to innovation through collaboration. This proactive, collaborative approach allows credit unions to lead with a digital experience that reflects the future of accessibility, security, and member-first innovation.”