Software

How Visa uses AI to protect digital payments

The global payment platform leverages 500 data points per transaction to flag potentially fraudulent spending.
article cover

Francis Scialabba

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

Every time you enter your credit card number, Visa’s robots are watching.

But don’t worry: The digital payment processor isn’t here to shame you for that midnight Taco Bell order or the Amazon Prime Day impulse purchases—as long as it’s really you.

Michael Jabbara, VP and global head of fraud services at Visa, recently spoke with IT Brew about how his company is tapping into artificial intelligence to discover and track markers for digital exploitation attempts, which have been on the uptick since the Covid-19 pandemic accelerated the adoption of online payments.

“The ability to authenticate that this consumer is who they say they are is that much more challenging,” Jabbara said of online spending. “You don’t have a person standing in front of you with a card that has a chip on it and the potential to validate them by asking them for ID. You’re essentially kind of counting on a set of data elements that are being transmitted electronically to conduct that verification, and…you may or may not be successful at that process.”

Between January and June of this year, Visa said it has helped merchants and consumers block $30 billion in potentially fraudulent transactions.

But according to Jabbara, threat actors are getting more sophisticated as technology improves, and this means financial services providers also have to evolve if they want to keep pace with the shifting threat landscape.

Enter AI.

Jabbara couldn’t tell us exactly what Visa’s models are trained to look for, but the company has invested hefty sums over the past five years—to the tune of $10+ billion—in its fraud-detection strategy. The models look at 500+ variables to determine a numeric score between 0 and 99 that rates the riskiness of the transaction. They then pass the score along to the shopper’s bank, which decides what to do with the information.

Some banks might let an alert slide to make the consumer experience more seamless, while others might flag the transaction to the customer via text, or decline the transaction altogether.

Visa then takes the data from how banks handle the prompts and uses it to further zoom in on the threat landscape.

“If we start to see anomalies in how those transactions are either approved or declined, we look at clusters that let us know that, hey, this specific client is behaving in abnormal ways. And we want to understand why that’s the case,” Jabbara said. “It could be that the client’s network has been breached, and the threat actors are able to lower their fraud decisioning and controls.”

This data-centered strategy is key to staying ahead of the fraudsters, who are also increasingly using AI to craft ever-more-convincing payment phishing schemes, he said.

“Technology, innovation, and adoption—it’s not just happening on the good side of the tracks. It’s also happening on the fraudulent side of the tracks as well.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

I
B