Nov 2, 2023 – Payments and money movement are evolving faster than ever before.
Consumers expect immediate gratification, uninterrupted experiences, personalized offerings and have more ways to pay than ever before. While the benefits are clear, this also provides bad actors with a much greater attack surface. Fraudsters are no longer a lone ranger in their garage. They are sophisticated, coordinated organizations employing the latest tech. Bad actors thrive on uncertainty and the current economic uncertainty is creating a rich environment for them to thrive in.
Now imagine how AI continues to evolve and new use cases enter the market, like we’ve seen with ChatBots, it will become easier for fraudsters to leverage AI-enabled tools to their advantage. This can include replicating real people and conducting social engineering attacks at scale. It might be easy to spot a phishing email today when it’s full of grammatical errors, but AI could help bad actors create more accurate and personalized forms of communication that are harder to spot as fraudulent. Think about all the PII personally identifiable information we are sharing across social media platforms with little caution.
Keeping these channels safe and secure is an imperative for all parties involved and requires a nuanced approach to protect diverse users and unique threats.
This imperative, however, should not be seen to limit growth and innovation. Instead, investing in security will foster trust with existing and potential customers. In fact, for many consumers, security is top of mind. A 2022 survey found that over 90% of online shoppers in Quebec were worried about the security of their data.
This shifting payment landscape poses unique challenges and opportunities depending on the payment system and the people involved. We can’t rely on any silver bullet to address all of the potential fraud vectors and instead banks, fintechs, and other participants in the ecosystem must tailor their approach. Institutions that succeed at this will not only enhance the resilience of their systems but can also improve the experience for their customers.
For more traditional forms of payment, there is a well-honed playbook for protecting against fraud. Chip and contactless payments in stores have been incredibly effective in driving down fraud rates and shopping online continues to become more secure as adoption of 3DS and tokens increases.
AI is woven into the fabric of Visa, powering about 60 different capabilities, making the movement of money smarter and safer. Our powerful data processing and algorithms allow for real-time decision-making for every transaction. The technology uses various AI and ML techniques to determine the likelihood that a given transaction is fraudulent within 300 milliseconds. With every transaction, our Advanced Authorization technology analyzes up to 500 unique risk factors to detect fraud in real time, making fraud detection faster, more efficient, far more accurate tangible way preventing billions of dollars of fraud globally every year.
New strategies, however, are required when addressing newer payment technologies. For example, real-time payment (RTP) systems circumvent many of the systems that banks and networks have historically used to protect customers, such as Visa’s AI-enabled transaction monitoring. Savvy fraudsters quickly became aware that they could use RTPs to quickly and easily secure ill-begotten funds before their victims realized what happened.
To meet this threat, RTP providers have adopted tools to help customers validate the identity of the recipients of their money. Government and private entities alike have also set out to educate consumers on how to be wary of these new vulnerabilities.
Now, the more things change, the more things stay the same. Social engineering continues to be top of mind, regardless of the payment technology involved. It remains crucial to educate customers and employees to be vigilant for potential scams. As I mentioned earlier with the proliferation of AI technologies, it has become easier for fraudsters to spoof financial institutions, public officials, and even friends and family.
Just as different payment methods require different strategies, it’s important to acknowledge the unique threats to diverse customers. Even the savviest of technology users can become victims of fraud. Early adopters using untested payment rails and digital currencies have minimal safety nets when things go wrong. For this reason, its critical to not just think of our less-tech-savvy friends and family as the typical mark for a fraudster.
Trailblazing institutions and individuals are best served when they incorporate security and risk management principles into the core of their operations.
For individuals, relying on trusted brands is key. Visa partners with fintechs to enable new businesses and innovators to try new ideas with a foundation in compliance, compatibility and security that would be difficult to recreate alone. It also enables consumers to have greater comfort when they try new ways to pay.
There is no typical fraud victim. From early adopters to tech-wary consumers, fraudsters find vulnerabilities. For this reason, its crucial for banks and financial institutions to take a nuanced approach to how they protect their customers. At any stage, investing in trust and security is a crucial element for enabling growth and innovation.
Maryam Saeed is the head of risk at Visa Canada.