Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

A Peek into Visa's AI Tools Against Fraud

Visa has invested heavily in data analytics and artificial intelligence over the past five years to secure the movement of money and keep fraud rates low.

finger tapping on a digital tablet with dollar signs overlay
Source: Song about Summer via Adobe Stock Photo

As more financial transactions move online, organizations are faced with the challenge of ensuring payment methods are safe, secure, and private, as well as being able to differentiate between legitimate customer behavior and fraudulent activities. For Visa, advanced analytics and artificial intelligence plays a significant role.

The shift to digital commerce – driven partly by pandemic-related lockdowns and restrictions but also because organizations are introducing new offerings as part of their digital transformation initiatives – have transformed how money moves around the world, says Dustin White, chief risk data officer at Visa. Individuals increasingly rely on new tools to send money to other individuals or to pay for goods and services from retailers and other types of sellers. There are new payment schemes, such as buy-now-pay-later, tap-to-pay, and no-touch payments, and they bring different challenges and risks than traditional face-to-face transactions, he says.

"To say the task of securing the global movement of money is complex would be an understatement, particularly now," wrote Visa’s chief risk officer Paul Fabara in a recent blog post.

E-commerce volume on Visa’s network has grown by more than 50% since late 2019, and peer-to-peer payments on Visa’s network have more than doubled, the company says. Even as shoppers returned to stores in 2021, online trends held steady as shoppers "still shopped with fervor online," according to Digital Commerce 360’s analysis of Commerce Department data.

Criminals go where the money is; they have noticed the e-commerce shift and increased use of digital payments. However, even though the attack surface has increased, fraud rates on Visa’s networks remain at historic lows, White says. Fraud rates are currently at about 7 cents per $100 in transactions, despite over 2 million daily attempts by fraudsters. White credits Visa’s hefty investments in advanced analytics and artificial intelligence (AI) for keeping fraud low.

Digging Deep in the Data Reservoir
Visa has invested $9 billion in cybersecurity over the past five years, with $500 million specifically on data analytics and AI capabilities. The company has 60 petabytes (1 petabyte is 1,000 terabytes) of data and has embedded AI and analytics in more than 60 different services to spot and block fraud on its networks.

  • The Visa Advanced Authorization (VAA) score uses AI and machine-learning techniques to determine whether a transaction is legitimate or fraudulent within 300 milliseconds, White says. VAA alone prevented $26 billion worth of fraud in 2021.

  • The company analyzes data to look for "common patterns" of behavior associated with legitimate transactions and to identify fraud. For example, insights such as a customer applying for credit copy and pasted in the Social Security number rather than typing in the digits could indicate that the personal data being used may be stolen.

  • Visa Behavioral Analytics has analyzed more than 400 million authentication requests against 12 million unique devices over the past two years to detect account takeovers and bot-based attacks, White says.

  • Visa Account Intelligence uses AI and machine learning to detect fraud before it starts. In one case, Visa Account Intelligence helped prevent $2.2 billion in potential client fraud.

Enhancing Capabilities With AI
False declines, or when a transaction doesn’t go through because of a mistake, can also be costly. About 89% of customers will cut back on using that item – a credential or a particular payment method – after a false decline, which would result in lost revenue streams for providers and merchants, White says. Visa applies deep-learning techniques to reduce false declines by as much as 30%, the company says.

Security analysts use natural processing to uncover cyberattacks and insider threats and apply machine-learning models to predict and fix most likely points of network vulnerability. Vulnerability testing has saved approximately $31 million in prevented fraud in fiscal year 2021.

Visa’s investments in AI match overall activity in the financial-services sector. Financial institutions have spent more than $217 billion on AI applications to help prevent fraud and assess risk, according to the Preventing Financial Crimes Playbook. Those figures are from 2020, and the pace of investments has continued to grow since. Banks are aware of the benefits of using AI, as shown in a recent UBS Evidence Lab report, where 75% of respondents at banks with over $100 billion in assets said they’re implementing AI strategies.

White cautions against treating AI as the end-all to fix everything and advocates a multilayered approach. Visa still maintains Cyber Fusion Centers staffed with analysts to handle continuous security monitor, incident response investigation, and threat intelligence. Machine learning is the most beneficial when it is implemented to improve existing tools and processes or deployed to address a specific situation. 

"No one solution is going to thwart all of the attacks on infrastructure," White says.

About the Author(s)

Fahmida Y. Rashid, Managing Editor, Features, Dark Reading

As Dark Reading’s managing editor for features, Fahmida Y Rashid focuses on stories that provide security professionals with the information they need to do their jobs. She has spent over a decade analyzing news events and demystifying security technology for IT professionals and business managers. Prior to specializing in information security, Fahmida wrote about enterprise IT, especially networking, open source, and core internet infrastructure. Before becoming a journalist, she spent over 10 years as an IT professional -- and has experience as a network administrator, software developer, management consultant, and product manager. Her work has appeared in various business and test trade publications, including VentureBeat, CSO Online, InfoWorld, eWEEK, CRN, PC Magazine, and Tom’s Guide.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights