Earlier this week, Visa set a more ambitious stance on cybersecurity, blogging about the company’s commitment to IT security in the face of heightened digital security concerns.
The premier credit card brand pointed out that internet fraud surged by 69% in 2020 alone, according to the FBI Internet Crime Report. Yet despite this rise in cybercrime, Visa reported record-lows in cyber fraud, as the company has invested more than $9 billion over the past five years in security innovation and analytics.
On April 19, Visa’s Chief Risk Officer Paul Fabara commented on payments industry security, pointing out that “the common denominator across almost all post-pandemic behavioral shifts is the growing importance of digital payments.” This relates to payments from $0.40 downloads to multimillion-dollar corporate exchanges, according to Fabara.
“To say the task of securing the global movement of money is complex would be an understatement, particularly now,” Fabara said in his blog post. “Unfortunately, criminal enterprises saw the pandemic as a golden opportunity to exploit human and technical vulnerabilities.”
Fabara cited that more than three-quarters (78%) of people who received an unsolicited link clicked on it, while more than half (51%) of folks said that they used the same password for most of their online activities. And, more than 4 out of 5 (81%) global enterprises experienced increased cyber threats (during the pandemic) or experienced downtime during a cyber incident (79%), according to the FBI report.
“A lot of attention is paid to the innovations on the bleeding-edge of finance and payments — tap to pay, crypto, buy-now-pay-later, for example,” said Fabara’s blog. “What garners less attention are the products, platforms and services that ensure any new form of money movement is safe, secure and private.”
Visa has more than 1,000 cybersecurity experts focused on offensive and defensive protection.
Rob Rendell, vice president of payment solutions at Feedzai, noted that while, “It’s absolutely true that digital payments are on the rise, fraud is the real mover.”
Feedzai’s research shows that while online transactions are up 65%, fraud attacks are up 233%.
“How does an FI stand a chance against fraud at scale? They have to solve two core problems: Are you who you say you are, and are you allowed to make the transaction that you want to make?” Rendell said.
“It’s a combination of identity and the financial transaction,” Rendell said. “It’s challenging because you have to layer those two data sets in real-time across your organization. So, today’s fraud needs a whole new approach — one where data is connected via a common sandbox, orchestration will be critical across multiple silos. This shift will be the greatest challenge risk teams face.”
COVID-19 upended a lot of assumptions about how, where and when we work, shop and play.
According to Digital Commerce 360, since the emergence of the pandemic in late 2019, ecommerce volume has grown by more than 50.5%, while peer-to-peer payments have more than doubled and subscriptions to digital streaming services hit the 1 billion milestone.
“FIs are bracing for [this] new approach to infrastructure and execution with existing teams,” Rendell said. “We’ve dubbed it ‘The RiskOps Age.'”
Visa has engaged in ethical hacking attempts with its in-house engineers, looking at fraud attempts, IP addresses and GPS data to catch criminals. Vulnerability testing alone has saved clients $31 million in prevented fraud in FY21, according to the card company. Other work, like fielding in-bound client incidents, is less dramatic, but no less important. In one instance, Visa helped to prevent roughly $2.2 billion in attempted client fraud using the Visa Account Intelligence tool.