Jeff Gipson, director of payment product management at Discover® Global Network, told PYMNTS in a recent interview that the intensity of fraudsters’ attacks on all parts of the payments ecosystem is ramping up.
He pointed to social engineering as a favorite method employed by bad actors.
“AI is at the forefront of their efforts,” he said, adding that “techniques that were previously limited to just the most sophisticated hackers are now more ubiquitous and are more easily deployed at scale.”
The hackers are also becoming more adept at leveraging information, using it to link account credentials and mask purchasing behavior and illicit activity that the schemes are nearly impossible to detect.
Unless, on the other side of the equation, the defenders — the banks and enterprises — also use artificial intelligence (AI), advanced technologies and collaboration to thwart the schemers.
Financial institutions (FIs) and other enterprises are no strangers to using AI and other technologies to identify fraudsters. Networks may have historically placed a strong focus on identifying suspicious transactions, rather than putting as much intelligence into identifying legitimate customers.
But that’s changing.
Gipson said that Discover Global Network has also been fostering robust collaboration and communication between stakeholders about fraudulent events and new types of attacks that have been deflected.
“By having more channels and forums for exchanging information about the types of suspicious activity that we’re experiencing,” he said, FIs can build a more robust defense system. He added that the network approach can battle waves of bot attacks and denial of service attacks.
“But to me, the best thing is to exchange more information about good customers,” Gipson told PYMNTS, an effort underpinned by offering such as the Enhanced Decisioning tool by Discover, which helps make informed decision to approve or decline a transaction.
Each time someone logs into a merchant website or app, the platform gleans information about IP addresses, email addresses and other data that provides context about individuals’ behavior and whether authentication or other friction must be injected into the mix of payment flows.
The merchant provides context as to whether they “know” the consumer, said Gipson, and the issuer can correlate that assertion with the information that it has on file, leading to what he said is a “commonality of ‘OK, this is a good customer, even if their behavior does not quite fit the ‘norm.’ This allows the ecosystem to recognize new patterns and get smarter.”
Approval rates increase, and successful fraud incidences decline. Discover Global Network, Gipson said, also has a pre-authorization product in place that verifies the consumer as the “true” cardholder in advance of the transaction being run. By partnering with merchant and issuers, he said, Discover can help validate transactions, and even help keep consumers informed after the transactions are completed, and show up on statements, so that confusion, disputes and chargebacks are lessened.
“When your issuer partners are aware of the commonality of some of those data elements, then they’re able to let their authorization approval rules be a little bit more relaxed than they otherwise would, and that helps drive more revenue for the ecosystem as a whole, as well as having that good experience for the legitimate customers,” he said. “There’s a lot to be gained from interactions like that.”