India

Payments fraud continues to evolve at a pace that strains conventional defenses, as increasingly automated attacks expose the limits of static controls and legacy authentication methods. The risks are no longer confined to isolated incidents. They now reflect a system under continuous probing, where response times and data quality determine whether losses are contained or compounded.

As William Fitzgerald, vice president of Global Anti-Financial Crimes at WEX, explained, traditional anti-fraud efforts have imposed a natural ceiling on performance.

“You were really reliant on what a human or a spreadsheet or a binary rule engine could correlate at one time,” he told PYMNTS, noting that analysts often needed hours or even days to connect related signals across accounts. That lag created exposure.

Fraud decisions are no longer made with the benefit of extended review cycles.

“We don’t get 30 seconds to evaluate that transaction,” Fitzgerald said. “We get time boxed to 500 milliseconds.” Within that narrow window, systems must assess risk, authenticate users and determine whether to approve or decline a transaction. The shift has made real-time data processing and model-driven analysis essential rather than optional.

Data as the Control Layer

At the center of that transformation is data itself. Fitzgerald was direct on this point. “Data is the lifeblood of AI,” he said. “Your capabilities with AI are directly tied to how governed and accurate and enriched and contextualized your data is.” In practice, this means fraud detection is no longer about collecting large volumes of information but about structuring and enriching that information so it can be acted upon instantly. The quality of inputs determines the precision of outputs.

That precision carries implications for the customer experience. Fraud controls that rely heavily on one-time passwords and other interruptive methods introduce friction that can alienate legitimate users. Fitzgerald argued that the objective is to reverse that order of operations.

“We want to be as passive as possible upfront,” he said, as part of the What’s Next in Payments series on the “data game.”

Instead of forcing users through repeated authentication steps, institutions can rely on background signals that confirm identity without disruption.

Artificial intelligence has accelerated that transition by enabling systems to process far more variables simultaneously than earlier tools could manage.

“AI takes binary decisions and allows us to correlate hundreds of features all at once,” Fitzgerald said. This broader view improves both detection rates and false-positive reduction, two metrics that have historically been difficult to balance.

Behavioral Signals and Constrained Payments

Those features extend beyond transactional data into behavioral analytics, which has become a valuable signal set. Fitzgerald pointed to behavioral biometrics as one example, including how users type, how they interact with devices and even whether they are left- or right-handed. When combined with spending patterns and temporal indicators such as transaction sequencing, these signals create a layered profile of expected behavior. “When you consider all of those signals … they become highly predictive,” Fitzgerald said.

He highlighted passkeys as a mechanism that can strengthen identity assurance early in the customer journey. By establishing a higher level of confidence at the outset, institutions can reduce the need for repeated challenges later. “If we can collect that and get a user to interact with that authentication protocol upfront, everything downstream becomes easy,” he said.

The same data principles extend into payment instruments themselves, particularly virtual cards. Fitzgerald described how constrained parameters can limit exposure if credentials are compromised. “You can only spend it at this merchant for this amount,” he said. “To a fraudster … that’s a far less useful card.” By narrowing where and how funds can be used, organizations reduce both the incentive and the opportunity for misuse.

Across these developments, a consistent theme emerges around how institutions will compete in what Fitzgerald described as the “data game.” Success is not defined solely by blocking fraud. It is defined by doing so while maintaining a seamless experience and controlling operational costs.

“Winning starts with customer experience,” he said, emphasizing low friction and high precision as core objectives. At the same time, organizations are expected to scale without proportional increases in expense, placing pressure on efficiency.

Adaptability rounds out the equation. Fraud tactics change quickly, and defenses must evolve just as rapidly. Fitzgerald pointed to the importance of modular infrastructure and flexible data architectures that support fast decision-making and continuous refinement. Institutions that cannot adjust in real time risk falling behind.

Fitzgerald underscored the balance required to move forward. “Low friction, low interference, very high precision,” he said, describing the standard institutions must meet. “If those aren’t your three, you’re going to be pretty far behind.”

Both risk and opportunity across the payments industry are being increasingly defined by what happens in a millisecond—and what doesn’t.

“What AI (artificial intelligence) has done is enable us, in that real time, in that moment, to process multiple input signals and create a composite view of whatever decision we’re making,” Kaushik Gopal, executive vice president, insights and intelligence at Mastercard, told PYMNTS during a discussion for the April edition of the “What’s Next in Payments” series, “The Data Game.”

“Data isn’t a game,” Gopal said. “It’s foundational to our entire business.”

For a network like Mastercard handling billions of transactions, even marginal improvements in fraud detection, conversion or customer experience can translate into outsized impact. But those gains depend on data being both usable and responsibly governed.

Gopal described a “flywheel” model in which transactions generate data, data produces insights, and insights feed back into better decisions across the ecosystem. The catch is that this loop only works if participants believe in it.

“It’s all centered around one word, and that’s trust,” Gopal said. “Making sure that people in the ecosystem — consumers, merchants included — understand that we manage data based on principles of trust, privacy and transparency.”

Why Payments Success Hinges on Speed, Signals and Trust

If trust is the foundation for data to have its greatest effect, artificial intelligence (AI) is becoming the engine. The shift in terms of real-world impact is less about novelty than it is about velocity.

“AI didn’t just arrive overnight—we’ve been using it for years,” Gopal said. “It’s a computational tool that allows us to accelerate the outcomes of converting data into useful and actionable insights.”

For example, while early fraud systems relied on static rules like thresholds that triggered approvals or declines, today, Mastercard processes multiple signals simultaneously, from behavioral patterns to geolocation, in real time. The decision window has shrunk to milliseconds.

This evolution from rules-based systems to time-series models, graph analytics and now AI has transformed the economics of decision-making. It’s no longer just about accuracy; it’s about balancing risk with experience. A false decline can be as costly as fraud itself, especially in eCommerce environments where friction leads to abandonment.

“Every interaction and transaction has to be viewed in its own context,” Gopal said, adding that this context spans three temporal layers: before, during and after the transaction.

What was once simple, like flagging a jewelry purchase in Thailand for a customer who never traveled, is now far more complex. Cross-border eCommerce has blurred geographic signals, requiring systems to interpret a richer set of variables, from IP addresses to merchant location and transaction currency.

In response, identity verification, behavioral analysis and post-event feedback loops (such as chargebacks) now can all contribute to a continuously evolving risk profile evaluated not in isolation but as part of a broader behavioral narrative.

“It creates a virtuous cycle in terms of how we manage fraud risk in the AI age,” Gopal said. “Converting data into insights gives us the intelligence to get ahead of bad actors.”

Winning With Data Over the Next Phase

While fraud prevention remains the most immediate use case of data application, Gopal also sees broader implications for customer experience. Data, in this view, becomes integral not just for dashboards or reports, but to power interactive, adaptive intelligence.

Instead of requiring expertise in analytics platforms, users ranging from bank executives to retail operators may increasingly rely on AI-driven interfaces that interpret data and recommend actions.

“The way our customers interact with our tools is going to fundamentally shift,” Gopal said. “You go from self-discovery to chat-assisted discovery to agentic support.”

Another consequential application of data that’s gaining momentum today lies in credit underwriting, particularly for “thin file” consumers and small businesses that lack traditional credit histories.

“The more data sets that you have and the better modeling techniques, the more you can start to support the areas that are underserved,” Gopal said.

By combining payment data, cash flow signals and open finance inputs, Mastercard aims to provide a more holistic view of financial health. The same capabilities that detect fraud such as pattern recognition, real-time analysis and multi-signal modeling can increasingly be leveraged to expand access to capital.

Enter the Agentic Economy

For payments networks, the emerging phase of agentic commerce and payments may mean rethinking everything from authentication protocols to fraud models, as transactions are no longer initiated directly by humans but by autonomous software acting on their behalf. The agentic era could also open new opportunities in areas like automated discovery, where agents negotiate offers on behalf of users in real time.

“You were identifying a consumer. Now you’re identifying an agent. New fields and new data elements are going to emerge in the transaction that didn’t exist before,” Gopal said.

This shift is already introducing new layers of complexity and new definitions of trust as identity extends to include digital agents, requiring a transition from know your customer (KYC) to what Gopal called “know your agent” (KYA).

As AI capabilities accelerate, the question for enterprises is not whether to adopt them, but how. Mastercard’s own advisory work with clients reveals a recurring challenge: prioritization. Attempting to do everything at once can often lead to failure. Instead, companies can work to better align data strategy, infrastructure and use cases with clear business objectives.

“Ensuring that you know what outcomes you want is really, really key,” Gopal said. “And having an execution partner to help you get you there is equally important.”

Equally important is discipline. “AI is only as good as the data that you have and how structured that data is,” he said, stressing that testing environments, sandboxing and incremental deployment remain essential even as competitive pressure pushes organizations to move faster.

Ultimately, the future of payments may hinge less on any single technology than on the interplay between trust, data and intelligence. Mastercard’s bet is that these elements will reinforce one another: Data fuels insight, insight improves outcomes and better outcomes strengthen trust.

Instead, the contest is between open and closed systems, he said, Bloomberg News reported Wednesday (Feb. 18).

“Betting on open source is something Europe is doing actively and heavily,” he said during an interview at the AI Impact Summit in India, per the report.

Open-source technology is a “safer bet” for India and other countries that wish to build AI on local infrastructure, he said, according to the report. Open models can include cultural nuances, like the hundreds of languages spoken in India, and are easier to deploy on local infrastructure.

Mistral is viewed as Europe’s best option for competing with large AI companies in the United States, the report said. The company has championed its “open weight” AI models as a differentiator.

AI models from companies such as Google, OpenAI and Anthropic are closed-source, meaning the underlying code isn’t publicly available.

Mensch told the Financial Times (FT) last week that Mistral’s annualized revenue run rate, a figure based on the previous month’s sales multiplied by 12, was “north of $400 million,” compared to $20 million a year ago.

Easy access to debt financing means Mistral won’t need to go public this year, a path OpenAI and Anthropic are taking, he said.

“This is definitely something we have in mind for the next few years,” he said, to “guarantee our independence down the line.”

The desire for independence is something felt by companies and governments throughout Europe due to worries about U.S. foreign policy, the FT report said.

Meanwhile, AI is changing the way companies handle billing for software-as-a-service (SaaS) products.

“For the better part of two decades, enterprise software ran on a deceptively simple economic engine: the seat,” PYMNTS reported Wednesday, meaning that companies would buy a certain number of licenses or subscriptions.

But with AI, software spending is tied to how intensely models are exercised, not who uses the tool, leading to “a cost model that behaves less like a subscription and more like a commodities market,” the report said.

For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.

With the company’s new office in Bengaluru, announced Monday (Feb. 16) and partnerships with the likes of Air India, the maker of the Claude chatbot is hoping to boost AI usage in the world’s most populous country.

“India is the second-largest market for Claude, home to a developer community doing some of the most technically intense AI work we see anywhere,” Anthropic said in a news release. “Nearly half of Claude usage in India comprises computer and mathematical tasks: building applications, modernizing systems and shipping production software.”

Among the company’s new partnerships is a collaboration with Air India, which is employing Claude Code to help developers ship custom software faster and at reduced cost as it tries to increase agentic AI usage.

Meanwhile, online payments platform Razorpay has integrated AI into risk systems, decision-making processes, and operations throughout the company. Emergent, an AI-powered platform built solely using Claude that allows users to build software by describing what they want in plain language, achieved $25 million in annual recurring revenue and two million users in under five months, Anthropic said in the release.

“India represents one of the world’s most promising opportunities to bring the benefits of responsible AI to vastly more people and enterprises,” said Irina Ghose, managing director of India for Anthropic, said in a statement. “Already, it’s home to extraordinary technical talent, digital infrastructure at scale, and a proven track record of using technology to improve people’s lives. That’s exactly the foundation you need to make sure this technology reaches the people who can benefit from it most.”

At the same time, India presented a challenge to Anthropic: while more than a billion people there speak upwards of a dozen officially recognized languages, AI models to perform better in English than in other languages.

To that end, Anthropic has launched an effort to close this gap by cultivating training data using 10 of the most widely spoken languages in India, leading to improvements in its models.

As covered here last month, India has emerged as the most aggressive adopter of agentic AI, with nearly half of organizations pointing to it as a chief strategic focus and roughly half of all executives expecting AI to generate over 15% revenue uplift in the next five years.

“India’s adoption is even more extreme compared with the rest of the world,” said Anthropic Co-founder and CEO Dario Amodei, per a report Monday by Bloomberg news. “We can do experiments with hundreds of millions of people.”