Mastercard Hypes Artificial Intelligence

Mastercard have deployed 'Decision Intelligence' to scrutinise real time transactions. That sounds impressive - is it?

Corporations and politicians share a tendency to say things that are narrowly true, though a lack of context renders the statements misleading. Mastercard are offering a prime example of this in the security arena.

The card brand has rolled out something it calls Decision Intelligence, which it said “uses artificial intelligence technology to help financial institutions increase the accuracy of real-time approvals of genuine transactions and reduce false declines.”

That sounds pretty good. It then elaborated why it saw this as news: “This is the first use of AI being implemented on a global scale directly on the Mastercard network.” It also labels Decision Intelligence as “a radical new approach,” one that “takes a broader view in assessing, scoring and learning from each transaction. That score then enables the card issuer to apply the intelligence to the next transaction.”

Mastercard’s Ajay Bhalla, president of its enterprise risk and security efforts, is even quoted as saying, “We are solving a major consumer pain point of being falsely declined when trying to make a purchase.”

But the “radical approach” of using AI to intelligently assess fraud in real time has been done by providers that include Forter, Signifyd, Smyte, Stripe Radar, Sift Science, Ravelin, Riskified and Feedzai.

Naturally, unlike Mastercard’s technology, all of them look for problems across payment types, not limiting themselves to transactions from one payment card.

And the claim that Mastercard has solved the problem of false declines is really over the top. There are two problems with that, one involving market share and the other involving the data that Mastercard can apply its AI to.

Mastercard does not have a stranglehold on the transactions market, and in fact Visa processes far more transactions. And while there are merchants that get along without accepting American Express, Diner’s Club or Discover, it’s just about impossible to accept Mastercard and not accept Visa.

That means that, even if this Mastercard effort were perfectly effective, merchants would still have to deploy other antifraud measures for every other payment type they accept. So how does a Mastercard-specific approach help them, given that it is limited to a minority of their transactions?

Here’s what one security executive (who wished to remain anonymous and not alienate Mastercard) had to say about Mastercard’s announcement: “There’s nothing new in their technology or its application. More likely, Mastercard is just trying to fix a deeply broken declines problem and is hoping this will help them look better in the eyes of banks when it comes time to renegotiate contracts.” He then tried to imagine what Mastercard would say to those banks: “‘We can help you reduce declines. Look, we have fancy artificial intelligence.’”

The security executive added that the best AI analytics can’t overcome the limitation that the data that Mastercard has access to — transaction data — is quite restricted. Most security firms use a “machine learning model that is informed by all kinds of data, including how users behave on their site, specific order information, device information, user account details, navigation patterns on the merchant’s website, social networking activity, stuff Mastercard has no access to.”

Any embrace of analytics in security is a positive move. Let’s just hope Mastercard doesn’t believe its own hype. It might have to change its tagline to “Mastercard: We’re everywhere context isn’t.”

Computerworld:      Financial Institutions & Cybercrime:

 

« Amazon Is Using AI To Transform Retail
Behavior Analytics Tools For Cyber-Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

UK Cyber Security Forum

UK Cyber Security Forum

UK Cyber Security Forum is a community interest group for cyber security companies in the UK.

Truepic

Truepic

Truepic provides technologies that prevent fraud, identity theft, misinformation, and disinformation caused by generative, manipulated, or deepfake digital content.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Callsign

Callsign

Callsign’s mission is to seamlessly power the identification of every web, mobile and physical interaction.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

stackArmor

stackArmor

stackArmor specializes in compliance and security-focused solutions delivered using our Agile Cloud Transformation (ACT) methodology.

Searchlight Cyber

Searchlight Cyber

Searchlight Cyber is a leading darknet intelligence company. Working with law enforcement, industry, and end users to help protect society against the threats of the darknet.

Vanta

Vanta

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, GDPR, and other security and privacy frameworks.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.