Mastercard senior vice president Ramanthan reckons that the use of AI-powered tools prevented about $52 billion in fraudulent credit card transactions in 2018-19.
Ramanathan added that Mastercard still sees more than three fraud attempts per second, which is prompting a deeper dive into fraud analytics and AI technologies as attacks have become more sophisticated. For the near future, he thinks that behavioral biometrics will step to the fore in securing online payments.
Ashwani Mishra interviewed Ramanathan about the rise in the use of biometrics to prevent fraud in this excerpt from an article in CIO.com:
…the next evolution will be behavioral biometrics. This means that it will allow us to either use the native biometric of the device or opt for other capabilities. For example you can have an app which allows for a fingerprint or facial recognition technology to be used that is independent of the device technology.
We have partnered with EMV to push towards biometric technologies for authentication. This was basis the findings that customers have a very strong preference to use biometric for their authentication mechanism than using One Time Password or OTPs that they receive on their mobile device.
We acquired a company called NuData Security that specializes in the area of behavioral biometrics. It helps businesses prevent online and mobile fraud using session and biometric indicators. It has feature called NuDetect that uses biometric capability based on the manner a customer interacts with his/her device and is then able to identify the customer behind the device. These include the manner in which one holds a cell phone, makes finger swipes, the pressure applied on the device, typing speed etc. This can then be used to create a signature for the customer, and it is a quick way of identifying whether the customer is authentic or a fraudster.
All these capabilities play a strong role in account take-over attacks, and the technology can be used well beyond payments. It is basically anywhere where you want to identify a customer behind the transaction. We are also trying to use what we call as a permanent device ID or trusted ID for users. Once a device has been located on the network, we try to make that device as a permanent ID for the customer.
