Whether you’re loving working in your pyjamas, or craving water-cooler talk and a fully adjustable office chair, there’s one group who have unequivocally benefited from the sudden rise of remote work. For cybercriminals, the increased time we spend online has created a perfect storm of opportunity.
“Within a matter of weeks, we experienced the kind of increased digitalisation that would typically happen over a period of several years,” says Ajay Bhalla, president of cyber and intelligence at Mastercard. But there are side effects: “We’ve also seen a 47 per cent increase in companies reporting fraud, and global fraud is now reaching a 20-year high.”
Cybercriminals have got smarter
The problem is not only this recent uptick in frequency, but also a pre-existing increase in sophistication. Gone are the days of battering down the doors with brute force attacks. The new cybercrime is stealthier, with one in every three cyberattacks now involving the use of AI to imitate human behaviour, according to Bhalla.
“The ancient strategy of high walls and deep moats is passé,” says Neil Costigan, CEO of behavioural biometrics start-up, BehavioSec. “Modern attacks like Man-in-the-Middle, social engineering, remote access and trojan horses only act once the initial barrier is deceitfully bypassed.”
Fortunately, it’s not only the criminals who are employing artificial intelligence to their advantage.
Mastercard has been developing and embedding AI-driven tools across its systems for many years, using the technology to manage huge volumes of data securely and to provide quicker, easier and safer ways for people to transact and interact.
By helping to detect cyberattacks, hacks and breaches, AI makes the digital ecosystem safer for governments, banks, merchants and consumers. During the last year alone, it helped the company prevent $20 billion dollars in fraudulent activity.
Whether you are shopping for groceries or a new car, be it at a physical store or on your computer or mobile, AI is making it possible to approve genuine transactions in milliseconds, for a smoother consumer experience.
One of these smart solutions is Mastercard’s Decision Intelligence, which automatically learns how an account is typically used, so it can detect normal and abnormal shopping spending behaviours. Monitoring transactions in real time, it scores them for the likelihood of fraudulent activity.
“In some cases, Decision Intelligence has reduced fraud by up to a 53 per cent,” Bhalla says, “while also increasing the rate at which legitimate transactions are approved.”
This is especially important for online retailers, which have limited visibility into the consumer during the transaction. The cost of consumer transactions being falsely declined could amount to as much as $443bn in lost sales annually by 2021, according to research from the research and advisory firm, Aite Group.
Enabling frictionless transactions
AI is also helping change the consumer experience by supporting technologies such as biometrics. Technology pioneered by Mastercard’s NuData uses machine learning, a subset of AI, to build up a profile of a user’s individual behavioural patterns, from typing speed to mouse movements. By then tracking an account’s ongoing interaction with a system, it can detect anomalies that may signal they are not who they claim to be – or if they’re not even a person at all. Among the most significant cybersecurity threats are bots, which behavioural biometrics can identify and eliminate.
“A great benefit with behavioural biometrics is that they don’t require anything extra from the users,” Costigan points out. “There’s no need for scanners, physical tokens, passwords or personal questions. Behavioural biometrics are collected and analysed in the background, and people simply go about their business the way they always have.”
The more data behavioural biometric learning algorithms analyse, the more sophisticated these systems can become in spotting suspicious patterns, helping companies like Mastercard to constantly stay one step ahead of cybercriminals. Bhalla points to how NuData recently blocked a sophisticated attack by detecting that it was coming from a phone that reported itself as lying flat on its back.
“In this case, the speed at which the credentials were typed was simply impossible for someone using a phone lying on a table, so we immediately knew that this is not a real person making the transaction,” he explains. “Combining all the metrics we have access to allowed us to detect that unusual behaviour and step in before the damage was done.”
“Like every new technology, AI can be used positively, or it can be used negatively,” Bhalla says. “I’ve always been an optimist that with good technologies we can ensure that we progress as a society, and aren’t hindered by the few who try to create problems for everyone else.”