Visa Tackles Payment Fraud with New Security Services

Visa this week announced a new set of capabilities aimed at improving fraud prevention and cybersecurity of payment systems.

The new payment security services are meant to detect and disrupt fraud threats targeting financial institutions and merchants, and are available to Visa clients at no additional cost or sign-up.

The most prevalent account-related fraud types at the moment, Visa says, are ATM cashout attacks (where cybercriminals attempt to withdraw money from automated teller machines fraudulently) and enumeration attacks (automated testing of credentials to gain unauthorized access).

At the same time, card-not-present fraud (includes ecommerce, phone and mail orders) was found to be the most damaging to businesses, representing nearly 40% of fraud losses and operational costs.

The first of the newly introduced security capabilities is Visa Vital Signs, designed to actively monitor transactions and alert financial institutions of potential fraudulent activity at ATMs and merchants, to prevent ATM cashout attacks.

With Visa Account Attack Intelligence, deep learning is employed to analyze processed card-not-present transactions and identify any financial institutions or merchants that hackers may be using in enumeration attacks to guess account numbers, expiration dates and security codes.

Visa Payment Threats Lab was designed as an environment to test a client’s processing, business logic and configuration settings to discover any errors that could result in vulnerabilities. It allows Visa to verify if cryptograms (dynamically generated codes unique to each transaction) are correctly validated for EMV chip transactions.

To identify potential website compromise, Visa introduced eCommerce Threat Disruption, a proprietary solution that can proactively scan the front-end of eCommerce websites for payment data skimming malware.

These new capabilities add to the previously introduced Visa Payment Threat Intelligence, which provides cyber intelligence to clients and merchants worldwide, including alerts, analysis, technical indicators, and mitigations for potential cybercrime threats, account compromises and fraud.

“Visa’s new payment security capabilities combine payment and cyber intelligence, insights and learnings from breach investigations, and law enforcement engagement to help financial institutions and merchants solve the most critical security challenges,” RL Prasad, senior vice president of Payment System Risk at Visa, said.

Related: Breach Trends and Tips From Visa Threat Intelligence Exec Glen Jones

Related: Chip Cards Lead to 70% Drop in Counterfeit Fraud: Visa