The Visa cyberfusion center in Ashburn, Virginia, is so sure that Michael Jabbara, global director of anti -fraud services of the Credit Cards network based in San Francisco, has difficulty crossing its double door. Accompanied by a Forbes journalist, he scan his credential to pass through the first door; A sensor emits a beep, but does not unlock. Finally, with the help of the place security equipment, we managed to cross both doors (the second requires fingerprint and credential) and access the cyberfusion center, located in the heart of a safe campus of 17 hectares. If you enter this visa complex without the authorization of the security personnel who monitor the door, you could end up in a drainage pond, a modern protective pit.
Within the Fusion Center, analysts monitor a large screen that shows various data that reflects the fluidity with which the avalanche of visa transactions is processed – about 310 billion for a value of 15.9 billion dollars in 2024 – worldwide, and where a high level of suspicious activity is recorded. “Many suspicious attacks are managed automatically, but there are certain incidents that require human intervention and are managed through a coherent action plan,” explains Jabbara.
With its credential working, Jabbara guides us through another set of safe doors towards the situation room, where a large screen shows more graphics and lists, in addition to news. In this room, employees observe threats against visa customers: the 14,500 financial institutions in more than 200 countries that are part of the world’s largest credit card network. Jabbara points out a graph that shows an ongoing brute force attack in which the scammers bombard suppliers with thousands of attempts to obtain an account number, an expiration date and a three -digit CVV code that will work together. “Our goal is to make sure of detecting large -scale attacks that could result in catastrophic losses or in the loss of consumer confidence,” he says.
Within the situation room there is another smaller conferences room that houses another visa unit; The workers of this supervise the cybersecurity of visa network operations. “One of the aspects that has really benefited us is the close collaboration between cybersecurity and fraud, because threats are common, the actors are common,” says Jabbara. This is especially true, he adds, as fraud networks have become more sophisticated and nation states are more involved in fraud and cyber attacks.
It is late in Virginia, but at nightfall, this center will be emptied and the Visa security centers in London, Bangalore and Singapore will manage most of the activity. In total, Visa now has more than 1000 employees worldwide dedicated to risk and safety management, and claims to have invested $ 11 billion in anti -fraud technology in the last five years. At the same time, it has been developing a parallel business that sells the experience in the fight against fraud that it has had to develop: about 1500 million dollars of the 35 900 million dollars of visa income in 2024 came from the sale of risk and security management services.
Both fraud and the fight against fraud are large businesses, and artificial intelligence increasingly drives growth on both fronts. During the Cyber Monday last November, Visa reported an interannual increase of 85% in The attempts of fraud and a surprising increase of 200% during the first official weekend of Christmas purchases, increases that it attributes largely to AI.
The word “attempts” is key, since most are frustrated, says Steve Yin, global transunion fraud. (The important credit agency obtained 7% of its 4.4 billion dollars in revenues of 2024 selling fraud prevention software). Transunion estimates that 5.2% of all attempts of digital transactions in the first semester of 2024 implied fraud suspicions, and the vast majority of these were blocked.
Read more: Trump freezes 2,200 MDD of federal financing to Harvard after refusing to meet their demands
Within the arms race between the scammers and visa
Even so, the cost of successful fraud is growing, although at a much lower pace than that of attempts. Juniper Research estimates that worldwide commerce scammers seized 44 billion dollars in 2024 and will divert 107 billion dollars by 2029, which represents an annual growth rate composed of 19.5 %. “It is a constant arms race,” observes Nick Maynard, vice president of Financial Technology Market Research from Juniper.
On the part of the scammers, AI helps them launch more complex and sophisticated attacks in various ways. Among other things, they can supplant people’s identity through Deepfakes; launch massive attacks to find vulnerabilities in systems; Use bots to navigate by websites and extract information; and generate more credible emails that induce people to provide confidential information.
The protectors also depend on AI. Visa now uses 115 different cybersecurity tools that collect and analyze information of more than 300 resources, according to SUBRA KUMARASWAMY, Director of Visa Information Security. The company has developed some of these tools, including a behavioral analysis platform and its threat intelligence fusion platform. It also collaborates with cybersecurity tools such as Microsoft, Thales, IBM, Zscaler, Cloudflare, Checkpoint and Palo Alto Networks.
Since companies simultaneously use so many different anti -fraud tools and that new variants that fight, the anti -arude sector is also a fertile terrain for Fintech startups. It should be noted that five companies from the Forbes 2025 Fintech 50 list (Alloy, Datavisor, Person, Sentilink and Zip) help companies prevent financial fraud, each with their own specialty. Datavisor, for example, uses what is known as “non -supervised” automatic learning to find correlations in apparently unrelated events that could represent networks or fraud methods previously discovered. Sentilink, which initially stood out in the fight against synthetic identity fraud (in which scams combine real social security numbers and false names), recently developed a tool to detect false identity abuse, a new variant in which scammers exploit real identities of people who entered the United States with temporary visas and subsequently have left. (Synthetic identities and other false identities are used, among other things, to acquire credit cards, request loans for cars and personal, and open bank accounts used in fraudulent schemes).
Visa is not the only large credit card network that considers fraud not only a threat, but a business opportunity. In December, Mastercard, the second largest network, ended the acquisition of Recorded Future for 2,650 million dollars, a cybersecurity company with a strong focus on artificial intelligence, with 1,900 customers in 50 countries and 300 million dollars in annual income. Last year, before this agreement was announced, Mastercard launched a service with Recorded Future that seeks to alert banks more quickly when a credit card has been compromised. The alliance, according to the company, has doubled the number of potentially compromised cards identified. (Mastercard does not reveal what percentage of its 28,000 million dollars in revenues by 2024 came from the sale of security services).
Within its own network, Mastercard has been using AI more than a decade to prevent fraud, says Ranjita Iyer, executive vice president of services for North America. Like visa, it monitors transactions throughout its network through AI to detect suspicious activities. Recently, he adds, he has begun to use the generative to predict the behavior of a trade at a given time. This allows you to alert shops if real patterns differ from planned, which could be a fraud alert signal.
Last year, Mastercard also began selling to the banks a system Decision Intelligence pro improved that uses AI to analyze and generate a risk score for each individual transaction in real time (in less than 50 milliseconds), based on the purchase, the trade, the card owner and other factors. The idea is that it will not only detect more frauds, but will also generate less false positives, so less legitimate transactions will be blocked.
Despite all the systems based on AI that fight fraud, human behavior continues to play a key role in facilitating and stopping scams. “If the data is protected, if the infrastructure is protected, what is the weakest point? It is the consumer,” says Jabbara de Visa. “There is no solution that we can send to consumers to be more aware of security. That is why this mass proliferation of social engineering attacks, phishing scams, etc.” has been observed. ” In a transunity survey to adults in 18 countries, 49 % claimed to have been the target of attacks by email, online, by telephone or by text message during the second quarter of 2024.
A booming Phishing scheme: false cancellation messages, that is, text messages or emails that inform users that something that they have bought or reserved will be canceled unless they log in by means of a link included. Of course, if they do, they are stolen from their login credentials.
Earlier this month, when Visa announced a new “scam disruption practice” (a team that includes exprofesional of order forces, as well as AI developers and experts in data visualization), Jabbara offered an intriguing example of the type of fraud that the team is attacking. The scammers sent a phishing link from a dating website that seemed to be an identity verification page. But those who click were involuntarily registered in a monthly billing plan that they never intended to subscribe. The team used the data obtained by deciphering that scam to search for others that operated equally misleading and discovered 12,000 “merchants” involved in the strategy.
The rapid propagation of this variant shows another worrying development: fraud as a service. Just as companies such as Visa and Mastercard sell their anti -fraud experience, scammers also sell their new schemes to other scammers. “They are very intelligent and creative people,” says Yin.
“It is a continuous battle,” says Yin, who trusts the capacity of the fraud deterrence to devise strategies that keep criminals at bay. An area in which Transune is working with its clients is the introduction of more friction in current instantaneous transactions: additional steps that will not bother so much to a legitimate client and to scare away, but that can deter the scammers. Consumers, he says with optimism, “will accept friction if they believe and understand that it really helps them reduce the probability of being victims of fraud.”
This article was originally published by Forbes Us.
You may be interested: These are the 50 most promising Startups of 2025
