Visa unveiled a suite of new security capabilities designed to help detect fraud and disrupt threats targeting financial institutions and merchants.

AWS Builder Community Hub

At its U.S. Security Summit 2019, the multinational financial services corporation announced that the new capabilities will be available to all Visa clients at no additional cost or sign-up. The company specifically highlighted the following four measures:

  • Vital Visa Signs: Monitors transactions, notifies institutions of potentially fraudulent activity at ATMs and enables the financial services company to step in and suspend the malicious activity, if need be.
  • Visa Account Attack Intelligence: Applies deep learning on the corporation’s card-not-present transactions in an attempt to identify those financial institutions and merchants whom fraudsters might be targeting via automated testing.
  • Visa Payment Threats Lab: Sets up an environment where the company can test a client’s settings for errors that could produce a vulnerability.
  • Visa eCommerce Threat Disruption: Uses technology and other techniques to scan front-end eCommerce websites for signs of payment skimming malware.

This announcement effectively responds to the growing number of threats targeting entities in the financial sector. In particular, Magecart groups have been ramping up their attacks targeting organizations’ e-commerce websites. Some Magecart actors were using spray and pray tactics to discover misconfigured Amazon S3 buckets and deploy their payment card skimmers in the summer of 2019, for instance.

RL Prasad, senior vice president of payment system risk at Visa, explained that these and other threats motivated the company to help better protect financial entities. As quoted in a statement:

Cybercriminals attempt to bypass traditional defenses by stealing credentials, harvesting data, obtaining privileged access, and attacking trusted third-party supply chains. Visa’s new payment security capabilities combine payment and cyber intelligence, insights and learnings from breach investigations, and law enforcement engagement to help financial institutions (Read more...)