Preventing Payment Fraud: Why We Need a Proactive Approach to Turn the Tables
Final installment in a 3-part interview series with former Gemini Advisory CEO and current Recorded Future VP of Fraud Solutions, Andrei Barysevich
On March 16th, 2021, revolutionary fraud analytics provider Gemini Advisory was acquired by Recorded Future, and recently rebranded as Recorded Future Payment Fraud Intelligence. I sat down with Andrei Barysevich, the former Gemini Advisory CEO and current Recorded Future VP of Fraud Solutions to discuss the early trials and tribulations of Gemini, the transition to Recorded Future Payment Fraud Intelligence, and his thoughts on the future of payment fraud for an exclusive three-part interview series.
- Part I: Fraud Teams Need Intelligence, Too
- Part II: E-Skimming to Crypto Fraud, The Modern Ways Fraudsters Steal Money
- Part III: Preventing Payment Fraud: Why We Need a Proactive Approach to Turn the Tables
This interview has been lightly edited for clarity and brevity.
Security controls keep getting tighter and tighter, but fraudsters seem to be able to stay one step ahead. How do issuers and merchants turn the tide in the fraud battle?
The short answer is that they need to change their mindset to start being more proactive. We’ve seen from our experience that financial institutions tend to be very slow in adopting new methods. Additionally, they operate on the basis that first they need to see losses, and then need to feel them, and only then will they do something about it.
What they need to understand is that time is not on their side. Fraudsters have all the incentives in the world to be innovative, and they are granted the time to come up with new, clever ideas and methods. Every day that goes by gives criminals an undue advantage. If financial institutions are willing to switch to a proactive mindset that allows their investigation and intelligence teams to proactively explore and try new things to enhance detection and strengthen defenses, then and only then will they be able to turn the tables.
If you were the Head of Payments, Head of Fraud, or CISO at a card issuer, what would be keeping you up at night for the next 12 to 18 months?
Currently: the economy. We all know it’s not doing that great, and when the economy is not doing great, a lot of people turn to fraud as their primary or secondary means of income. We saw a huge spike in all sorts of fraudulent activity during the early Covid-19 times. Then when we saw a rebound in the economy, the fraud levels dropped and stabilized. Now the economy is showing some signs of a recession, and frankly, I would be concerned that more people will turn to fraud as they’re trying to supplement for a loss of income or to make fraud their primary source of income.
This is why proactiveness should be top of mind. How do I predict what will happen based on what happened in the past? By no means am I implying that the bad guys will start doing exactly what they’ve been doing in the past. The unfortunate truth of fraudsters is that they’re always coming up with something new; they’re always keeping us defenders on our tippy toes.
If you were a CISO for a merchant, what fraud-related problems would be keeping you up at night?
For larger merchants, I would say privacy concerns would be top of mind. Compliance concerns would be top of mind and should be top of mind. For smaller businesses, it would be the increased number of fraud attacks.
For example, in the UK, they launched a protocol that requires merchants to request two-factor authentication if a transaction hits a specific threshold. What we’ve learned is that the bad guys are simply doing many smaller transactions. They’re not going near the threshold. But by doing many smaller transactions, not only have they been more successful, but they can do more of them without triggering the alarms because the merchants tend to overlook these smaller transactions. All these losses are compounding, so for the small- and medium-sized businesses, I think they should be concerned about just simply losing their business.
We’ve seen many cases where hacking and fraud attacks have cost owners their businesses. Fraudsters are like flies; if one of them finds a loophole, they will share it across their community. Then very quickly, a single victim will be dealing with hundreds, maybe thousands of attacks coming from various fraudsters across the globe. No small business can tolerate and handle so many fraud attacks all at once, so they really need to be concerned with surviving as a business.
Wrapping up the series, throughout your journey of starting Gemini Advisory, to being acquired by Recorded Future to evolving Gemini into Recorded Future Payment Fraud Intelligence, what’s the biggest lesson you’ve learned?
Never stop innovating; never stop looking for the next thing.
Book a demo of Recorded Future Payment Fraud Intelligence to begin disrupting fraudsters at every step of the compromised payment card lifecycle.