Inside the algorithm: How gen AI and graph technology are cracking down on card sharks

Online fraud is big business, and those who engage in it wear many hats: hacker, marketer, salesperson, even customer service specialist.

Using spyware, malware and other practices such as card skimming, fraudsters steal millions of payment card numbers and resell this data on illegal websites. They even advertise their plunder with partially revealed card numbers — just enough information to tempt potential customers but not enough to identify the cards and stop future fraud.

Until now. Using a combination of generative AI, which trains itself to create new content based on large datasets, and graph technology, which can detect relationships and patterns among data points, Mastercard data scientists are now able to uncover these compromised cards before they’re used at double the previous detection rate.

Yatin Katyal is part of the team at Mastercard’s AI Garage that developed the algorithm. These data scientists, based largely in Gurgaon, India, develop cyber and intelligence solutions, apply their AI expertise to challenges encountered both within the company and by customers, and engage in patent-producing research in fields such as sequential data, graph modeling and synthetic data modeling.

The Mastercard Newsroom recently asked Katyal for an under-the-hood look at how the AI Garage tackled the challenge and how it’s using emerging technology to fight fraud. “The best thing is when your algorithm finally starts to work,” he says. “For me it’s more of an art than a method until you have solved for it.”

Mastercard has been using artificial intelligence in its cybersecurity solutions for years. How are we harnessing AI in new ways to better identify compromised cards?

Katyal: We have been working closely with our Cyber Secure team, which helps banks around the world proactively identify cyber vulnerabilities and detect potential data breaches, to create an algorithm to identify more Mastercard compromised cards on illegal websites. The main challenge was that only a portion of the card numbers could be identified. That’s because fraudsters place part of the 16-digit card credential on illegal websites for sale to other criminals. With only partial information — the last four digits, for example — that data can be associated with one or more cards, making the problem very difficult to solve.

We also saw that these potentially leaked cards on illegal websites are, unsurprisingly, used in a higher proportion of so-called BIN attacks — where fraudsters use automated software to guess and test various combinations of credit card numbers, starting with the bank identification number — and fraud cases. The patterns, however, keep shifting as attackers’ methodologies evolve rapidly. This led us to consider using graph database technology, which focuses on the relationships between data points and can track all potentially risky or leaked cards in the network to improve our prediction algorithm.

So how does it work?

Katyal: We use recently reported fraud transactions, known or suspected compromised merchants, and other signals such as testing pre-authorized transactions, to scan for recent activity that could be fraudulent. We don’t directly scan illegal websites for compromised cards — we work with partners and third parties to obtain the data we need to track fraudulent activity.

Using generative AI, advanced algorithms and graph technology, we are able to predict the full 16-digit card numbers of these compromised cards and the likelihood of such cards being used by criminals. This information will enable banks to block suspect cards much faster than we previously thought possible. The algorithm analyzes cards and merchants, generating links between them based on the associated risk. These links are continuously created or dropped with each iteration of new data. After this process, the algorithm generates a list of potentially at-risk cards on illegal websites and indicates the likelihood of such cards being used by criminals.

What edge does graph technology give Mastercard and its customers?

Katyal: We already use AI to detect and stop card fraud. But by using generative AI, this technology allows us to better protect future transactions against emerging threats than was possible with traditional statistical or machine learning-driven solutions. Graph technology helps track activity across the Mastercard network, making it more efficient.

For example, one card can map to 200 cards, with risky links to one merchant where 30 of the compromised cards were used. We can alert banks more quickly and with greater accuracy. The cards can then be blocked and reissued. Attempted transactions on the compromised cards can be continuously monitored to mitigate fraud and enhance cybersecurity.

We’ve already incorporated the technology into Cyber Secure, enabling issuers and merchants to better understand and assess cyber risk across their systems, preventing potential breaches.