SAN DIEGO — Payment providers are increasingly turning to artificial intelligence to fight AI-powered fraud.
That’s what payment and banking experts speaking at the Nacha Smarter Faster Payments conference in San Diego said Monday about their hopes for using artificial intelligence to combat increasingly aggressive fraudsters.
“The whole landscape has completely changed and we’re in a situation where we really need AI to fight AI,” said Matt Vega, chief fraud strategist at Sardine, an anti-fraud and compliance startup. He said lawmakers are considering legislation that would allow the industry to make greater use of AI in the fight against fraud.
Fraudsters use AI to test and refine their schemes and quickly deploy them to market. This allowed the threat to spread. As a result, cybersecurity and technology executives are reaching for AI tools that they hope can strengthen their defenses.
“What’s happening now with the use of AI is basically we’re starting to see a huge proliferation of what we call polymorphic agents,” Vega explained in a panel titled “Game-Changing Impact of AI in Payments.” Polymorphic agents Agents are “AI agents that can actually adapt based on the controls that you put in place,” Vega told an audience of banking and payments professionals.
For example, Vega explained how his financial institution clients began seeing an increase in automated attacks related to customer onboarding this month, leading to stronger cyber defenses. Within seconds, he said, the scammers pivoted to find new ways to get past the defenses.
Elizabeth Bourgoin, Google’s head of banking for Google’s cloud services division, said this month Google is seeing a push among its financial customers to better leverage AI to combat the growing threat of AI-powered fraudsters. “Fraudsters are using these same technologies to intervene and bypass safeguards, interact with payment processors, and find vulnerabilities in platforms,” said Bourgoin, who also spoke on the panel.
To this end, the tech giant just launched Google Cloud Fraud Defense, which uses AI-driven agents to identify and patch vulnerabilities. Most of the banks Bourgoin works with are investing in these types of new defenses, she said. “That actually means you have to come forward and start using agents to counter it,” she added.
impose a regulatory framework
In Congress, members of the House Financial Services Committee are considering how they can help create a regulatory framework that makes it easier for financial institutions to use AI in the fight against fraud, Vega said. He said the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation are participating to provide guidance on this front.
“The House Financial Services Committee, the OCC, the FDIC are all on board, working as if they could absolutely start using AI agents in financial institutions and highly regulated institutions as if they could do it 100% right now,” he said during a panel discussion.
In a subsequent interview, Vega declined to comment on which congressional staffers his company had spoken to, but said there was bipartisan support for a new approach to the regulatory framework that would enable the use of AI.
He said the commission and federal agencies are working to create a “regulatory framework that will enable rapid adoption of AI and agent-based AI use cases in financial services.” Although regulators are starting to approve the use of AI by banks, there is no clear framework for AI, he explained. He said legislative work is in its early stages but he expects it to move quickly.
Ben Chance, head of Certos ID and payment risk services at Early Warning Services, was not familiar with the legislation but supported the idea of imposing regulatory oversight. “This is a very powerful tool, and a very powerful tool requires a regulatory framework that allows us to use this tool to improve the ecosystem and fight the criminal enterprises that are fighting us every day,” Chance said in an interview at the conference.
Adapting to increasing fraud
Vega and other speakers on the panel outlined how the banking industry must adapt to the new fraud environment.
Joe Fuqua, head of intelligent automation architecture at Bank Turist, said the industry needs to think hard about how to better secure payment rails and networks, and not at the same slow pace that financial institutions have traditionally approached security..
“For larger institutions, it’s difficult because we tend to move a little bit slower, so we have to learn how to be more adaptable and react more quickly,” Fuqua said, noting that financial services companies generally have “much more horsepower in terms of data and talent compared to most bad actors.”
Fuqua said banks need to ensure their defense systems are constantly monitoring emerging threats and adapting to counter them.
Greg Williamson, head of fraud commercialization strategy at Nasdaq Verafin, a fraud prevention service, said criminals using AI are now competing with financial institutions to use the technology. He spoke with other panelists in a separate conference panel discussion entitled “.Is AI a friend or foe to fraudsters?”
Williamson explained how his “biggest fear” revolves around criminals being able to use AI to test and learn more quickly than the financial institutions they attack. He also said he was concerned about the “industrialization” of fraud, where fraud is carried out on a larger scale.
“AI allows us to do things much faster,” Williamson said, suggesting it could take up to 18 months for banks to pursue new AI models. “They can test, learn and act quickly.”
Dave Excell, founder of cybersecurity firm Featurespace, explained on the panel how one company he services recently inundated its call center with AI-generated calls due to a new type of attack this year.
Meanwhile, Excell explained how Featurespace works. What Visa Purchased leveraged AI in 2024 to better predict what transactions consumers would make based on past transactions, and use that understanding to better detect fraud. The company is also leveraging AI to assist investigators with their investigations and improve the system’s software strategy, he said.
