Visa and FireEye Form a Knowledge Hub for Payments Crime

Visa hopes to cut through the chaos that surrounds security threats by creating an intelligence service to distill and deliver information on vulnerabilities and potential attacks.

"When you look at data compromises, we see increases in frequency and magnitude. There are larger breaches and more cards are being compromised in the breaches," said Mark Nelson, senior vice president of risk products and business intelligence for Visa.

Based on FireEye's technology, the Visa Threat Intelligence service will be offered as a subscription to issuers and merchants later this year. The service includes application programming interfaces that can feed threat data into a merchant or issuer's security systems.

"The API piece is critical, since many organizations are thinly staffed," said Grady Summers, FireEye's chief technology officer, adding the direct access via the API can allow businesses to alert staff within minutes of a security issue. Companies have traditionally been reluctant to share information on security, though they are starting to come around to the idea that beating security risks is something they can't do alone, Summers said.

Subscribers will have access a portal that provides proprietary cyber intelligence for payment systems. The service will also provide alerts, information on attack methods, trends in Web attacks and forensic analysis on recent data breaches.  A premium option will give access to technology that analyzes and isolates malicious indicators from malware to identify suspicious activity from IP addresses and domains. Clients can also opt to form communities to exchange intelligence.

"The threat environment is absolutely escalating rapidly for both issuers and merchants," said Julie Conroy, a research director at Aite Group. "There is also a vast amount of information about the threat landscape, which can make it difficult for merchants and issuers to identify which truly represent a clear and present danger to their infrastructure. I think this service has some really interesting potential, combining Visa's birds-eye view of the payment ecosystem with FireEye's threat intelligence."

Visa Threat Intelligence is also a nod to the long adoption curve for other security measures such as EMV. The long-term strategy is to remove sensitive data from the payment ecosystem through EMV-chip cards, tokenization and encryption, all methods that are designed to render any stolen information useless, Nelson said.

Visa and MasterCard have made a multi-year push to get merchants and other payment companies to adopt tokenization, which replaces traditional account numbers with a dummy code. Tokenization is considered a major part of protecting e-commerce, which is expected to be a major target after EMV becomes widespread enough to deter fraudsters from targeting the point of sale.

"But we will have static magnetic stripe data available for quite some time yet, and we are making sure that stakeholders have tools to help them identify a breach quickly and see the malware that may be impacting their system," Nelson said.

Visa sees an opportunity to improve fraud detection given the size of the overall threat to the sensitive data that flows through automated channels such as mobile apps and e-commerce sites. Data breaches and hacking make big news, but the reality is most businesses are lagging on security.

"I don't think there is a question of whether or not there is enough of a problem; I'd argue that payment breaches are prolific," said Al Pascual, director of fraud and strategy for Javelin Strategy & Research, who said a service like Visa/FireEye's can prioritize incidents and enable companies to act quickly. "Some stakeholders are struggling to stay ahead of the curve. Breaches will only become more challenging going forward."