Mastercard has announced Threat Scan, a global service designed to help banks proactively identify potential vulnerabilities in their authorisation systems. The service was showcased at the Mastercard Cybersecurity Summit in Croatia.

Cyber criminals are relentless in their efforts to exploit weaknesses in authorisation systems. According to the Boston Consulting Group, cyber attacks hit financial services firms 300 times more often than companies in other industries. With cyber attacks on the rise, implementing fraud technology tools may not be enough to mitigate the risk. Threat Scan complements an issuer’s existing fraud tools by proactively imitating known criminal transaction behaviour to assess their authorisation system responses before exploitation and fraud loss can occur.

“Our customers increasingly rely on us to provide solutions that help make their systems safer and more secure," said Johan Gerber, executive vice president, Security and Cyber Innovation at Mastercard. "Threat Scan enables our customers to stay one step ahead, act faster and minimise the risks that expose them to attacks. As cyber attacks grow in scale and sophistication, it is critical that we advance trust in our payments system.”

How it works

Using an evolving array of test scenarios from Mastercard global insights into criminal behaviours, the Threat Scan application simulates known fraudulent attacks on issuers and pinpoints authorisation security weaknesses.  As cyber criminals identify new ways to gain access into a system, the scenarios can be added to the range of tests and instantly ran against systems globally. When the scan is completed, issuers will see the results immediately in the Threat Scan application report pane. The resulting insights enable issuers to assess their fraud exposure and take targeted actions that shore up the weakest links in their defences before fraud occurs.

“Threat Scan is part of our multi-layered security strategy to secure the payments ecosystem," said Gerber. "Customers who participated in our pilot told us they gained valuable insights into how to secure their authorisation systems against future attacks. Many were surprised by what we found.”