Robin Reichwald, Head of Ecosystem Risk at Visa Europe, tells Martin Cooper MBCS about how rich data sets, established AI systems and round skillsets combine to keep us safe while we shop online.
Summary:
- Fraud has shifted from physical to remote purchases; in the UK, 78% of unauthorised fraud is now remote purchase fraud
- Visa’s fraud detection systems analyse 400 attributes for every transaction to spot anomalies that could indicate fraud
- The traditional warning signs of fraud are becoming harder to spot, and research suggests that consumers who mistake AI‑generated content for genuine are nine times more likely to fall victim to scams
- Merchants must work together to understand the risk and threat landscape, and monitor for warning signs, while consumers must be vigilant and pause before paying
There are only two certainties in life: death and taxes. That rule has held true for a long time but, open your browser or email client and quite soon another of life's inevitable forces takes centre stage: digital fraud. The internet is not short of people looking to separate you from your hard-earned cash.
In the most recent episode of the BCS Insight Exchange podcast, we meet Visa's Robin Reichwald, head of ecosystem risk across Europe. Robin explores how he, his team and the global payment technology firm use hundreds of data points, AI and a certain Sherlock Holmes spirit to keep vendors and customers safe as they transact online.
Why don't you introduce yourself and tell us a little about Visa?
I currently lead the Europe ecosystem risk function at Visa, where my role is focused on identifying and mitigating emerging threats, and helping to strengthen security across the ecosystem in Europe. We work closely with banks, merchants and partners to make sure the controls and technologies we put in place evolve faster than the threats we face. It’s not enough just to keep up — we want to stay ahead.
Visa’s global network processes around 900 million transactions every single day. That includes everything from everyday purchases like groceries through to international travel and online shopping. The network connects billions of consumers, more than 175 million sellers, and around 14,500 financial institutions across 200 countries. It’s a huge network, and the scale can sometimes feel quite daunting.
But Visa isn’t just about processing payments. What really interests me is the creation of trust across that ecosystem — enabling strangers to transact with other strangers, anywhere in the world, with confidence, in a split second.
I'm interested in your career. What attracted you to risk?
I don’t think there are many people at school doing their GCSEs or A Levels who plan to work in risk at a payments company. It’s not something most people know about, even though it’s a company that’s part of everyday life. I’d worked at a couple of UK banks, but I originally joined Visa in a pure data analytics role, focused on identifying fraud trends and sharing those insights with clients.
From there, I started to take on roles more focused on delivering risk solutions. That meant finding answers to the problems we were seeing in the data, whether that was advising on how PIN data is encrypted and securely transmitted, or helping merchants deter scams across their portfolios.
For you
Be part of something bigger, join BCS, The Chartered Institute for IT.
Today, I lead a team that identifies problems and creates solutions for our clients, combining data, analytics and real business outcomes. That’s the part I find most interesting now — taking data and technology and turning it into genuine business value.
So, how has card-based fraud evolved?
Fraudsters follow consumer behaviour. Whenever a new payment technology or channel appears, criminals look for ways to exploit it.
In the past, fraud was largely physical, with stolen or cloned cards, especially when [magnetic] stripe dominated. As e commerce has grown, fraud has shifted to remote purchases using compromised details.
The encouraging news is that fraud is at historically low levels. Thanks to AI fraud detection, tokenisation and strong authentication, we’ve kept fraud rates very low, but that takes sustained effort and investment.
Talk to us about the dominant types of frauds that retailers are facing today.
Before a transaction, fraudsters may attempt account takeover or identity theft by using stolen credentials. During the payment itself, there is remote purchase fraud, where stolen card details are used online. In the UK, 78% of unauthorised fraud is now remote purchase fraud, showing how much fraud has shifted online over time.
Even after a transaction, retailers can face issues such as refund fraud or chargeback abuse, where dispute processes are misused, sometimes referred to as ‘friendly fraud’.
What about protection for customers… once I’ve clicked ‘buy’, what happens behind the scenes?
When you're online and you click buy, the whole experience is meant to feel simple and seamless. That’s the goal. In reality, a huge amount happens behind the scenes in the milliseconds between pressing the button and receiving the authorisation. Visa’s fraud detection systems are analysing hundreds of signals — 400 attributes for every transaction — as it moves through the network. Those signals help determine whether the transaction aligns with your typical behaviour, the behaviour of the transaction itself, and the patterns seen across the wider network. It’s comparing that single transaction with millions of others to spot anomalies that could indicate fraud. And all of this happens in a fraction of a second.
From an adversary's perspective, what opportunities do you see AI affording?
AI is having a profound effect on the fraud we see. It’s enabling criminals to create scams that are more convincing, more personalised and far easier to scale.
The traditional warning signs of fraud are becoming harder to spot, and research suggests that consumers who mistake AI‑generated content for genuine content are nine times more likely to fall victim to scams. So we need to be careful and aware of the risks that AI poses.
How are you using artificial intelligence to protect the public?
Visa’s been using AI and machine learning for more than three decades, so the use of AI isn’t new to us.
It allows us to spot subtle behavioural patterns and anomalies we simply couldn’t detect otherwise… AI is excellent at distinguishing legitimate surges in transactions from coordinated fraud attempts targeting a reseller.
Merchants and customers — what’s your key take-away for each?
It’s important for merchants to talk to each other and work with industry groups to understand the risks and threats they’re seeing.
Organisations like the Merchant Risk Council are a great resource for sharing insight across the ecosystem.
Merchants need to understand the technologies available to them and how those can support their business. They should also monitor for warning signs, such as unusual transaction patterns, spikes in activity or potential account takeovers, which could indicate fraud.
For consumers, the key advice is to be vigilant. You don’t need to be fearful but be aware that fraudsters often use urgency and emotional pressure. Treat unexpected payment requests with caution, enable available security features, and if something doesn’t feel right, pause.
Take it further
Interested in this and similar topics? Explore BCS' books and courses:
- AI in Business: Towards the autonomous enterprise
- Artificial Intelligence and Machine Learning Foundations: Learning from experience
- BCS Essentials Certificate in Artificial Intelligence
- Cyber Security: The complete guide to cyber threats and protection
- The Principles of Information Security Architecture
