Mastercard at Morgan Stanley Conference: Security Solutions Drive Growth

On Wednesday, 05 March 2025, Mastercard (NYSE: MA) took the stage at the Morgan Stanley Technology, Media & Telecom Conference. The discussion, led by Johan Gerber, Executive Vice President of Security Solutions, highlighted Mastercard’s strategic focus on value-added services, particularly in security solutions. The company emphasized its commitment to balancing security and convenience in digital transactions, showcasing both opportunities and challenges in the evolving digital landscape.

Key Takeaways

• Value-added services contributed approximately $11 billion in 2024, representing 38% of Mastercard’s revenue.
• Security solutions are central to Mastercard’s growth strategy, leveraging AI-driven solutions to enhance transaction security.
• Cyber and identity management identified as key investment areas, with Recorded Future’s acquisition enhancing capabilities.
• Mastercard’s approach includes embedding security by design to support digital economy expansion.
• AI and data-driven insights are pivotal in developing personalized and secure customer experiences.

Financial Results

• Value-added services accounted for nearly $11 billion in 2024, demonstrating a growth rate exceeding 17%.
• These services represented 38% of the company’s total revenue.
• The growth in service revenue is tied to the transaction base, with a compound annual growth rate (CAGR) of 13% from 2021 to 2023.

Operational Updates

• Mastercard’s security solutions strategy focuses on embedding security by design to secure opportunities in cyber and identity management.
• Expansion in dispute and customer engagement areas, including subscription management and digital receipts.
• The acquisition of MENA Technologies enhances subscription management capabilities from banking apps.

Future Outlook

• Mastercard aims to expand services beyond payments while maintaining alignment with its core brand value.
• The company is exploring opportunities in identity management, including tokenization for digital identities.
• Recorded Future acquisition is set to bolster cyber threat intelligence and strategic dialogues with governments.
• Mastercard plans to adapt to AI agents’ impact on payments and digital interactions, emphasizing data and technology.

Q&A Highlights

• Mastercard’s AI capabilities are well-developed, focusing on network intelligence, personalization, and safety.
• 60% of service revenue is linked to the transaction base, providing a stable growth foundation.
• Card fraud rates are lower compared to pre-COVID levels, indicating slower fraud growth relative to business expansion.
• The Global Scam Alliance estimates $1 trillion siphoned from financial systems due to scams and fraud.

For further insights, readers are encouraged to refer to the full transcript below.

Full transcript - Morgan Stanley Technology, Media & Telecom Conference:

James Fawcett, Fintech Research, Morgan Stanley: All right. Let’s go ahead and get started. Good morning, everybody. Great to see everybody here to kick off the third day of the twenty twenty five Morgan Stanley TMT Conference.

Very pleased here to have Johan Gerber, Executive Vice President of Security Solutions for Mastercard. Before we get started with Johan, I’m James Fawcett. I run fintech research here at Morgan Stanley. And before we get dive in with Johan, we’re going to I do have a quick disclosure to read. Please see Morgan Stanley Research Disclosure website at morganstanley.com/researchdisclosures.

If you have any questions, please reach out to your Morgan Stanley sales representative. So very excited to be able to talk to you today. As I was mentioning earlier, for a while I covered networking equipment, so like Cisco and other things, while also covering Mastercard. And I always felt like all the conversations around network security and security initiatives generally, people had an under appreciation of Mastercard and the work that you do and a lot of the capabilities that you have in house or you’ve added over the years. And so this is going to be a fantastic conversation.

And it’s interesting because in investors’ minds clearly all of the capabilities that Mastercard can bring to bear within the broader bucket of value added services are very forefront in people’s minds. So thanks for joining us, Yulan. So maybe I’ll start. Can you tell us a little bit about your background and area of responsibility within Mastercard?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: James, first of all, thank you very much and thank you for the opportunity. You’re right. They don’t let us out too often given we’re living in the dark side of the moon a little bit. We live where all the sometimes all of the bad stuff sometimes happen, but I will hopefully and we’ll get into this a little bit later. It really is about opportunity and how do we achieve and benefit from the opportunities that are out there.

We’re doing so with a long term security mindset in place. But just a little bit about myself, it’s a bit of a journey. I’ve been with the company for twenty five years, originally born in South Africa, was a police officer for about ten years. And I think I just got lazy of chasing these criminals. And I thought there must be a way with technology to kind of make it a lot easier.

I joined a company called Europay actually in Europe, which ran the Mastercard brand in Europe. That was the very first acquisition that Mastercard made. And that’s kind of how I came into the company. And as part of an agreement I had with one of our account managers, I met a guy for lunch or had to meet this guy for lunch, which was the CEO of Brighterion, actually a company from here that we eventually acquired. And he told me this thing about AI.

This was back in 02/2003. And I tell you, I was hooked. I immediately changed jobs into our product development world. And since then, it’s been twenty five years building product, doing various things. So it’s been a very exciting journey that we’ve been on up to now.

James Fawcett, Fintech Research, Morgan Stanley: That’s really interesting. We were just mentioning it. So you started talking to the team at Bryteria in 02/2003, you said? And what year did Mastercard finally acquire them? Yes.

They finally acquire them probably like 2017. ’20 ’17, yes. That was a good acquisition. So let’s talk a little bit about Mastercard’s value added services and solutions and give us a little more insight into the breadth of services and then specifically the security component.

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Yes. Look, this is a really exciting part of the business. And in 2024, we had a restructure, an organizational change in Mastercard where we actually brought all of the majority of our value added services together. Just to give you a little bit of a sense of the impact here, it’s just shy of about $11,000,000,000 in 2024. It represents about 38% of the company’s revenue, growing at a very comfortable clip of north of 17%.

And the interesting thing is we’re only 2% penetrated in our TAM at that amount and about 7% penetrated on our SAM, our serviceable addressable market, which means we have a lot of opportunity to grow. Since 2019 in Security Solutions alone, which is my world, we were able to convert more than SEK 30,000,000,000 from TAM into SAM. So we’ve got penetration deeper that we can grow into and we also have the opportunity to go perhaps wider into a broader TAM by converting some of these things over. As I say that, our focus is not to say how do we get Sam as big as possible. Our focus is how do we make payments better?

How do we get that virtuous cycle of differentiate our core value propositions, win more share that produce more transactions, more data that feeds our data services and you’ve got that virtuous cycle that kind of feeds off another. That’s really where we want to go. And if in that opportunity, we need to convert more of this, we’ll of course go after it. I think there’s still a lot of opportunity left for us there. But to give you an indication of what’s in there, and of course, security solutions, and we’re going to talk about that a little bit in more detail later on.

So I’m not going to spend time on it now. But something else is our customer acquisition and engagement. This is where we do marketing services, loyalty, personalization, dynamic yield is one of the very interesting acquisitions that we made there. They do personalization for something like Starbucks, for instance. That’s in that bucket.

We’ve got a business market insights group, where we have our consultancy services. A lot of our analytics products in there, our economic institute is in there. We do a tremendous amount of processing analytics, targeted analytics. There’s a lot of work in there that we just spend time with our customers to really understand the operations, the markets and how do we help provide them with guidance. And then in addition to that, we add things like our open banking platforms, our authentication and digital processing platforms.

So there’s a pretty big world that’s altogether sitting in that world. Now prior to 2024, you can almost think of it that we spent a tremendous amount of time at building out the portfolio of services and we’ve built a pretty strong portfolio. That’s how we got to that $11,000,000,000 number. With the change in 2024, that focus is now on how do we really hone down on getting that virtuous cycle going and how do we make a big difference in the lives of our customers, our banks, our merchants and various other stakeholders in that chain. And just to give you an example how the narrative have shifted.

In the past, I would show up at a customer and we’ll tell them, look, we can help you with fraud services before, during and after the transaction. And my colleague from Customer Acquisition and Engagement will show up and talk about how we can help you with engaging customers and getting them to spend the loyal services and personalization make that so much more of the conversion rates better. Now we tell a story of we can help you acquire customers, we can onboard them safely, we can activate them with our loyalty services, authenticate them, manage their fraud. And if something goes wrong, we catch them on the back end through our dispute management services. And so the value proposition and the narrative of how we show up in front of our customers as an integrated is just so much different.

And I think that for me is the most exciting part of how this just really changes the way in which we take our products to market.

James Fawcett, Fintech Research, Morgan Stanley: So that’s generally the as you said, is like kind of the overall capability and breadth. And as you said, it’s really been interesting to see how you’ve worked to add functionality and abilities that allow you to increase your SAM within that TAM. But let’s talk a little bit about your direct purview and what is the strategy like? What’s the go to market? How do you interact with your clients?

What just that sales process?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: So the way to think about security solutions, let me start with the strategy and I’ll tell a little bit more of what’s in there. If we think about the opportunity that’s ahead of us, the opportunity that’s being brought together by the evolution of digitization, AI, new technology. I mean, what we can do now is incredible experiences for customers is how many more people we can bring into the digital economy. What that would mean for our secular shift ultimately is phenomenal. The way we think about security solutions is how do we get access to that opportunity and maximize the benefit of that opportunity, but in a long term sustainable way is by security, by design, embedded security in these things.

NASCAR has been around for well over fifty years now. So we take a long term view on this and we feel it’s very important. If we want to bring 1,000,000,000 people into the digital economy and their first experience is one where they get scammed, they get hacked, they get abused online, we will lose them forever. So So we really take a very thoughtful approach to this to say security is a business enabler and a thing that will sustain our business growth in the long term. And that’s why this is so important for us.

And that’s why you will hear us always talk about layers of security. You’ll always hear us talk about embedded security, security by design. We feel that’s fundamental. If the world wants the benefit of this in the long term, we’re going to have to do this. So that’s a little bit about the strategy and how we think about these things.

And as we think about our strategy, where we add capabilities, that’s always in our mind. That’s why cyber is such an important piece. Digital is the biggest part of our growth. Cyber and identity, massive opportunities in those. That’s where we’ve invested pretty heavily.

The areas in my world that we cover as part of security solutions include our cyber world, things like our Recorded Future acquisition, RiskRecon acquisition, Buff and Bay acquisition, a bunch of products that we bought ourselves. We’ve got fraud and financial crimes, which is more looking at our transaction level services, looking for fraud, looking for scams, looking for compliance, things like anti money laundering is in there. We’ve got an identity group as well, where we look at digital identities, we’re looking at authentication, tokenization, a lot of those areas. And then we’ve got what we call our dispute and customer engagement area. So this is what happens if something goes wrong.

How do I get my money back? And that piece is very exciting because it has grown from just disputes and what we call chargebacks to actually subscription management to how do I get digital receipts, how do I actually just have more transparency in the post transaction place? And how do I digitize beyond the transaction? And so that’s a little bit of kind of what’s in that world. It’s an exciting area that also grows pretty nicely.

It’s the largest part of our services bucket is actually in here as well. So it’s a really exciting part, but it’s a fundamental part to how we see we will grow our business in the future.

James Fawcett, Fintech Research, Morgan Stanley: So I want to spend a few minutes here just diving a little bit deeper into some of these areas within security solutions. Let’s you mentioned it just a moment ago, fraud and financial crimes. What kinds of measures does Mascor take to ensure the security of digital transactions protect against fraud? Can you kind of give us an example of a transaction and how that process works?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Yes. This is really it’s a lot of fun actually. We look at what happens before, during and after the transaction. At least we have a suite of services that span that entire lifecycle. So identity suite plays very much before the transaction happens.

This is where one of our acquisitions, Ricardo, will talk about it hopefully a little bit later when we get into identity. But how do I know you are who you say you are when we sign you up? And then every time you want to use your payment credentials, authenticate you again to make sure you are who you say are when you come and use your card that we’ve given you when we authenticated you in the first time or identified you in the first time. When you use your card, we have a couple of services that actually looks at the patterns of the transaction. This is where AI plays a big role for us, Nigeria, that we talked about a little bit earlier.

There are two services which are really cool here. One is what we call our Decision Intelligence product. Decision Intelligence, think of it as a cop on the street corner that lets we can look at every car that crosses by, every transaction that goes by and we look at every single transaction and we assess the risk of that transaction. Now keep in mind, we do about SEK 159,000,000,000 of this a year. So there’s a really, really nice opportunity there to add value.

All of this happens in real time. So while you tap your card or while you click buy, all of this happens more than 500 calculations in the background in real time that gets presented to your bank. And they use that together with all of the rest of your information to decide are we going to approve this transaction or not. That’s one of the services. The other one is a service we call Safety Net, which I would equate more to think of a drone above San Francisco, where we can look at the entire city in real time all the time.

So we look at our network in real time all the time. And here, we don’t look at the individual transactions, but we look for spikes of things that doesn’t make sense. What happens if one of our banks gets breached through a cyber attack and somebody makes a money run? How do I identify that? I don’t need to look at one transaction at a time.

I need to look at why is this ATM firing up in ways that it shouldn’t. So there again, the same thing, we look at all these transactions real time. That product alone over the last three years stopped and I don’t mean stopped, it declined. So basically we didn’t even let it go through to our banks more than $50,000,000,000 of attempted fraud, which is phenomenal. So there’s a lot of value in these products individually for the consumer and then also at a much larger scale on the other ones as well.

So it’s a pretty exciting area to get into.

James Fawcett, Fintech Research, Morgan Stanley: So I want to ask you is like one of the things that a lot of times we’ll have people talk about new payment schemes or approaches or technologies etcetera and they’ll talk about some aspect of it, right, whether it be ease of use or security etcetera. But talk a little bit about how you balance security and convenience, right? Like that’s the biggest problem. Like you can always make something more secure, but are you adding too much friction to the front end so that people won’t use it and vice versa? So how do you balance that out?

And what’s the progress look like over the years?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: So real funny story. In the beginning of this year, I had a long debate with a brand specialist who produces general things. So general payments apparently goes well together for what it’s worth. Interesting thing was we talked about the relationship between trust and experience. And because my argument was in the old days, we looked at trust as something that gets established over time and repeated delivery of a consistent outcome that we expect and that expectancy is delivered on.

In the digital world, trust gets established in a second. How does that happen? And what came out of the conversation is that there’s a direct correlation between experience and trust. And that’s how you will get into a car services car, how you will get access or you will trust a new site that’s on a digital platform or whatever it is. Sustaining that trust is what really needs to happen in the long term.

So relation or convenience and trust for us goes hand in hand. Now we also have something that we call friction by design, which is really, really interesting because if I want to do it if I want to grab a cab to get to the airport, do not put friction in there because first of all, I’m probably late and this is not the time to do this. But if somebody wants to draw $15 out of my bank account, I will actually appreciate if you put some friction in there. So friction at the right time actually enhances trust. So and that’s the way we think about these things.

Now in a world of digitized in a digital world with devices and the amount of data that’s available from our devices, we’re actually in a place where I think we can provide a lot of security without any friction, but friction is actually really important. So we’re actually in a place where we do not have to sacrifice one for the other. In the old days, like you heard, I’ve been here for twenty five years. We literally were tuning those models and it was false positive versus detection rate. And you got either more declines or you detect more and you were constantly figuring out how do I treat my affluent portfolios versus my mass market.

Nowadays, the data that’s available for us, the strength of our AI allows us to actually provide you a great experience and we can design friction in at the right time to provide that trust, which as we go to our customers to translate this into value is, how do I help you to create a strategy that serves the portfolio that is on the table for us here? You’ve got a travel portfolio. We want to make sure that anything related to travel and dining and those things do not have a bad experience. And so we can actually take those and we can put it into our systems and we can design that outcome with our customers. So you bring a bit of consultancy services, our on behalf services, how we configure the things in our network.

And so we can really help our customers with this end to end technology pieces on the background that then memorialize those strategies and put them into action in real time on every decision. And that’s where the power of the network that can do this at scale with thousands of banks and billions of transactions, that’s I think where the power sits what we can do with that. So it’s a great question. And I think as we go on with this, we’ll see more of this shift in terms of what is the right balance there. But I think the good thing is we actually have the tools to really use it to really underscore trust versus we’re in a bind that we have to sacrifice one for the other.

So

James Fawcett, Fintech Research, Morgan Stanley: obviously, most of the time when we talk about security and the capabilities of Mastercard, we put it in the context of the payments, payment scheme and the payment network generally. But as I said at the outset is back when I was covering networking equipment and looking at things from a networking security perspective, it occurred to me that a lot of these approaches and strategies have strong applicability outside of payment space. Is that true? Or like how do you think about that?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Yes, I think you should think about this in two ways. First of all, there is our services and how they apply to other transactions or other brands than Mastercard’s brand. Sure. And that’s something that we feel pretty strong with. So we do provide services on non Mastercard branded transactions or even non processed Mastercard transactions.

So while we don’t process every single Mastercard transaction, we have the ability to apply services to every transaction if that’s what the customer wants from us. So we’ve got that capability and we have the ability a lot of our service are brand and rail agnostic. So we will do things and we may get into that a little bit later around account to account and so forth. So there is the expansion of beyond the brand in the transaction world. And then there is how do we go beyond the transaction?

Things like identity is a good example of that. Those services apply irrespective of the brand that’s being used. Cybersecurity, Cybersecurity is not necessarily purely transaction based. It looks at the entire ecosystem out there. So a lot of the assets that we have are actually thinking and you should think of them as going beyond payments.

Some of our things like subscription management, the acquisition of MENA Technologies, the ability to allow a customer from the banking app to address and manage their subscription, great value is not necessarily related to the transaction, but it is kind of so while we go beyond the transaction, I do want to bring it back and make sure people understand. We just not it’s not just we’re looking at this as the wild west and say, where do we find pockets of money? We bring all this will bring this back to how does this drive that core differentiation to win the brand, to produce more data in that virtuous cycle that I described before. So please keep that in mind as you think of these things. So it’s not just that we’re going to expand in whatever we can, but we’ll be very mindful in how we expand and how that can play a role.

In a digital world, if you think about the experiences, I always look at what Uber did to payments. All of a sudden, we were used to I go to a store, I buy something whether it’s online or physical and at the end of my experience, I tap, I click, pay and as part of it’s just that last final step when I exit. You Think about many of our experience today, I consume my service and I carry on with my life. The payment just happens, right? We can see that’s going to become more and more of how the future work.

If you think about AI agents and those kind of things as they come in, where will payments sit? Will it be in the beginning, in the end, in the middle, somewhere in different parts of the experience? For that reason, we are thinking and taking a more holistic view on this that is not just how do I do what payments, but we will always bring it back to ultimately there’s a payment somewhere in that experience that we want to make sure that we have trust embedded in that security, embedded in a great experience.

James Fawcett, Fintech Research, Morgan Stanley: So I want to hit on a few different other elements and you’ve talked about few of them, but identity management, what’s happening in that segment and how important is that within the business?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: So I’ll tell you, I’m really excited. So a company we acquired a couple of years ago, whose name is Ikara. They do what we call an identity graph. So it’s basically AI that we put on a bunch of identities. We don’t not so much care about the identity of the person, but we care about the attributes that’s built around that identity.

So to give you an example, so take my name, my name can be completely anonymized, but you will say, Johan is linked to these two physical home addresses. He’s got two cell phones, he’s got five email addresses and some other elements out there. So we create that graph that basically associates me with these components around me. Now when somebody goes and applies for a bank account or a loan, they use my name and perhaps one of my addresses, but they use a number a phone number that’s never been associated to me, they use an email address that’s never been associated to me, our graph is going to say this has never been seen in relation with Johan’s identity. So we built this graph that gives you context to understand this why this doesn’t make sense.

So if I only look at the individual attributes, they all may make sense. Email addresses may check out, the phone numbers. But this is a great way how we help customers onboarding new clients, understanding when there’s risk of synthetic identities, scams, mule accounts. When these mule accounts are getting opened, a lot of it is done by synthetic identities. So these are just ways that we can help our customers.

So that’s a big part of it. The role of tokenization and what that can play in the future of making digital identities usable, I’m not going to go too much detail in this, but if you think about the power that payment card is it for bank accounts, if you really think about it, the payment card is a proxy to your bank account. Basically provides utility to your bank account. Can we do the same things for digital identities? Tokens have that power because I can tell the token to answer the question without revealing all the data.

What a card payment does for you when I want to check out my hotel, it answers the questions, does Johan have enough money to pay for this transaction? Yes or no. I don’t have to show them my bank account. But yet when I check-in, I have to show them my passport and my driver’s license. When I get caught at a restaurant, I have to show them, why can’t we just answer the right question?

Is he old enough? Yes or no? Is he old enough to buy liquor? Is he old enough to buy car? So there’s so many utilities that we can go into identity that I think are still untapped for us.

Verification of attributes, we have such a big graph around the world. We have the world’s largest database of fraud data. When you look at recorded future, which hopefully we’ll get into as well, we even have more data that comes in there. We have all the stuff that gets stolen. So when I put that stolen identities onto my graph and I now know that while you’re on these 10 attributes, two of them have just been sold on the dark web.

Now we’ve got a whole different way of understanding my risk and making much better decisions. That’s kind of where we play in the identity space, which is really exciting and it’s a very fast growing world. In a world of digital, I’ll close with this. In a digital world, the two biggest questions we have to answer are, are you who you say you are, because you’re represented by a device and is that device doing what it’s authorized to do? So it comes back to cyber and identity.

Think about a world of AI agents. Now it’s no longer just the identities of people and of devices, it’s the identity of agents and what agents are allowed to do if not. So that’s an area that we’ve hardly even scratched the surface on that. But I think these are all opportunities that are coming that our customers are going to need help with. If I want to tell my digital agent to transfer money and to pay my share of my dinner last night to you, I need to make sure that that agent can really access your account to make the transfer, right?

That’s what our consumers are going to expect. So I think there’s some really exciting things on the horizon for us there.

James Fawcett, Fintech Research, Morgan Stanley: So let’s so you mentioned and I wanted to ask you about Recorded Future and how that fits within the broader cybersecurity solutions and you’ve done this acquisition recently, but how does Recorded Future enhance not just the identity management, but cybersecurity capabilities overall?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: I’ll tell you, we are really excited about this acquisition. It’s arguably the world’s largest independent threat intelligence company around the world that’s not linked to a cloud service, for instance. That’s kind of independent and provides across multiple customers. More than 1,900 customers are coming in, 75 countries are doing business in, more than half of the G20s governments are all using them. We have 45 governments in total that are clients.

So it allows us to have a conversation at a much different level. So if you go back to what I said right at the beginning around, how do we actually empower economies? How do we show up at a different place where we’re just not just facilitating transactions, but we’re actually looking at just rising the tide for an economy in a country? This allows us to have a very different conversation with governments and stakeholders in a country to do this. Couple of things around the data, what the data brings for us, two very important points.

The data that Recorded Future brings into the fold for us has real tactical applicability on our transactions and the services we do. Just about every one of our products, our security products benefits from that data. To give you an example, I don’t know how many, but there are millions and millions of cards being sold on the dark web every day. With the help of Recorded Future, we know the moment a card gets sold and we know the moment the criminal is testing the card. It’s interesting fact, but the criminals have a wonderful customer service component to their services on the dark web.

If you buy some let’s say, you want to buy 100 stolen card credentials, you’ve got the option to say, I just want the card, I want the card with a PIN number, I want this person’s address and Social Security and everything. And of course, the more you buy, the more you pay. But then right at the end, they have the ability to say, test this thing for me. I want to see it works. And they will actually run a test transaction.

So through something like Recorded Future, we actually know who’s doing the test transaction. So now all of a sudden, I know which are the merchants or businesses that were set up in our ecosystem that does this. So I can tactically go and help my acquirer to say you’ve got a bad apple in your portfolio. I can tell my issuer this card has just been sold. So the way when you heard me talk about decision intelligence, my AI decision can now be so much more accurate.

My if I see a bunch of these were all sold, my Safety Net application can now say, well, there’s something clearly there’s an attack happening here. So it influences very tactical on how we make real time decisions, how we help our customers. But then the other pieces, think of this we have they’ve got the world’s biggest cyber threat intelligence. We’ve got a very large chunk of data around financial crime, fraud, identity theft. Bringing those that data together, we have probably one of the world’s most comprehensive data sets around financial crime and cyber threats applicable to the financial industry.

So we can use this for very tactical decisions, but we can also use this for strategic conversations around how do we prioritize, how do we help a bank to understand what are the biggest threats or a merchant or any other stakeholder or a government, what are the threats that you need to prioritize in terms of things that are coming down the line? And that’s where I think I love this most. It’s there’s real time decisioning coming out of this, but there’s also how do we think about the future differently. And I think that’s changing the conversation for us completely, which is really exciting. So just that value is already substantial.

If you think about the digital world that cyber will be part of this, any CEO that we speak to, cyber is amongst the top three of their biggest fears that keeps them up at night.

James Fawcett, Fintech Research, Morgan Stanley: Oh, I’m

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: sure. And so this opens up doors to have different conversations, different value proposition. I can go on and on on this and you can see, but we are really, really, really exciting. It brings it back to payments and how

James Fawcett, Fintech Research, Morgan Stanley: we just make that world better. So I want to ask you about AI. So internally at Morgan Stanley as AI was emerging as a key investment theme over the last few years, other analysts or people within the firm would come to me and say, hey, how is AI going to impact Mastercard? And what are they going to do about AI? And my response is, I don’t think it’s going to impact them much at all because they’re already doing it.

They have been doing it. Like it’s they’ve been on the continuum machine learning to AI forever and that’s why broad rates are really low and you can use your card with very little friction, right? So to me it didn’t seem like a big step function change, but is that accurate? And how do you think about the path forward?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Yes and no. When it comes to AI, I’ll say we are paranoid. We are confident, but we’re paranoid. So we will always keep an eye on what’s going on there. To our earlier conversation, I think we made our first investment in Bridgerium prior to 2010.

I can’t remember the exact year we acquired the company in 2017. So we’ve been around AI for a long, long time. If you think about how we think about AI, there are a couple of ways in which you do this. One is how do we make transactions smarter? This is like how do we provide intelligence to our customers, merchants, issuers, processors, everybody in the middle.

For instance, things like optimization of approval rates, retries if a merchant doesn’t get the transaction through because the money has not landed in the customer’s account, when is the best time to do that. So there’s an optimization component just making the network smarter. There is how do we do things more personalized. The Dynamic Yield is an AI company that uses AI that looks at the data to make sure we produce the most relevant experience for the customer through their digital journey. And then of course, we have how do we make it safer, which is all around my world.

And you heard we have identity graphs, we’ve got cyber graphs, we’ve got AI interactions. So there’s a whole bunch of different areas where AI is being used there. And then the last one is, how do we make the company more how we protect the company and actually help enhance productivity in the company? How does these AI tools help us to code faster? How to make faster decisions and have a productivity impact?

So there’s an internal set of use cases and then there’s all these other things where we provide better value to our clients. But we sleep we appointed an AI officer that’s looking at this. We are building a very structured approach to this. The acquisition of Recorded Future, the way we think about structuring our data, fundamental. The way we think about our investments into data governance and data privacy.

So on top of you have the data at the bottom, you’ve got your governance and privacy rules on top and then we start putting our AI on top of that. So everything we do has that long term sustainable view and it will certainly be one of those buckets, make it smarter, make it more personalized, make it safer and then benefit the company itself. Data and technology critical to do this. We think we’ve got

James Fawcett, Fintech Research, Morgan Stanley: a very strong hold on both of them, very strong data set. But there’s people waking up every single day making sure that we stay on top of that thing because it changes in a hard way. So quickly. So let’s talk quickly go to market approach. How do you distribute your solutions and particularly with your security solutions, how should we think about like attach rates within the Mastercard payment ecosystem, etcetera?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: So today, about 60% of the revenue that we have in our services world comes from directly linked to our transaction base. That’s a strong piece because there’s a CAGR, I think about a 13% CAGR growth from 2021 to 2023 in terms of process transactions. So that just comes there’s a nice organic growth that just comes due to the fact that we link it there. But you also should think about our portfolio services a little bit more balanced. During COVID, when transactions were down, a lot of our other service kind of helped balance that out.

So we don’t have so we still could help support the growth of the company overall. So we are taking a very mindful growth in terms of how we diversify our set of portfolios. What do we put in the transaction? What do we not? Go to market strategy, a couple of them.

We have a dedicated security solutions sales team all around the world. So we’ve got people in every region, they report into the regions, they live with the customer, they sell. Every single day they wake up and they sell. Then we have what we call embedding it into our core. It’s embedding it into our network.

The Citi intelligence, like I explained to you, every transaction that passes through, we take a look at it. We embed it, for instance, in our cards. We may have a small business card that’s got services attached to it. We may have a prepaid card that has some services attached to it by virtue of you getting access to the card identity. For instance, example, in The U.

S, everybody has access. If you have a Mastercard, you’ve got access to our identity protection program. So these things are attached to our core products. And then we have programs that we do where we think about technology, things like open banking, open APIs, where we actually speak to the developer community and how do we make these things available to the developer community, which is really important. And I think in the future will be a massive part of how we go to market with agent technology, That’s going to be critical.

We need to show up in those places where the developers code, where the agents are looking for getting access to the right APIs. I would say those are some of the big ways in which we take the products to market. So it’s kind of embedded in our core, embedded in our network, we’re selling and then we go to the developer community. So technology approach.

James Fawcett, Fintech Research, Morgan Stanley: Love it. Last couple of minutes here. Just with all this work, let’s put it in context of what Mastercard does versus other payment schemes. So can you speak to fraud rates generally for new and alternative payments types like real time payments versus card, etcetera?

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Interestingly enough, card fraud rates are lower now in terms of basis points compared to our overall GDV is lower now compared to before COVID, which means card fraud is growing slower than the business. Never going to claim victory as long as there’s still fraud, it’s still in the billions of dollars, it’s still too much, we’ll never stop doing this. But I think what we’ve been able to do is to find a balance where it’s growing slower than the business. So like I said, nobody’s going to call it a win until the stuff is gone. We’ll continue to invest in it.

But that’s looking really, really good. If you think about account to account payments, that has gone through the roof. I think the Global Scam Alliance puts a number of $1,000,000,000,000 of money that’s been siphoned out of the financial systems. The problem with this is that’s gone out of the hands of consumers. One of the biggest differentiators that we have in the payments world, in card payments is that the consumer is not liable and the merchant know they will get the money.

Those are two fundamental promises on which our entire business is built. If you’re a business that accepts our card, you will get paid if you follow the rules. If you’re a consumer, you won’t be liable if you follow the rules. And those things are fundamental to our business and that’s why that business model has sustained so long. Now what’s good about this is, we are now helping several markets.

So for instance, in The UK, we’re doing a lot of work with all the banks to say, can we bring some of these learnings that we’ve had over the last fifty years to help you do a better job of how we do account to account payments? Our franchise rules are designed in card. The party with the least security typically has liability. For instance, chip is just a really simple example. If there’s a chip card, but the terminal can’t read the chip and there’s fraud, the one without the chip facilities will be liable.

So we’ve created a system where there’s self policing and self correction. Can we bring some of those advices into to help our cards? The way we have been able to collect data, report on data and then use that to build our AI models. So I think there’s a lot that we can do there. Scams, fraud, crypto is growing at a very alarming rate.

And the heartbreaking piece is consumers are losing their entire savings. I think there’s a lot that we can do. We’re very well positioned. We’ve got some really strong tech that we can bring to our banks in that place as well.

James Fawcett, Fintech Research, Morgan Stanley: Well, that is fantastic. Johann, we’re out of time. I’ve got at least another hour’s worth of questions, but this is all we have time for today. So appreciate you being here today.

Johan Gerber, Executive Vice President of Security Solutions, Mastercard: Thank you so much, James. Thank you,

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.