KATE BRENNAN: Good morning, folks. We’re all here today challenging the concept that payments is a solved problem. It is anything but. And the payments landscape is rapidly evolving, as you all know. Customers want more personalization. They also want more payment methods. And with that rapid proliferation, businesses like yours are racing to keep up because with new payment methods, we introduce new fraud vectors. Last year alone, businesses saw over $50 billion in cost due to fraud alone. 

So to keep pace, many of us are turning to AI. In fact, we’ve heard from over 75% of payments experts that believe that AI will help them balance fraud, cost, and auth, delivering more profit and lower cost. And the good news is that AI is really well suited to help us all balance this. On one hand, the need for improving conversion and, on the other, reducing fraud and cost. At Stripe, we have been doing this for over a decade. But as you’ve heard this week, we’ve been really investing, in the last year, with dozens of new AI-related launches just this week alone. Companies like Slack, Twilio, and CLEAR are already relying on Stripe’s AI to fine-tune their payments performance on a daily basis. And we think AI has the power to do so much more. 

I’m going to first share with you how we’re using AI to optimize every step of the payments funnel to help you keep pace with the changing landscape. Then my colleague, Josh, is going to come back and pull back the curtain and share with you the ways in which we’re using Stripe Radar to help you adapt to the latest trends and prevent things like card testing and fraud attacks. Lastly, you’re going to hear from the users that we work with every day to design these solutions on how they’re tackling this changing landscape. 

All right, so let’s take a look at the payments lifecycle and how AI boosts performance at every step. First, we’re going to start with checkout. You’ve heard quite a bit about this, but overall, the Stripe optimized checkout experience delivers personalized experiences that your consumers want. And we’re using AI to intelligently determine which payment methods to display in which order on each checkout session. And this is great news for you because it increases revenue as well as overall conversion. And what we’ve found is that when you add at least one net new payment method dynamically in addition to cards, it really does boost, on average, the performance. So we’re seeing over 7.4% increase in conversion rates. 

All right. Next, authentication. So after your consumer clicks buy, Stripe is going to help you with compliance. And we’re triggering authentication to make sure that we are verifying that the customer is who they say they are. And over the last year, we have actually used AI to cut unnecessary SCA-exempt challenges by 20%, on average, all while ensuring that high-risk transactions still face the necessary authentication challenges. Okay. So overall, this has reduced fraud by 8%, on average, while still driving more revenue and smoother checkouts. 

And so as we move to fraud, I’d like to share that also, in addition to intelligently deploying 3DS, we’re using Stripe Radar to automatically detect and reduce fraud by 38%, on average. And this is because Radar’s algorithms are dynamically shifting to fight that fraudulent behavior that can impact your business. You probably just heard, if you were in this room a moment ago, where we did our payments roadmap, there’s things like LLM-powered Radar Assistant, which allows you to more easily write custom rules using natural language prompts. And this can enable you to more quickly tailor your fraud strategies. In a moment, we’re going to go deeper on the AI signals that we’re using in our models to help you stay ahead. 

Okay, it’s not all about fraud. There’s also legitimate transactions that you want to go through. And so with this, we’ve shared this week that we’ve announced Authorization Boost, which is a product to help you maximize revenue. It lifts authorization rates by up to 2.2%, on average, and some users are seeing even up to 7% lift. And it comes with a whole suite of features and functionality that are AI-powered—tokenization, ISO-level messaging and formatting, cost optimizations, and real-time retries. More profit for you without more work. 

All right. Lastly, we are using AI to also help you fight back against disputes. This costs over $50 billion, and we’re hearing chargeback managers say that dispute rates are on the rise year over year. Disputes are not only expensive; they’re costing you time. So this week, we announced Smart Disputes. We’re automatically compiling information, submitting it on your behalf to fight. And we’re taking the time that you’re spending to manage and to fight them and, hopefully, taking it down to zero. 

We’ve shown these stats several times, and it’s really important because it’s crucial in terms of why Stripe’s AI is working on your behalf. We have scale, density, and breadth of data that is enabling our AI to be more accurate and more performant on your behalf. So to improve all of this, we also want to make sure that we’re using this data to make sure that we’re adapting to consumer and issuer preferences and helping you better understand legitimate buyer behavior and detecting that from fraudulent ones. 

All right. So for a deeper dive on exactly how we’re using AI in fraud prevention, I’m going to welcome to the stage Josh. He’s the head of product for Stripe Radar. [Applause]

JOSH ACKERMAN: Last year, global ecommerce fraud rose by 15%. But for Stripe Radar users, they saw a 17% decrease in dispute rates. How did we actually do it? Well, today I want to tell you a little bit about how we’re using AI. Even though fraudsters are getting smarter, your defenses against fraud are getting smarter, too. We’re improving fraud detection in two main ways. First, we’re adding new signals to improve our AI models. And second, we’re building a totally new kind of AI model to supercharge your fraud performance. 

First, let’s talk a little bit about the new signals. We’re seeing major shifts in how consumers prefer to pay. In the last year, we saw a 40% increase in noncard payment volume processed on Stripe. This shift has had a direct impact on the fraud landscape, and these new payment methods have introduced and exacerbated some existing fraud vectors, such as promotion abuse, refund abuse, and account takeovers. Let’s dive into some of the challenges that we’ve seen recently, and here we’ll use bank debits like ACH and SEPA as examples. 

With cards, in contrast, we get immediate confirmation as to whether a payment has succeeded or failed. But with bank debits, those same signals simply aren’t available. Instead, these bank debit methods have longer settlement periods. We’ve engineered hundreds of new features that are unique to the asynchronous nature of payment methods like SEPA and ACH. We’re using signals as diverse as the bank’s success and failure rates, customer context, and transaction context, all to make the right decision on your behalf. These models, together, are predicting the likelihood that the transaction will result in a bank failure, and it’s our job to then block the riskiest transactions. Companies like Xero, Jobber, and FreshBooks are already using our new ML and seeing a 20% decrease in ACH fraud and a 42% decrease in SEPA fraud. 

In addition, we are incorporating many non-Stripe signals into our Radar models too. That’s leading to another dramatic decrease in fraud for your business. Earlier this week, we announced Radar risk scores are now available for non-Stripe transactions. So even if you process that payment with another PSP, you can still screen your transaction using the strength of our Radar ML models. This helps multiprocessor users prevent fraud across all of their payments. 

Radar is already trained on millions of different businesses and trillions of different transactions across the Stripe ecosystem. How does this actually work in practice? Well, when our users combine Radar risk scores with their own ML models, it improves their machine learning recall. But that’s not all. Users then report their transaction outcomes back to Stripe, and that improves our future predictions. We’re able to train our AI thanks to the wide variety of data that we’re seeing, both across the Stripe ecosystem and far beyond it.

All right. Let’s go ahead and pivot to the second big investment that we’ve been making, which is in brand-new types of AI and ML models. You heard yesterday in the product keynote that we announced our Payments Foundation Model. This is a large transformer-based AI model. We are really excited about the potential of the Payments Foundation Model, and it’s already having dramatic results. Let’s take card testing as an example. Many of you are probably familiar with the fact that card testing is a type of fraud, where bad actors validate stolen cards. This is an area where our purpose-built card testing models work hand-in-hand with the Payments Foundation Model. 

But card testing can be really challenging to block. It blends in, and it’s constantly evolving. Bad actors are always changing their tactics. So when we look industry-wide, card testing attempts have gone way up. But over the course of the past two years, card testing on Stripe is actually down over 80%. How did we actually get there? Well, we are constantly beefing up our card testing protections across Radar and across the Stripe ecosystem. But we are really careful. We don’t want to overcorrect and actually block good transactions and good actors. Instead, we’re applying our AI models at multiple different levels to predict attacks. 

First, we’re estimating the overall posture, our overall prevalence of card testing across the Stripe ecosystem every day. Then we’re actually estimating where exactly within our ecosystem card testing is likely to occur. But it’s not always obvious. When we see major spikes in traffic, it could be a really good user actually having a flash sale, or it very well could be card testing. We’re really careful not to block good traffic. 

Finally, we apply AI to assess transactions in real time using a wide range of signals. We’re combining our predictions to block attempts in real time. We’re labeling any breakthrough attempts that occur, and we’re constantly retraining our models. This has been really effective for us when it comes to historical patterns that we see over and over when it comes to card testing. But in the past few years, we’ve seen a wide variety of novel attacks. That’s exactly where the Payments Foundation Model comes in. We now augment our multilayered card testing–specific models with the brand-new Payments Foundation Model. And this allows us to detect novel, subtle patterns in real time. 

All right. Zooming back out, we’re really excited to consider all the different ways, not just with Radar and fraud detection and prevention, that we can use the Payments Foundation Model. You’re going to see us continue to leverage the Payments Foundation Model far beyond fraud detection and across our payment stack over the years to come. To hear a little bit more about how our users are actually leveraging AI and ML in their payments lifecycle, I’d like to welcome back to the stage Kate, as well as Darrel from Zoom, Andrew from FreshBooks, and Rishabh from DoorDash. Let’s give them a really big round of applause. [Applause]

KATE BRENNAN: All right, thank you so much. And to start, I’d love if each of you could give us a brief overview of your business and the main fraud scenarios that you’re facing. So Andrew, I’m going to start with you. 

ANDREW GUNNER: Great. Can I actually just start with saying how great it was to see Patrick and John pontificate on this topic at the AMA? That leadership is really seriously important, so thank you. 

KATE BRENNAN: That’s how they show up every day, as well. 

ANDREW GUNNER: Yeah, great.

KATE BRENNAN: They are authentically bringing themselves. So it’s great that you all are seeing that, as well. 

ANDREW GUNNER: So FreshBooks is an invoicing and cloud accounting solution that focuses on helping small service-based businesses invoice their clients, get paid quickly, and then ultimately manage their books. So from a broad perspective, we’re really thinking about typically two things. One, how can we protect those small business customers whose livelihoods are on the line if they are defrauded from account takeovers or fraudulent transactions? We’re also concerned about preventing bad actors or fraudsters from gaining access to our platform and using it to defraud potential customers, as well. 

KATE BRENNAN: Awesome. All right. So Darrel, most of us know Zoom. It’s good to see you in real life.

DARREL BISHOP: [Laughs]

KATE BRENNAN: Can you tell us a little bit about your business and the fraud that you’re facing? 

DARREL BISHOP: Yeah, sure. So unless you’ve been living off-grid or something like that for the last four or five years, I think everybody is aware of Zoom and what we are, a video conferencing service. But I think in the pandemic, obviously, Zoom became incredibly important, keeping us all connected and together. Not sure where we would be after the pandemic if Zoom wasn’t in existence. So very good. Everybody’s already aware of that from a video conferencing point of view. 

But what a lot of people are not really aware of is we actually have a couple other really strong, various other really strong products, as well. So Zoom Chat. It’s something that we, I love using, actually, very heavily at work. We also recently, in the last couple years or so, launched a Zoom phone. And we have, also, our own AI capabilities, as well, to help businesses in their day to day. So Zoom has become pretty much a one-communication platform beyond just video alone. 

As it relates to payment fraud. So a lot of fraud that we see is related to fraudsters acquiring stolen identities and stolen credentials, using those credentials to then purchase Zoom licenses and then resell those licenses online. So that’s not all of it, but the majority of the fraud that we typically see at Zoom. 

KATE BRENNAN: All right, we’ll get into that in a little bit. But Rishabh, okay, so I am a power user of DoorDash. I’ve got three girls, and it’s a staple in our household. So we probably don’t need to necessarily go deep on what is DoorDash, but we’d love to know the context on the different fraud issues that y’all are facing. 

RISHABH PANDEY: Yeah, of course. Hey, everyone. My name is Rishabh. I’m representing DoorDash today. Also a DoorDash power user, just like Kate. [Laughter] DoorDash is a local commerce and technology platform, and we operate a three-sided marketplace. So we support millions of consumers, dashers, and merchants worldwide. And payments on our platform move in different directions. So consumers pay us; we pay out to dashers and merchants. And as you can imagine, there’s a lot of different fraud issues in each of these interactions. So things like identity fraud, refund abuse, promo abuse. Things that we offer on DoorDash, usually fraudsters find a way to exploit those. 

So online there’s fraud rings going on, and usually we have to be very adaptive towards them when we’re trying to fight fraud. When it comes to the biggest risk in terms of payment fraud, I’d say it’s when payments happen up front—so when consumers pay us—because unlike other B2B platforms, we can’t verify the consumer in depth before. So we have to make a real-time decision with minimal friction. That’s basically how we operate. So that’s another big challenge, and that’s why our fraud systems have to be more adaptive and resilient towards emergent fraud. 

KATE BRENNAN: Thank you. You’ve all given broad examples of different fraud vectors and all the different business nuances that you face. We didn’t talk about it in our chat that Josh and I just went through, but Stripe also thinks about identity a lot as well. So it’ll be interesting to see how that comes up in the chat today. Okay, so we discussed some of the top fraud trends that we’re seeing from AI to new payment methods. Darrel, I’d like to start with you. Did any of those trends land? Is there anything that we’re missing? How is it playing out at Zoom? 

DARREL BISHOP: Yeah, sure. So they definitely landed, I would say. So ACH fraud is something that we dealt with last year around this time. And we were one of the first, I think, beta testers of Radar for ACH, which worked out great. It reduced that fraud pretty significantly. Our prepaid cards are another one that wasn’t really an issue for us but, in the past year or so, started popping up as a potential problem of fraudsters now trying to get around—figuring out ways to get around our methods and procedures, and acquiring prepaid cards to actually try to purchase our services fraudulently. Card testing. It was mentioned earlier today. That’s also something that we had issues mitigating in the past, but now that’s kind of been kept under control, thankfully, thanks to Radar. 

But something I didn’t really hear too much today and in the other sessions is AI and fraudsters using AI in a negative way to actually create synthetic IDs and then use those IDs to try to look as legitimate as possible, and then use that to then defraud other businesses. I’m sure Andrew and Rishabh probably dealt with this, as well. 

ANDREW GUNNER: Yeah, we see the laughably simple ones. We were talking earlier that, you know, sometimes people are so lazy, they just take a photo of their dog or whatever. But, you know, on a more serious point, we’re seeing absolute advances in fraudsters applying very advanced technology to try to defraud us. And so very much like you and Rishabh, we’re actively working against that daily. 

RISHABH PANDEY: Yeah, that’s a great point. I think another thing that we notice when it comes to synthetic IDs that you were talking about is when we do throw frictions—for example, card scan, or when you have to scan your ID to verify or that you’re a legitimate person—we’ve seen like fake IDs that were generated by AI. And this has been very recent because of the rise of AI. So yeah, it’s really involved in this space. 

KATE BRENNAN: We talked a lot about 3DS as one intervention technique, so also Stripe [Identity] and IDV trying to think about this and get ahead of the deep fake. So there’s lots more that we all should be talking about actively, as well, in addition to some of the things. 

DARREL BISHOP: Yeah, I think fraud teams will just—you know, we’ll just have to get better, adapt to these new trends that fraudsters are also using AI. So we’d have to get smarter and better, as well, with better fraud tools to actually adapt to these increasing threats. 

KATE BRENNAN: Yeah, it’s certainly a double-edged sword. 

DARREL BISHOP: Exactly. 

KATE BRENNAN: AI is happening on all ends of the spectrum. All right, Andrew, go ahead. 

ANDREW GUNNER: I was just going to say the collaboration point you made is huge, as well. So I view this as very much an ecosystem challenge that we’re all working against, and so we have to kind of collaborate together to share experiences. 

KATE BRENNAN: I love that you said that word. So earlier there was a question asked to one of our business leaders, John Affaki, about how do you prioritize. And we always talk about guiding principles. And one of the guiding principles for one of my orgs is the idea of ecosystem health. 

ANDREW GUNNER: Yeah, exactly. 

KATE BRENNAN: And so I like that you said that word. It’s that notion of we’re trying to help with fraud prevention for all. Okay, Andrew. I know that your team is working to address some of the newer fraud trends. We’re talking a lot about trends. One thing that you’ve talked about is merchant fraud. Can you talk a little bit more about that? 

ANDREW GUNNER: Yeah, so we were just talking about the notion of trusting and validating who a user might be at maybe a point of onboarding or something like that. But we’re also increasingly focused on monitoring that behavior throughout the lifecycle of their journey with us. And so we’ve been recently partnering with the Stripe team on getting access to their merchant monitoring capabilities so that we can start to piece together a history of how that merchant’s behavior is changing or evolving over time, and working with your team on sharing feedback for how we can cocreate a great experience for those customers. Not create too much friction, but also make sure that our experience is one that we’re comfortable with providing. 

KATE BRENNAN: Yeah, and we appreciate that partnership. So I think one point that you’re hearing—so a couple of examples about early beta, early preview testing, cocreation. We really do like to work with our users to design the solutions, and we appreciate any of the input that you all provide us. So thank you for that partnership.

DARREL BISHOP: Yeah, I could speak to that firsthand. It’s been great working with the Radar team and testing new product features. 

KATE BRENNAN: Ooh, Josh! [Laughs]

DARREL BISHOP: Our team, Global Payments and Fraud, we love getting involved and getting our hands dirty with new tools. So yeah, love the collaboration there. 

KATE BRENNAN: Awesome. Okay, so I’m going to go back to something that you had actually mentioned. Obviously, AI. It’s a hot topic. We talked about it as a double-edged sword. Would love to know specifically, what are you doing to adapt your fraud operations, the specific teams, whether it’s skill set, how you’re structuring them to take advantage of the rise of AI and also to fight the rise of AI? And Rishabh, I’m going to ask you to start with this one. 

RISHABH PANDEY: Yeah, sure. So DoorDash has been investing heavily in our AI and ML infrastructure when it comes to fighting fraud. As I said, because of the rise of fraud, we have to also take advantage of AI to fight against it. So, yeah, we have a bunch of things that we use. For example, we have streaming, feature data sets, configurable rule engines. These things basically help us to use AI in real time when we’re trying to make a decision for any incoming transaction. 

Apart from that, we also have our own in-house fraud models for each different payment workflow. For example, order checkout has its own model, gift cards have their own model, so on and so forth. Each of these models use different signals—so behavioral or transactional signals depending on the payment—and also some historical context about the user, like their activity on our platform, their previous transaction history, stuff like that. 

And yeah, our payments platform, we use multiple payment processors, so not just Stripe. And this is just so we can ensure some redundancy, as well. But when it comes to fraud, we do use Radar, as we were talking about. And we use Stripe Radar for both our on-Stripe and non-Stripe traffic. And that helps us to not just use our in-house signals that I was talking about, but also the numerous signals that Radar uses that Josh mentioned in his presentation. So this has definitely helped us. 

KATE BRENNAN: Again, it’s that ecosystem, a yes-and moment. Yes, Stripe has payments, but we are going beyond payments. The idea of how might we make our product suite interoperable and provide signals bidirectionally so that, again, ecosystem health. So that is a great case study. Okay, so I’m going to move back to Andrew. So earlier you talked about FreshBooks and how you’re using new AI capabilities to detect different types of fraud. 

ANDREW GUNNER: Yeah. 

KATE BRENNAN: Share more about that evolution at FreshBooks. 

ANDREW GUNNER: Yeah, so maybe I’ll start a little bit about where we were, which was— actually it was at Sessions last year, getting angry Slack messages from my head of fraud, saying that he felt like we were a little more exposed than he wanted to be on our ACH capabilities. And so we actually—just like Darrel, we got gated into the alpha on that product and actually just spent a lot of time with your teams on evolving that product. In parallel, my product team has been working on making things better for our customers by shipping things like instant payouts and other capabilities that we want to offer to our customers. 

And we’ve been working on understanding how our fraud exposure changes when we do those releases. And then actively working with your teams on better understanding how we can take actions to improve customer experience, but also manage our risk at the same time. So very much a 12-month journey from a very frustrating moment in Sessions last year to a very happy moment today. 

KATE BRENNAN: Hopefully they’re feeling pretty good right now. 

ANDREW GUNNER: Yeah.

KATE BRENNAN: Okay. Yeah, it ebbs and flows, and we want to make sure—

ANDREW GUNNER: Yeah. 

KATE BRENNAN: —we’re showing up as a good partner. How do you think about complementing your in-house capabilities? I know you also have used Radar for Platforms. How do you think about when to build in-house and when to think for a third party? And that’s for any of you, but I’ll start with you, Andrew. 

ANDREW GUNNER: Yeah. So we definitely think about, you know, as we move from just making sure we think about these discrete risk exposure points as individual items as we release products to now thinking more about how we evolve and consider the holistic customer experience and what’s their total behavior. And so that’s when we start to kind of piece together these different capabilities and apply our own in-house teams and their own models so that we can move from just thinking about this customer in a binary way to, do we trust you this much or this much? And we don’t actually want the customer to feel that evolution other than when it’s a delight. 

KATE BRENNAN: Yeah.

ANDREW GUNNER: And so it’s important that we use things like machine learning to both protect the platform but also create a much better experience and frictionless experience at the same time. 

KATE BRENNAN: All right, Darrel. So I know that at Zoom you’ve been considering this, as you’ve just shared, not only for identity but also operational processes. Can you share a little bit more about that and how you balance all of this? 

DARREL BISHOP: Yeah, sure. So as I was saying before, we beta tested various different Radar tools over time. One of them was actually what was shown earlier today with the rule-writing capabilities. 

KATE BRENNAN: Yeah. 

DARREL BISHOP: That’s helped our team to actually speed up and enhance our process of rule-writing creation. Another one that I would say is probably my favorite tool that I beta tested the entire time working with the Radar team is Smart Refunds, which I think would help pretty much any merchant here that uses Radar. Obviously, no fraud tool is 100%. I mean, we wish it was, maybe in the future, but not right now. So Smart Refunds is a great tool to actually find missed fraud cases and give the merchant the opportunity to actually refund those cases so they don’t turn into a chargeback later. 

KATE BRENNAN: Yeah.

DARREL BISHOP: So that way, what we’ve seen since we’ve implemented Smart Refunds and been testing it over a year now is our chargeback rate has stayed basically flat, really low, flat—you know, no crazy spikes or anything like that. And we’ve also used that data that we got from Smart Refunds to actually improve our rules, as well, at the same time. So we actually were able to—you know, hey, we missed it on this side. Now on the other side in the future, we can make sure to capture it there. So very good AI tools, especially, like I said, Smart Refunds. Really enjoyed working with that. 

KATE BRENNAN: So it’s making your team stronger by leveraging it. 

DARREL BISHOP: Definitely. Yeah. 

KATE BRENNAN: So it’s a yes-and moment for the team and the AI. 

DARREL BISHOP: Exactly. 

KATE BRENNAN: Awesome. So, Rishabh, earlier we talked about different payment methods. I’d love to know if the proliferation or addition of payment methods, how that’s playing out for DoorDash and how that influences your fraud approaches. 

RISHABH PANDEY: Yeah, definitely. I think DoorDash has been recently adding a lot of new payment methods as we also expand to other regions in the world. So for example, recently we had Klarna on our platform. Before that, we’d been using all digital wallets, whichever the major ones, Apple Pay, Google Pay, PayPal, everything. And of course, we have credit cards. So whenever you add a new payment method, of course, there’s a new bunch of things that you have to think about when it comes to fraud because there’s existing fraud things that you have to think about. For example, fraudsters know how to utilize those for new payment methods. But how we deal with that is that we obviously take a flexible approach. 

So it’s not like, let’s say, we add a new payment method. It’s not like we have this framework that, okay, we know that these are the kinds of fraud we deal with. Whether it’s like, let’s say, we’ve been seeing a lot of identity theft when it comes to credit cards, but when you’re using a tokenized payment method, like Google Pay, Apple Pay, there’s not really much there, of course, when it comes to identity theft because—

KATE BRENNAN: Adapting based on the shape of payment method. 

RISHABH PANDEY: Yeah. So yeah, that’s how we try to do that. Depending on the payment method, if it’s tokenized, then sometimes we also don’t have chargeback liability on us. So it depends on how the payment method works. So if it is on us, then we have higher frictions. 

KATE BRENNAN: Got it. 

RISHABH PANDEY: It’s not—

KATE BRENNAN: Lots more that we could cover there. Thank you all so very much for joining us today. Have a great day.