Page 24 - gs260101
P. 24
Cover Story continued
At the same time, the industry is grappling with a widen-
ing gap between AI haves and have-nots. Large acquirers
The risks beneath the AI boom and retailers are shaping models based on their own data
and workflows, while smaller players risk being excluded
As payments companies rush to operationalize arti- from training sets and optimization cycles. That disparity,
ficial intelligence, a quieter conversation is unfolding Anderson noted, could become a regulatory concern in its
beneath the surface: one focused less on capability own right as performance gaps widen.
and more on risk.
From authentication to continuous risk
Despite widespread talk of artificial general intelli-
gence (AGI), many experts caution that expectations Nowhere is the strain more visible than in identity and
are racing far ahead of reality. "Without a fundamen- fraud prevention. Fraud has evolved rapidly from isolated
tal hardware shift, most AGI announcements will attacks to industrial-scale operations, and generative AI
outpace what is technically achievable," said Gaby has pushed it into what some experts describe as the "eas-
Diamant, co-founder and CEO of BridgeWise. The ily mass" era.
danger, she suggested, is not underperformance but
overconfidence, particularly in regulated environ- "Even junior fraudsters can now generate deepfakes and
ments where explainability and accountability are synthetic identities at unlimited volume," said Yair Tal,
non-negotiable. CEO of AU10TIX. "The result is unprecedented scale,
speed and accessibility."
Security leaders are already seeing the consequences
of that imbalance. As organizations push AI agents In that environment, traditional authentication breaks
into production faster, misconfigurations and exces- down. A check performed at onboarding or login quickly
sive permissions are becoming more common. becomes obsolete as attack patterns shift. The industry, Tal
stated, is being forced to rethink trust itself. "Risk becomes
"By trying to make AI as powerful as possible, com- the new trust layer," he said. "Organizations must move
panies may inadvertently create major single points from one-time checks to continuous, adaptive identity in-
of failure," said Melissa Ruzzi, director of AI at Ap- telligence that updates as fast as the fraud targeting them."
pOmni. Excessive permissions, poorly defined in-
structions, and agent autonomy without guardrails Complicating matters further is the rise of AI agents as
can expose sensitive data, especially in SaaS environ- legitimate economic actors. Bots are no longer simply
ments where access controls are already complex. threats to be blocked. Increasingly, they are acting on be-
half of consumers: shopping, booking travel, submitting
Brian Soby, AppOmni's CTO and co-founder, warned applications and executing transactions.
that these risks are emerging just as traditional secu-
rity perimeters continue to erode. Zero Trust archi- "The challenge is no longer eliminating agents," Tal said.
tectures are becoming more common, but attackers "It's authenticating them and determining who is the hu-
are adapting quickly, targeting identity systems and man behind the agent."
weak links in access management rather than net-
work boundaries. That shift introduces a new verification problem: en-
terprises must validate both agent behavior and human
Some payments providers are also concerned that AI authorization, without undermining privacy. Verifiable
hype is diverting attention from more immediate op- credentials may help resolve that tension, but only when
erational risks. Ecrypt, a payments services provider, paired with continuous risk intelligence capable of spot-
noted that while AI will increasingly power fraud de- ting anomalies and misuse in real time.
tection and compliance workflows, it will also enable Agentic commerce and the trust gap
fraudsters to scale attacks using deepfakes and syn-
thetic identities. That dynamic is pushing the indus- "Agentic AI taking on commerce sounds promising right
try toward AI-versus-AI defenses, where automated now," said Ruston Miles, founder of Bluefin. "But it's still
systems must identify threats before humans can in- too early for secure transactions." Teaching AI how to act
tervene. is no longer enough. In 2026, Miles said, the industry will
be focused on teaching agentic AI how to act safely.
The takeaway for payments leaders heading into 2026
is clear: AI adoption is inevitable, but ungoverned AI That emphasis on safety and familiarity extends to the
is unsustainable. As regulatory scrutiny grows and checkout experience itself. Research from Burbank sug-
fraud tactics evolve, success will depend less on how gests that trust is increasingly a commercial metric, not
quickly firms deploy AI and more on how deliberate- just a design concern.
ly they control it.
Roughly half of consumers report abandoning online pur-
chases due to security fears—even when they want the
24
