Welcome to the Siili
Composable Bank podcast. Today, we have a guest known as
Mr. Payments, Juuso Paulasua from the SOK payment services team. Welcome, Juuso. Thank you. In a nutshell, could you briefly
explain what your job entails? Sure, briefly. I work as a Development Manager at
SOK in the payment services team. Our team is responsible for payment
acceptance, ensuring that payments work smoothly in brick-and-mortar stores,
online shops, and mobile applications. It was really in a nutshell in a nutshell. Now that we have you here as a guest, we'd
like to talk with you a bit about payment security and AI as a general topic. Favorite themes. Yeah, well, it's been noticed. You've been very active on your social
media channels, especially lately, as I follow you myself and many people
in the payment industry do too. You've talked a lot about payment fraud,
scam online stores, and generally about these kinds of payment-related scams. Why is this topic important? Right now. Well, it's always an important topic. Scams, fraud, and crime
have always existed. The unfortunate fact is that as long as
we have money and transactions, there will always be attempts to misuse them. These phenomena we've seen in recent
years have evolved quite significantly, constantly taking on new forms. These affect an increasingly
larger group of people. It looks very much like these
fraudsters are constantly developing their methods, making it even harder
for professionals to detect them. Just recently, the financial sector
reported last year's figures. Finns were targeted for over 100
million euros in fraud attempts. That's an enormous amount. The host is quite shocked. numbers indeed Host
Hyyti��inen This affects the entire society. Host Yes. And of course, it can also affect us as
individuals, or our close ones, or really anyone, so it's extremely important. It's a very scary topic. Unfortunately. How about, considering your
role at SOK and the employer you represent, how do you approach it? Let's say the security of online payments,
and of course, the security in-store payments is also extremely important. Yes. Well, perhaps the first thing
to say is that it's something you can't compromise on at all. It is extremely important. Of course, there is much more to
payment than just security���user experience, ease of payment, and so on. Nowadays, payment has also become
quite a buzzword, with various applications making it a focal
point of interest and attention. But the foundation of everything is
the trust that, as a customer and consumer, I can rely on the payment
process being secure and functional. Likewise, as a merchant, I can
trust that I will receive my money and no fraud will occur. Exactly. If we think about AI as a promoter
of security, in what ways could a retail operator, like SOK for
example, utilize AI to protect customers' payment transactions? This is a very interesting phenomenon,
as there's constantly a lot happening in the payment ecosystem. As banks, payment service providers,
and card schemes start using AI for fraud prevention, the benefits also
extend to retailers and consumers. It's actually quite fortunate that
significant investments aren't required to start reaping those benefits. Of course, with AI helping to
identify more phenomena faster, fraud is constantly evolving. If we think about the types of activities
that can target online stores, the ability to detect different patterns much
quicker and respond to them is crucial. How do you believe the
security of payments will also evolve in the coming years? There's certainly another
perspective here, that it's a bit of a "catch me if you can" game
with these fraudsters as well. The faster companies adopt AI for fraud
prevention, the more likely it is that these scammers will be right behind or
even ahead, thinking about what tools they can use or how they can enhance
their activities with AI, for example. How do you believe security will
develop in the coming years? Well, as I said, this is unfortunately
a continuous game of cat and mouse, and new phenomena keep emerging all the time. Right now, services like Google Pay,
Apple Pay, and wallets in general are at the forefront of payment methods. But from the retailer's
perspective, these payment methods seem to be relatively low-risk. The card is tokenized. Could the potential for misuse be narrower
than with traditional card payments? We've started to see, for example
in China, these wallet farms where stolen card information is fed into
wallets, and then these physical phones are even being sold there. Here we have a phone with a wallet
containing ten stolen card details, and the highest bidder gets to use them. I fundamentally trust that the core
of payment systems is always secure, but these phenomena are evolving
so rapidly that we can't become complacent about our sense of security. Yes. It's really important that we stay
ahead and, as companies and within the entire payment ecosystem, find
ways to ensure that each player can guarantee security for their
customers and collaborate extensively. What about AI, then? We also talked about fraudsters using AI. Could it also be used to
carry out new types of scams? You mentioned these wallets as a new
clever method, but are there other risks you see where fraudsters could utilize AI? Yeah, well, in general, how I see
the use and utilization of AI. Well, in the field of payments,
preventing fraud is perhaps the clearest use case, but I've had many
discussions with various partners and colleagues about what other use cases
there might be for AI in this area. And I believe we don't yet
know nearly all of them. We have only seen the tip of
the iceberg of what is to come. Unfortunately, this also
applies to the other side. For example, deepfakes have
started to be used in phishing, leading to very large frauds. Whenever we talk about payments and
money, fraud crime is not just about individual consumers' cards and thousands
or hundreds of euros, but it can involve millions or even tens of millions. I'm afraid that both for better
and for worse, we've only scratched the surface, and the coming years
will show what else is in store. And besides these individual
large sums, there's also the issue of large-scale phishing. Just a few years ago, it was said that the
Finnish language provided good protection because foreign criminal groups targeting
Finns had very clunky language, making it easy to recognize phishing messages. But the situation is
quite different today. The same goes for fake online stores. Previously, they used Google Translate for
very clumsy translations, but nowadays the language is getting very close to native,
and it's no longer so easy to spot scams. Exactly. As a payment expert with a background
in this field, I've also come across some extremely skillfully crafted
scam websites that are difficult to identify, even though I've been trained
by my employers to recognize the signs. But those signs are no longer visible. Just as straightforwardly as before. Thanks for these insights. Where can listeners follow your thoughts
and learn more about these topics? Yeah, LinkedIn is the main channel
where I've been vocal about these things, and I will continue
to be, so feel free to follow. Great, that's important and good. Thank you. Thank you
Payments & e-commerce development at SOK
1wThanks for having me, always a pleasure to talk about my favorite topic! 🙏