What Problem Was Mastercard Actually Solving in 2024?
Global banking fraud losses exceeded $45 billion in 2024. Mastercard’s network processes roughly 143 billion transactions annually, each one a decision point where approving a fraudulent charge costs issuers money and declining a legitimate charge costs a customer their trust. The company had been running a fraud scoring system built on its Brighterion acquisition since around 2016, and that system had a structural problem it could not fix by retraining: it scored each transaction as an isolated event.
An isolated-event model asks, “Is this single purchase unusual?” A cardholder buying electronics at midnight in a city they don’t normally shop in might score high risk — or might not, if they travel frequently. The model has no mechanism to ask whether the sequence of purchases that preceded this one makes the current transaction more or less plausible. Fraudsters who keep individual transactions below flagging thresholds can exploit exactly this gap.
Mastercard’s engineering answer, announced in February 2024, was Decision Intelligence Pro.
What Is Decision Intelligence Pro — and What Is It Not?
This is where the public coverage has consistently blurred the picture. Decision Intelligence Pro is not a single product; it is the first of three distinct systems Mastercard released across 2024, and conflating them misrepresents what each one actually does.
Decision Intelligence Pro, announced February 2024, handles real-time authorization scoring for card transactions. Card Compromise Detection, announced May 2024, uses generative AI to reconstruct full compromised card numbers from partial data scraped from criminal marketplaces, identifying cards at risk before any fraudulent charge appears. Consumer Fraud Risk, announced September 2024, targets authorised push payment scams and mule account detection, and went live with 11 UK banks by the time of its announcement. Three separate architectural approaches, three separate threat categories — the fact that all three carry the “Mastercard AI fraud” label in press coverage is a measurement problem as much as a marketing one.
DI Pro itself focuses narrowly on card authorization. It scores transactions in under 50 milliseconds at approximately 70,000 transactions per second, drawing on training data from roughly 125 billion annual transactions.
How Does the Sequence-Pathway Architecture Actually Work?
The core architectural shift is this: DI Pro treats a cardholder’s transaction history as a sequence, not a collection of independent data points. It uses a recurrent neural network that models the ordered pattern of merchants a cardholder “should” visit — the implicit geography and rhythm of how people spend — and then flags deviations from that predicted pathway.
The framing Mastercard uses internally is an inverse recommender. A conventional recommender system asks, “Given this user’s history, which merchants should we suggest?” DI Pro inverts the question: “Given this cardholder’s history, which merchants would they plausibly visit next?” A transaction that fits the predicted pathway scores low risk. One that deviates sharply — not just in category or location but in the sequence-level logic of how the cardholder moves through the world — gets elevated scrutiny.
A second layer adds network-level signal. DI Pro maps cards to merchants in a graph structure, so if 30 of 200 cards linked to a particular merchant confirm fraud, the remaining 170 cards receive automatically elevated risk scores. This reflects the reality of how card compromise propagates: a breached merchant exposes many cards at once, and a point-event scorer that evaluates each card in isolation captures that only slowly.
How Does This Compare to the Previous Approach?
The table below maps the two architectures across the dimensions that matter operationally.
| Dimension | Previous Decision Intelligence (~2016) | Decision Intelligence Pro (2024) |
|---|---|---|
| Core question | Is this transaction unusual in isolation? | Does this transaction fit the cardholder’s predicted merchant pathway? |
| Data used | Transaction attributes at the point of purchase | Ordered sequence of prior merchant visits; card-merchant graph |
| Architecture | Point-event scoring model | Recurrent neural network + graph layer |
| What it catches | Outlier transactions against individual baselines | Pathway deviations; compromise propagation across linked cards |
| What it misses | Fraudsters staying below per-transaction thresholds | Authorised push payment fraud; friendly fraud; synthetic identities |
| Scoring speed | Sub-second | Under 50ms at ~70,000 transactions/second |
The shift from row one to row two is what makes the architectural difference legible. An adversary who keeps each individual charge below the anomaly threshold still shows up as a pathway anomaly — they are visiting merchants in an order that does not match the cardholder’s history, even if no single charge looks wrong.
What Do the Performance Numbers Actually Mean?
Mastercard reports a 20% average improvement in fraud detection rates across the network, with improvements reaching 300% in some high-risk transaction segments. The company also reports an 85%-plus reduction in false positives. These are significant figures if accurate.
The honest qualification matters here: every one of these numbers comes from Mastercard’s internal modelling at the time of launch. No independent third-party audit has been published. The figures describe improvements over the previous Brighterion-based system, measured on Mastercard’s own data, under conditions Mastercard defined. That does not make them false, but it does mean they carry the same epistemic weight as any vendor’s self-reported benchmark: they establish a plausible upper bound, not a confirmed real-world outcome.
Competitor context helps calibrate the claims. Visa’s fraud detection uses a comparable RNN-based approach. Stripe Radar, trained on more than one trillion dollars in annual payment volume, reports a 32% average fraud reduction — a more conservative figure against a larger transaction base. PayPal maintains a fraud rate under 0.32% across $1.5 trillion in annual payments. Mastercard’s figures are not implausible given the architectural shift, but the industry does not yet have standardised external benchmarking that would let a buyer compare these numbers directly.
What Does Decision Intelligence Pro Not Catch?
This is the part of the story that most coverage skips. The sequence-pathway model scores the authenticity of a transaction against a cardholder’s expected behavior. That means it has structural blind spots wherever the “legitimate cardholder” framing breaks down.
Authorised push payment fraud — where a criminal socially engineers a consumer into willingly transferring money — looks completely legitimate to DI Pro because the cardholder authorises it themselves. Mastercard built Consumer Fraud Risk as a separate product precisely because DI Pro cannot address this category. APP fraud now represents a significant share of total fraud losses in markets like the UK, which is why CFR’s deployment with 11 UK banks carries real operational weight.
Friendly fraud and bust-out fraud share a similar structural problem: the cardholder’s own history is exactly what the fraudster is exploiting. In bust-out fraud, a person builds a legitimate-looking credit history over months and then maxes out accounts before disappearing. The sequence model scores that history as low risk because it genuinely is low risk — until the final phase. DI Pro also sees only Mastercard’s network; cross-network fraud patterns that involve Visa transactions or bank transfers remain invisible to it.
These are not flaws unique to Mastercard’s implementation. They are inherent to any model that scores behavior against a legitimate-user baseline.
What Is Genuinely Novel About the Card Compromise Detection Product?
The generative AI card reconstruction announced in May 2024 represents a more fundamental shift in posture than the sequence scoring. DI Pro is still reactive in the sense that it scores transactions as they arrive. Card Compromise Detection is proactive: it ingests partial card data scraped from criminal marketplaces and uses generative AI to reconstruct the full 16-digit numbers.
The ability to identify a compromised card before it is used for a fraudulent transaction changes the intervention timeline entirely. Instead of flagging a transaction as it clears, Mastercard can alert the issuing bank to reissue the card before any charge is attempted. This is the “predict the threat before it materialises” posture that distinguishes the most advanced fraud operations from classification-based systems that can only respond to what they have already seen.
The underlying technique — using generative models to complete structured partial data — is applicable well beyond payments. Any context where adversaries expose partial information before executing an attack creates the same opportunity.
What Does Mastercard’s Full AI Suite Actually Look Like?
Mastercard’s fraud AI stack has four distinct layers as of 2026. Decision Intelligence Pro handles real-time authorization scoring using RNN sequence modelling and a card-merchant graph. Card Compromise Detection operates on threat intelligence data — dark web card fragments — using generative AI to reconstruct full card numbers before fraud occurs. Consumer Fraud Risk targets account-to-account fraud and mule detection, operating at the receiving bank layer rather than the authorization layer. The Payments Foundation Model, announced March 2026, is a Large Tabular Model trained on hundreds of billions of transactions intended to underpin all of the above plus loyalty and small-business analytics.
These are not integrated in the sense of sharing a single inference pipeline. They address different fraud categories, use different data sources, and operate at different points in the transaction lifecycle. The architectural coherence is that each layer targets a category the others cannot see — authorization anomaly, card compromise, account mule, and proactive pattern prediction respectively.
Can You Replicate This With Open-Source Tools, and How?
The sequence-pathway core of Decision Intelligence Pro is implementable today using publicly available tools. The graph layer adds complexity but has strong open-source support. The generative card reconstruction is the only component that genuinely depends on Mastercard’s proprietary data scale.
For the sequence layer, PyTorch or TensorFlow with an LSTM or GRU model is the standard starting point. The training objective mirrors DI Pro’s inverse recommender framing: given a cardholder’s ordered transaction history, predict the next merchant category, then score real incoming transactions against that predicted probability. The IEEE-CIS Fraud Detection dataset (available on Kaggle) and the PaySim synthetic transaction dataset provide labelled training data without requiring production transaction access.
For the graph layer, Deep Graph Library (DGL) and PyTorch Geometric both have documented fraud detection examples. The safe-graph/DGFraud repository on GitHub implements multiple graph neural network fraud detection methods — including GraphSAGE and Graph Attention Network variants — on real card transaction datasets and is a direct architectural analogue to DI Pro’s card-merchant graph. Node embeddings from the graph can be concatenated with sequence model features, giving the combined model both pathway signal and network propagation signal.
A simple three-step implementation path for any enterprise:
Step 1 — Build sequence features. Convert interaction history (transactions, API calls, access logs) into ordered sequences per entity. Train an LSTM to predict the next expected event type. The prediction error on real incoming events becomes your anomaly score.
Step 2 — Add the graph layer. Build a bipartite entity-resource graph (cards-to-merchants, users-to-systems, accounts-to-vendors). Use node2vec or a GNN to generate entity embeddings that encode network position. Inject these as additional features into the sequence model to capture guilt-by-association propagation.
Step 3 — Deploy in shadow mode. Run the model in parallel with your existing rules engine for 30–60 days without acting on its scores. Validate precision and recall against confirmed fraud events before replacing or supplementing existing controls. This preserves auditability and gives the model time to calibrate on your specific data distribution.
The investment Mastercard brings — 125 billion training transactions and a live network — creates a detection advantage that open-source cannot replicate at that scale. The architecture, however, is accessible. An enterprise running its own transaction data through this stack will not match Mastercard’s cross-network visibility, but it will produce meaningfully better results than threshold-based alerting for the entity interactions it can see.
What Can Enterprises in Other Industries Take From This Architecture?
The sequence-pathway approach generalises. Payments make the logic visible because transactions leave a clean, timestamped record, but any domain with repeated interactions generates the same raw material: procurement systems, access control logs, customer service interactions, API call patterns.
The key insight is not that RNNs detect fraud. It is that threshold-based alerting is structurally exploitable because adversaries who study your thresholds can route around them one step at a time. Pathway modelling defeats that strategy — an adversary who keeps each individual action below the alert line still accumulates a sequence that does not match any legitimate user’s pattern.
The graph layer generalises equally well. In an enterprise network, the equivalent of “30 of 200 cards linked to this merchant confirmed fraud” might be “15 of 80 accounts that accessed this API endpoint have now confirmed compromise.” Propagating risk scores across connected entities before each one individually triggers a threshold is how you close the window between initial compromise and network-wide impact. That principle does not require 125 billion training transactions — it requires committing to sequence-level reasoning instead of event-level reasoning, and that commitment is available to any organisation willing to rebuild the data structure it uses to ask questions about risk.