Supernova Award Category
The Problem
Since the digitization of the financial services industry, global transactions company Visa, has been challenged with the rise in unknown malware, advanced threats, and insider threats that could cause significant damage to the organization, businesses and individuals. This increased risk of fraud led Visa to spend nearly $1 billion annually to keep up with incoming data volumes and meet the need for regulatory requirements. However, despite this investment, Visa was still limited to fairly simple queries on no more than a year’s worth of data. Visa’s global information security group sought a faster query response time and unconstrained access to analyze data in the warehouse so they could better detect fraud and effectively counter other risks.
The Solution
Visa leveraged Cloudera Enterprise for longer-term security data set retention. With Cloudera, Visa gained a thorough understanding of the different stages an attacker may go through during a targeted attack and the different techniques an attacker may use to carry out each stage. With this knowledge, Visa detects threats from a user, a device, or an application by using machine learning, behavior modeling, peer group analysis, real-time statistical analysis, anomaly detection and predictive modeling. Cloudera Enterprise powers the analytics to detect cyber attacks and insider threats all in real time. Visa also adopted Cloudera’s Impala to migrate their disaster recovery environment to Hadoop giving Visa the tools to analyze historical data with greater detail and to join large data sets from disparate sources which improved flexibility and scale, while significantly reducing cost.
The results
Cloudera Enterprise helped Visa to identify an estimated $2 billion in potential annual incremental fraud opportunities and allowed Visa to address vulnerabilities before the organization was impacted financially and data was lost. Visa was able to maximize the data assets of their Global Information Security team across the enterprise by building innovative data-driven products and predictive models to solve complex challenges in cybersecurity. Using Cloudera Enterprise, Visa was able to analyze all of its data, where earlier analytical models analyzed as little as 2% of their data. Before using Cloudera, Visa based its security assumptions on average fraud rates, now Visa can analyze the actual market and pinpoint individual risky transactions, identifying fraud faster than ever before. Today, Visa continues to make advances in spotting fraudulent purchases in real-time through predictive analytics. This intelligence helps identify criminal patterns and prevent fraud before it happens.
Metrics
With Cloudera Enterprise, Visa identified the firm’s biggest historical incidence of fraud– an estimated $2 billion in potential (damage?). By offloading data aggregations to Hadoop, the firm was able to reduce the workload on their ETL tool by 10–15%, which corresponds to a 10–15% cost savings. And finally, by replicating their production data on Hadoop with Impala instead of purchasing a duplicate relational data warehouse environment for disaster recovery, the firm is saving $30 million annually. Their storage area network costs alone will be reduced from $7,000 per TB to $500 per TB—that’s 1/15 of the original cost.
The Technology
Cloudera Enterprise and Cloudera Impala
Cloudera Navigator: Visa tracks user access permissions and actual accesses to all data objects in HDFS and collect all logs which helps in auditing.
Disruptive Factor
Visa systems have strict availability requirements to ensure payments never fail and set the status quo for electronic payment systems. These are designed around the proven ideas and technologies to achieve this.
Shining Moment
In the credit card industry, the primary goal is ensuring that data is properly protected and that merchants meet minimum privacy levels when storing, processing, and transmitting this data. The PCI DSS was formalized as an industry-wide security standard in 2004, established by the five major credit card companies with Visa paving the way. In 2014, Cloudera announced that its Cloudera Enterprise platform as the only Hadoop platform that is fully certified as PCI compliant.