惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
News and Events Feed by Topic
V
V2EX
博客园 - 【当耐特】
Vercel News
Vercel News
雷峰网
雷峰网
爱范儿
爱范儿
WordPress大学
WordPress大学
云风的 BLOG
云风的 BLOG
S
Securelist
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Azure Blog
Microsoft Azure Blog
F
Full Disclosure
有赞技术团队
有赞技术团队
Hugging Face - Blog
Hugging Face - Blog
NISL@THU
NISL@THU
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Attack and Defense Labs
Attack and Defense Labs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
Microsoft Security Blog
Microsoft Security Blog
腾讯CDC
P
Proofpoint News Feed
B
Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
K
Kaspersky official blog
I
InfoQ
Google Online Security Blog
Google Online Security Blog
L
LINUX DO - 最新话题
Project Zero
Project Zero
Engineering at Meta
Engineering at Meta
V
Visual Studio Blog
AI
AI
Schneier on Security
Schneier on Security
B
Blog RSS Feed
T
Tor Project blog
H
Help Net Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
LINUX DO - 热门话题
阮一峰的网络日志
阮一峰的网络日志
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
C
Cyber Attacks, Cyber Crime and Cyber Security
G
Google Developers Blog
Google DeepMind News
Google DeepMind News
V2EX - 技术
V2EX - 技术
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
A
Arctic Wolf
Webroot Blog
Webroot Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main

PCI Perspectives

Meet the Council’s New Head of Business Operations and Risk Management The AI Exchange: Innovators in Payment Security Featuring PCA Cyber Security Enhance Your Community Meeting Experience with Interactive Workshops The AI Exchange: Innovators in Payment Security Featuring PROSA Bring PCI SSC Training to Your Organization with the New Training Venue Host Program The AI Exchange: Innovators in Payment Security Featuring Utimaco Coffee with the Council Podcast: Meet This Year’s North America Community Meeting Keynote Speaker, Sharon Gai Welcome Our Newest Associate Participating Organizations PCI SSC Publishes New Guidance on Compensating Controls and the Customized Approach Spotlight On: Dreamplug Technologies Private Limited (CRED), a New Principal Participating Organization Request for Comments: PCI Data Security Standard (PCI DSS) v4.0.1 The AI Exchange: Innovators in Payment Security Featuring In-Solutions Global Ltd Coffee with the Council Podcast: Nominate Now for the Global Executive Assessor Roundtable (GEAR) PCI SSC Publishes PCI PTS HSM v5.0 Request for Comments: PCI Secure Software Lifecycle Standard v2.0 Spotlight On: Worldline, a New Principal Participating Organization Coffee with the Council Podcast: Stronger Together – The Value of Participating with PCI SSC The AI Exchange: Innovators in Payment Security Featuring Dreamplug Technologies Private Limited (CRED) Level Up Your Payment Security Expertise with PCI SSC Knowledge Training PCI SSC Launches Enhanced Language Microsites for Global Audience Exhibit at or Sponsor the 2026 Community Meetings Spotlight On: Stripe, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Toast, Inc. Coffee with the Council Podcast: A Panel Discussion on Cryptography The AI Exchange: Innovators in Payment Security Featuring Flywire Spotlight On: Amazon, a New Principal Participating Organization Welcome Our Newest Associate Participating Organizations The AI Exchange: Innovators in Payment Security Featuring Checkout.com Coffee with the Council Podcast: PCI SSC Publishes First-Ever Annual Report The AI Exchange: Innovators in Payment Security Featuring Bank of America Request for Comments: PCI Card Production and Provisioning Physical and Logical Security Standards v3.0.1 Spotlight On: Futurex, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Soft Space PCI Security Standards Council Publishes First-Ever Annual Report Coffee with the Council Podcast: PCI SSC Releases Version 2.0 of the PCI Secure Software Standard PCI SSC 2025 Community Meetings Now Available on Global Content Library PCI SSC Releases Version 2.0 of the PCI Secure Software Standard 2026 PCI SSC Training Schedule Announced Spotlight On: Reflectiz, a New Principal Participating Organization The AI Exchange: Innovators in Payment Security Featuring Jscrambler Meet the Council’s New Client Engagement Operations Director The AI Exchange: Innovators in Payment Security Featuring SISA Meet the Council’s New Director, Training Programs Request for Comments: PCI Key Management Operations (KMO) v1.0 Standard PCI SSC Publishes Mobile Payments on COTS (MPoC) Guidance Document The AI Exchange: Innovators in Payment Security Featuring Block, Inc. Request for Comments: PCI PTS HSM v5.0 Coffee with the Council Podcast: Nominate Your Company for the Council’s Next Brazil Regional Engagement Board 2025 Asia-Pacific Community Meeting Agenda Highlights The AI Exchange: Innovators in Payment Security Featuring Elavon Inc. Coffee with the Council Podcast: Meet the New Regional Director of Japan and South Korea, Junichi Tsuboi Internal Security Assessor (ISA) Training Case Study: WestJet Sneak Peek: 2025 Europe Community Meeting Speakers AI Principles: Securing the Use of AI in Payment Environments The AI Exchange: Innovators in Payment Security Featuring Cloud Security Alliance Beware of PCI DSS Compliance Certificates Meet the Council’s New Regional Director, Europe PCI SSC Releases New Guidance on Authentication and Cryptography Welcome Our Newest Associate Participating Organizations Sneak Peek: 2025 North America Community Meeting Speakers Coffee with the Council Podcast: Meet This Year’s Asia-Pacific Community Meeting Keynote Speaker, Sharon Gai The AI Exchange: Innovators in Payment Security Featuring Salesforce
The AI Exchange: Innovators in Payment Security Featuring SecurityMetrics
Alicia Malone · 2026-06-11 · via PCI Perspectives

Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for payment security industry stakeholders to exchange information about how they are adopting and implementing artificial intelligence (AI) into their organizations. 

In this edition of The AI Exchange, SecurityMetrics Vice President of Forensic Investigations, Aaron Willis, offers insight into how his company is using AI, and how this rapidly growing technology is shaping the future of payment security.

How have you most recently incorporated artificial intelligence within your organization? 

One of the most tedious aspects of forensic investigations can be trying to find malicious code buried in thousands or even tens of thousands of lines of otherwise normal code. While AI is being integrated into nearly all aspects of our forensic work, including report writing, advanced heuristics, and monitoring, the biggest impact has been taking advantage of AI’s ability to quickly inspect vast amounts of code where digital skimmers, loaders, or other malware may be hidden, often behind conditional logic operators.

We’ve integrated our forensic AI tools directly into the payment process at the exact moment the customer is typing in the credit card information so that it can oversee the entire process from start to finish and detect suspicious activity, vulnerabilities, and zero-day-payment hacks in a way no current solutions could ever hope to match. Our tool is called Shopping Cart Monitor, and it helps fulfill the PCI DSS requirement 6.4.3 and 11.6.1.

We recently launched another tool utilizing AI, called Spectre AI. It’s designed to help banks and payment service providers manage the risk of their merchant portfolios. Spectre AI helps users find
risks within their merchant portfolios by scanning ecommerce websites and identifying those with vulnerabilities verified to lead to remote compromise. This helps reduce portfolio risk and increase a portfolio's value by highlighting the merchants who need targeted efforts to address their high risk of compromise. It automatically runs every month, predicting and forecasting which merchants are most likely to experience a fraud event. As risk trends change, users stay up-to-date by connecting additional fraud vector data into Spectre AI for analysis.

What is the most significant change you’ve seen in your organization since AI-use has become so much more prevalent? 

The rate at which we are adopting and adapting AI into our forensic work is both thrilling and frightening. Tasks that we formerly allocated days or even weeks to accomplish can now be done in minutes or hours. It has become almost unthinkable to try to perform such tedious tasks as code reviews, log reviews, and packet analysis without at least some AI assistance.

How do you see AI evolving or impacting payment security in the future? 

We have no choice. We will use AI to fight AI, or we will lose the war. Bad actors have no ethical dilemmas or best practices with which to wrestle. They are using AI to implement adaptive and stealth payment malware in new and even unimaginable ways.

As we implement defensive AI, we must grapple with how to do it in ways that preserve privacy, intellectual property, integrity and human oversight, and we must do so at a speed that keeps us in the battle.

What potential risks should organizations consider as AI becomes more integrated into payment security? 

  1. Dependency: Can you get the job done without AI? If not, you are abusing it.
  2. Accuracy: AI has become infamous for its ability to hallucinate.
  3. Authenticity: “AI slop.” Don’t let AI ruin your reputation for quality work.
  4. Deception: AI can now mimic your favorite vendor, calling you directly, asking to change payment details in their own familiar voice. A healthy amount of skepticism is necessary to stay secure as AI evolves.

What advice would you provide for an organization just starting their journey into using AI?

AI has reached a point where it can be an amazing tool for a skilled programmer, pen tester, forensic analyst, or to enhance the productivity of just about any position. The temptation will be to eliminate expensive, skilled workers and rely on less skilled workers to produce similar output using AI. We are not there yet.

AI makes good employees better, mediocre employees risky, and bad employees dangerous. Keep your good people.

Always have a human review any work or output of AI for accuracy.

What AI trend (not limited to payments) are you most excited about? 

We are already seeing autonomous vehicles, such as taxis, operating in certain cities. As AI takes over transportation, gridlock and shipping delays will become a thing of the past. AI will treat roads like network lanes and route you (human data) along the most efficient path to wherever you are going. This could reduce or even eliminate the need for traffic lights, stop signs, and reduce traffic accidents and deaths by orders of magnitude. This is something to be very excited about.

Still… I’ll be white-knuckling those first days of passing through an intersection at full speed, with nobody at the wheel, while other driverless cars whiz by within a few feet of colliding at high speeds.

View More Content on Artificial Intelligence

Learn More About SecurityMetrics