Mastercard Incorporated ($MA)

Okay. Great. Everybody, good morning. Thanks for joining us for our chat with Johan Gerber from Mastercard. Now in EVP of Network and Real-Time Payments, that's been a month. Formerly in security, which is the largest piece of the VAS business, which we're really excited about to dig into. I think everyone just said security and kind of glosses over for a second and not really knows what's beyond it, but really looking forward to getting into some detail. First things first though, a bunch of management changes announced yesterday, we wrote a note on it thinking it was -- it just really shows the depth and breadth of the management team. No exits, no new hires either, just kind of shuffling around. That's usually the sign of a great management team. And so we're very favorable on it. Love it. We'll miss Sachin as the CFO because he's is terrific, but looking forward to meeting Lang and getting in there. But I don't know if you want to comment on that. We were very favorable like we didn't think it was anything negative at all.

Well, first of all, thanks for having us, we're excited to talk about this as well. This is such a big part of our portfolio, especially of our value-added services. Security now is about 40% -- sorry, value-added services about 40% of the company's net revenue. Security Solutions is a really big part of that. But on the management changes, to your point, it shows the depth in the bench that we have. And my role is actually a very good example of that, too. I just moved from running Security Solutions to running our Real-time Payments and Network Products. And Ann Johnson is joining us from Microsoft as the previous Deputy CSO, who will now take over. So that rotation, that ability to have people who understand the breadth of our company, to look at problems in different ways. I think that's the real area of strength that we can bring. And then you bring new talent in from time to time to just help upskill and help us accelerate more. So I think we are -- from a company point of view that the staff are very excited. We all know these folks, we know what they bring and they bring a very strong rigor into these disciplines.

That's good color. Congratulations from one great company to another one. So let's talk about VAS a little bit. It's obviously around 40%-ish of total revenue, as you mentioned, growing healthy. Maybe just give a broad overview of where security sits within the portfolio and just maybe just give a couple of bullet points on the rest just to level set for everyone, and then we can really dive into security.

So if you look at our VAS portfolio -- and maybe I should just take a step back. To your point, it's about 40% of our net revenue of the company, which is a big deal. And we've had a very strong history of growth in that outperforming the rest of the company. Being that value -- additional value accelerator and revenue accelerator. So it is a really strategic part of what we want to do. The security solutions portfolio is a big part of that, the largest part of our VAS portfolio. But let me just quickly talk through how do we get to these things. You should think about our vast portfolio as a highly curated set of solutions and categories that we've been working on. And they have a couple of really important aspects to them. We talked a lot about the virtuous cycle about how troughs, we want to increase the value of the Mastercard portfolio. So we win more portfolios. We increased the number of transactions you increase the data and you get that virtuous cycle flowing. So that's everything that we do with VAS is strategically positioned to drive that virtuous cycle to start with. Then look at them as well from a point where we only create these vast services where we know these real customer need. Because we need is important. There's a big TAM. So it's big enough for us to go in and that we can really scale. And then we have some structural tailwinds that will help us accelerate the growth. So these are some of the fundamental building blocks in terms of how we choose what goes into the portfolio. And if you look at the portfolio itself, we've got customer acquisition and engagement, which is about how do we get more customers on to our banks' portfolios, how do the acquirers get more merchants? Are the issues get more cardholders. As you can understand, it's a core part of our -- we help our customers grow, which is another important part of this. A lot of what we do here is to really help drive our customer strategy. We are the facilitator of growth and just playing a very key critical role in that. And that's a really important part of why we believe we want to be relevant at all times is to help that accelerate that growth. So we've got customer acquisition and engagement. Then we've got what we call our BMI services, which is our business management and analytics area. This is where our advisers group it. This is where we do a lot of data analytics with our customer, a lot of customization work happens here. We will go in there. We will look at our customers' data. We'll analyze it. We'll help them to define the strategies will help them with anything from how do you build an agent to create a new strategy in the business. This is also a very important part of our acceleration and personalization of our services. You've got technology and then you've got the humans to kind of help make that work. And so that cycle itself, then turns into how do I generate sales for my people that are in there. And so you can see how this is also important is technology plus people in the BMI team that we have there. Then you've got security solutions, and we'll talk about that in a lot more detail as we go through the rest of the conversation. We also have a range of other services where we have our digital solutions like the organization, authentication, our gateway solutions that we have in there. And then lastly, we have our real-time payments components as well and all the services that we do around those services. So that's a little bit of the portfolio of a services that we have in total.

A really broad array. So let's -- you said that security was the biggest piece. So let's talk about that for a little bit. I think most people think of security and payments, especially when Mastercard involves tokenization. And don't really know what else to talk about after that? So I put down my Mastercard card, whether it's online or physical point of sale, I assume it's secure. There's a token, I see the chip, everything is good. Most people outside of payments wouldn't understand like what else is involved. So maybe we get into that a little bit and maybe just give a broad description of what security is and then we can really dig in.

This is where I can camp out for a whole day. You know that. This is my -- let's talk about...

That is going to get us off the stage.

You will get us off the stage.

He's bigger than us.

That's easily true. So if you look at our security solutions, maybe let me just start there. In addition to what I said earlier, this virtuous cycle, where we see more transactions as we run more portfolios and that enhanced -- so you've got that organic growth that we drive that's helping us in our security solutions. There are also other 2 sources of growth for us in security. There is the constant evolution of technology agent is a great example. These things need to be secure, they need new technology. They need new types of data, they need new solutions in there. And then you've got the frauds that are changing. The criminals are changing their ways in which they attack as well. So you've got two sources of growth in addition to the organic growth that we want through that virtuous cycle. This is why this is such a big opportunity for us. The TAM is growing and it's very relevant to the success of the service. The ultimate goal of security solutions is how do we help our customers to sustainably grow their portfolios, execute against their strategies in a sustainable way. We're not out there to just say, hey, we want to reduce fraud to an absolute 0. We want to be mindful how do you balance all of these things to create the best set of growth with the right amount of risk. And if you think about our portfolios, we have thousands of customers and thousands of portfolios. Every one of those portfolios have different risk appetite. So within these opportunities, there are a lot of customization that needs to happen. And that's where our advisers team comes in. How do we help customers use all of their security solutions. Let's go a little bit deeper -- under the hood.

Can I just stop you right there for a second. Because I think it's important People understand what you said on a macro level, but coming from an operating background, take me into the room of you sitting across the table from an issuer. And they say, hey, we want to grow our program, Mastercard help me. So you're the -- go put your old hat on. You're the security guy. Your turn comes up in the meeting to speak. Like what exactly are you speaking to a bank about? How you can help them grow?

Great example. So let's take -- we're sitting with a bank is about to launch a new portfolio. We look at what are the strategic objectives of this portfolio. You want to go after the super affluent, you want to go after the mass market, you want to go up to your subprime whatever the strategy you want to go after business customers, you want to go after a specific type of segment of the market. Then we look at -- so if that's your target market, what is your strategy? Do you want to create the best experience? Do you want to create the lowest cost? Do you -- so all of these business strategies from our customers get in goes into the box. And then we will say, we can now let's look at our tools. We've got fraud scoring. We've got things to help you do better authentication, better account opening, how do we curate a set of solutions, very specific towards that portfolios vision and strategy that you want to execute against. And that's where we play. And a great example is we recently sat with the customer who's launching an affluent portfolio and said, these customers have to have the best experience at places like dining, travel and so forth. And then in our fraud solutions, we will make sure that we curate very specific rules where for another transaction, I might say the score -- if the fraud risk is above x, I'm going to decline. But for these categories and this portfolio, I'm going to say don't decline, maybe just send them a text message. And so these are very practical. They go down into a lot of detail, but that's going to do the level of detail that we can go into with our customers. And that's why you're part of their growth strategy. You're not just somebody that comes and supply a piece of tech and then walk away. You're in there. And that's where that virtuous cycle is so important. We measure ourselves then does the portfolio perform in the right way, not necessarily the product. The product has to perform. Otherwise, the portfolio will not perform. But the bigger picture is the Mascot business that benefits from this.

We used to call it a sleeve when we were building our software, but it's not really a sleeve. It's more of like an instance specific for that issuer. So they will have almost like a dashboard, and you're adjusting the dials on the back end saying for these transactions, this is what we're going to do. Here's how we're going to do multifactor authentication, if necessary and all that. And for that specific initiative for that particular issuer. That will be the program that [indiscernible].

Correct. And then from time to time, we'll go in there and we'll evaluate. Is it performing? Is it doing what it's doing? And do we need to put tweaks in there. And so we offer a range. Some of our customers are highly sophisticated. They can do a lot of this themselves. Some of our customers are like, please help us and do this on behalf. And so we've got a range of where we do from pure we provide to the solution, and we provide advice to will actually actively help you manage this and continuously evaluate the performance of this. So that's why this is so deeply ingrained into the strategy of the broader Mastercard portfolio.

And all that is within the security.

that's all within the security. Now you can extend that the same way to our customer acquisition and engagement as well. As we launch that portfolio, how to -- and this is where it's actually a great -- the life cycle. When we launch a new portfolio with a customer. The first question is how do we get consumers to adopt this new brand? Or customer acquisition and engagement team gets in there and say, how do we design loyalty, how do we design the traction? Where do we target? Is it social media, what kind of methods do we use to advertise this? How do we onboard these things? Our identity solution sits there. How do we make sure that your account opening and onboarding onto these accounts are as effective and flawless and seamless as possible. And then once they start using their cards, how to make sure that, that experience is rock solid in terms of don't decline them when they're trying to book an Uber for $20 or try to get to the airport and they're late. And then ultimately, at the end, what happens if something goes wrong. So we've got a whole suite of dispute solutions, and we should talk about Ethoca a little bit is a company that we acquired about 10 years ago, just growing phenomenal. They are late to say, how do we handle the when something goes wrong. First of all, how do we make sure that the digital cities in my banking app to avoid an unnecessary call into the how do I manage my subscriptions instead of when I can't get hold of the company where I want to cancel or change my subscription. So these are -- let's rethought the life cycle of account launches, but also the transaction life cycles as well. And that's why this is -- this is not an abstract that sits outside. It is deeply ingrained into the broader strategy of the company and our portfolios.

You said there are two growth factors really driving security, right? What is on new technology like Agentic? Let's really dive into that a little bit. Today, I make a transaction, I authenticate it. Maybe I get a text if it doesn't -- it's not really short me or whatever. How did things change with the genetic when you have an agent standing in front of the ultimate authenticator.

No I think it's -- so we're looking at this as a great opportunity, of course, in terms of -- the new business models that will create for companies, for start-ups to create agents. And so this is just the white space in terms of what this will do and how this will transform the way in which we as consumers communicate with each other, consume products new commerce is fantastic. But if you look at the security around this, there's a whole chain of evidence that we need to pretend I'm an old cop, so I talk about these things as well. But if you think about the parties in an agent transaction, you've got the human -- you've got the human's agent. Then you've got perhaps the merchant or the merchant and/or the merchants agent that's in there as well. And of course, you've got us. We need to make sure when the agent some of these -- when the agent receives a request, the agent needs to know this is a real human. This is not an account that was opened with a synthetic identity. So I need to verify that the consumer is real. The consumer when they're interacting with the agent needs to know I'm dealing with a real legitimate agent. When the agent wants to buy something from a merchant, they need to know that merchant is real. Because think about this, how easy for a criminal to start a business registered and advertise to any agents out there and say, I've got the cheapest pair of shoes or I've got the cheapest travel. So there's a lot of work that we now need to build in to say there's integrity in this flow. And it's not just the agent, it's not just the consumer, it's everybody in the chain. We need to verify. And so we're looking at how do we digitally reinforce the trust and the integrity of the chain of data flow across these areas. And then -- if something goes wrong, how do you clean it up because we've got this -- and you might have read about this, we talked about verifiable intent, where when the consumer asks the agent to do something, that requests that instruction gets encrypted with the signed with the cryptographic key and we call that verifiable intent. If something goes wrong, that thing can get unlocked and be showed to the consumer again and say, this is what you ask the agent. This is what we see what happened. Can we do this? And now Ethoca is the solution that actually will deliver that from the place where you talk to the agent to where you're in your banking app and say, I don't recognize this transaction. This is not what I asked. I will say, well, let's show you what you asked, and they show you what happened here. And then so this is how -- and this is why this opens up so much opportunity on new technology evolution that we really have to secure the entire chain.

I got to tell you, if I ever get asked the question from an investor, why is Mastercard not going to be displaced by gene I want to take that 90 seconds and just play that because I think you summarized it really well. No one sees the entire end-to-end transaction from the consumer to the merchant end more than a network. So the fact that you can authenticate it every step along the way. It makes sense for your...

I know we're going into a whole lot of detail here, but I'm glad we are because if you're a merchant who has to do is doing a lot of sales by an agent and you have to deal with the consumer disputing higher than a normal amount, even 1% or 2% of your sales is not a churn that you have to put in there. So these things are designed not just to safeguard and secure, but to make the operations flow with at least cost as possible. And that's why I will keep coming back on -- these things are facilitators of growth. If you look at the -- I call this the equation of growth, but if you have utility, you can have growth. If you have utility plus trust you've got a growth acceleration. And that trust is the component that we want to put in the model here. And it's just to say, I can trust us all the way through. And if something goes wrong, there's a well-defined path to resolving.

I jumped the gun and went out of order here. we didn't I want to talk about the major components of security. So if someone said, for the security sleeve within VAS. What are the sub-bullets? You handle what? Which revenue drivers were there?

So we've got a couple of line items there. And let me just take a quick stab. I know we talked about the two drivers of growth. The other area that I think is important for us to recognize is our customers are around the globe are fighting an enemy that is extremely well resourced. If you read the data out there, and it's hard for me to verify the data is actually 100% correct. But even if it's not cyber crime and fraud is 1 of the largest industries out there, if you read the documents, they will say it's as big as the third largest economy in the world. That's how well funded the cyber world is. The other piece you have is as a financial industry, we are being attacked by criminals because that's been the money. So anybody with a financial gain wants to go after the banks. But then you're also a place where if any nation state or anybody with some ideological problem once they disrupt, they want to disrupt the economy, the flow of funds, the flow of commerce. So you're a target on both criminals as well as folks with other intent. So the issue is real. These folks don't respect borders. It's global. And so what we bring as a global company is that global view. And that's why you will hear me talk about data our global connectivity and how we can then curate that data very specific to come back to the strategies of what you want to do with this portfolio. Now let's talk about the components of security. We've got a couple of them. Identity is a big chunk. And the reason I will always go back to curated fit for purpose. We talk about I want to open up and launch a new portfolio. I need to onboard those customers. opening up accounts identity plays a really big role there. And we also have a component of authentication where I've opened the account. So I know you're real. Now you're going to come back and you want to use your Mastercard credential, how do I make sure you still are who you say you are. So you've got account opening identity, you've got authentication identity. So that's all within -- again, there's a little bunch of other stuff in identity Pass keys and biometrics and so forth as well. The second one is our fraud and financial crimes, which is a very large portfolio. If you think about this 175 billion transactions across our network last year, each one of those transactions get assessed for the risk of that being fraudulent. We call that a fraud score and a product that we used there is called Decision Intelligence. We just launched Decision Intelligence Pro which uses a bit of really interesting AI, and we can talk about it a little bit later about the performance. We also do financial crime for scans. So in the card world, we do -- we help the request, which is the consumer or the merchant who wants to get paid and the issuer of the card. So we help merchants and we help the banks who issue the card. In the real-time payments world, we help the sender and the receiver to score this for scans and with the growing TAM that's in there. This is where the agent piece comes in. This way, our recorded future acquisition comes in. So those are the big elements of the big areas of security solutions, the big buckets of solutions.

So Devin, I'm not going to ask what you make in each, but what is the -- something that also comes up with investors is how do you guys make money on this? So is it per transaction for some of these services? I'm assuming also some of it is more like a SaaS for this particular feature on your portfolio, we'll charge you x for this service, but this will be -- these other services could be per transaction. So is that a fair? I'm looking at Devin for those of you not in the room. Is that a fair question to ask? Just kind of what the mix is between those 2 types of revenue, not the absolute revenue?

Yes. Yes, I can share with you a little bit. So there are couple of diversification is the name of the game here, just like in the investment world. We have several of our services that are linked to the transaction. So per transaction, there's value that you can measure and you assess a fee for that. We have some of our solutions, which are by account. So we monitor the risk or the behavior of an account, and therefore, you pay by x number of accounts or active accounts is another way. And some of them are related to the transaction amount, so what we call volume-based pricing. So -- and some of them are more static single year fees or quarter fees and subscription fees, perhaps is a better way to do that. So -- but most of them are event-based because the event base is where when the organic growth comes in, that you benefit from that organic growth and the rising [indiscernible]. So those are the categories of how we typically price.

Would you say historically, if I look back 10 years ago, before VAS was really a thing, maybe 12 years ago, whatever numbers these weren't necessarily differentiated revenue items. They were just part of what you do, right? Now your technology has gotten better. Your data has gotten better, your ability to analyze has gotten much better. And now you can start charging for these things because you are adding value to your end user, whether it's an issuer or a merchant. Is that the right way to think about it? It's just incremental?

It's 100% right. And so if you look about how we quantify value, here's the value of the actual solution itself, which is am I detecting the right number of fraud and I within target of what I told the customer, this is what you can expect. And then there is how does this play into my bigger mass car portfolio. One of the biggest KPIs for us in the effectiveness of our fraud solutions is can this actually help to approve more transactions, which is sometimes connotes you're like, you guys are catching the flood guys, you decline, but you're measuring yourself around approval. It is finding the right transactions to decline versus the wrong ones. And that what we call false positives, is a really, really big deal. So if you think about what we've done with our DI Pro, we just launched a new DI Pro, which is our transaction scoring solution. 20% increase in fraud detection, 80% reduction in false positives. So if you think about the equation here, the value of fraud, let's say, the total cost of fraud is, I don't know, $30 billion. The total amount of transactions gets approved are billions. So if I can increase that billion number with a very small percentage, the financial value to my customer is huge. And so our focus is really to help our customers make more money without going leading risk run out of control. And that's where a lot of -- and this is where many folks think we compete with a lot of our fraud providers out there. We're actually working very closely with them because our ultimate goal is better business.

That's a great segue into my next question around competition. Our channel checks recently said on the VA portfolio, in Europe, specifically not so much in other places. The networks aren't the only game in town anymore. There's other people out there that are kind of doing things. Some issuers are trying to diversify a little bit. There's pros and cons diversifying versus uniform, obviously, with consolidating services with a single vendor. Talk about your right to win out there on the competitive side. No one can compete with your data, right? That's obviously -- but who are you competing against, would you say? And are you seeing any kind of competition around the edges?

Yes. So, on the payment side, of course, we compete very strongly with the other payment brands out there. But when it comes to our fraud and security solutions, we don't truly have a lot of direct competitors. The vast majority of the time, they're actually our partners. And it's not just on the issuing side of the equation on the bank side where they issue the card. Most of those banks will have their own internal fraud systems. Now those 4 systems are designed to really have a deep understanding of that bank's portfolio behavior. What Mastercard bring is this broad network experience. Now we talked about the risks of being global, the crimes don't respect borders. We see fraud patterns happening in Japan that's on its way to the U.S., things are happening in the U.S., it's one way to Brazil way before their systems can see them. And so in that way, we typically augment rather than try to replace. And so you've got 1 plus 1 is 3 in this case. And then our teams will go in and say, let's help you with your fraud solution and we'll combine these scores. In addition to that, if you think about the data, recorded future for us, massive in terms of the data differentiation. Nobody else has this data that we have, not even the cyber space and not in the payment space. We've got the world's largest everyone what recorded -- Recorded Future is the world's largest independent threat in cyber threat intelligence company. So they collect data around everything cyber threat related. We use a vast number of sources. So we basically understand everything that criminals are doing out there. We're monitoring things like the dark web. For instance, if somebody hacks into one of the providers that you use your card and they steal your car and the offering for sale there. Recorded Feature will actually grab that card number, we'll load it on to our network. And when somebody tries to transact, we're going to stop them. So this is some of the things that they do. So if you've got that data together with our view of or the fraud that happens or the disputes that we see customers bring in, nobody has the reaches of that diversity of data. And if you think about an Agentic world, we've got a lot of agents out there. Data is the one thing that truly differentiates in how you then leverage multiple types of AI models to then create value for your customers. And if I think about that place, we have not only the differentiated data, but we have the distribution network in terms of our network our cards. If you think about, we've got 175 billion transactions, given how many cards do we have? 4 billion, just 3.8 billion cards, we say I'm just under 4. We have well over 150 million merchants out there, this is where the differentiation sits. That's a distribution network then with this data, and that's why we are so excited about the longevity of growth opportunity for us in this space.

As you're talking, I'm just thinking about all of the defensibility you have with your model, right? The data being king, right? That's the new oil, I guess, to say. Do you -- would you ever give a third-party access to your transaction data even in a generic form, from a third party would I ever be able to say to an issuer or too emergent. We have access to Mastercard's data because we have a partnership with them. Do you give that information out? Or is that just contained within your wall?

Outside of the security space, we are religious about that stuff that doesn't happen. It is a true differentiator. It is the thing that now we will often take external data and bring it into our system to augment first. So we will buy, we'll go and partner with other companies. We will take the curated output of our data, and we'll sell that to people. And for instance, a big chunk is our partnerships. We talked about a little bit on the competition side, we will send our score to a fraud provider that provides [ froscores ] to merchants and acquirers. And so they can use it, but the old data, that's the key differentiator that we want to keep. The other thing that I think is important from a competition point of view, all of our fraud through is, I said all of them, the vast majority of them are what we call rail agnostic. So they will work across card rails, RTP rails other types of rails. We talk stable coins. We'll probably get into that point as well as well, but you're more digital rails, as well as brand agnostic. For instance, Cap 1 is a good example. They use our Ethoca solution across all of their networks, across all of their solutions. And so these are areas where -- we go in there to really help our customers. And that's where the competition is then. We can work with the other vendors that are there. If there's value, we'll do this. And sometimes we compete, but those are really the more minor areas of competition.

We touched on cybersecurity briefly. Did we touch everything you wanted to talk about there? Because I think, again, we could talk about that for hours.

We can talk about that for hours. We'll probably come back into the fold. But I think the role for cybersecurity. Of course, for our portfolios, maybe there is one thing I'll add is there's also now a big role that Mastercard can play in how we help governments, knowing the trade intelligence that's out there. We are becoming a bigger and bigger partner to governments out there to help them understand what are the cyber threats that they need to look at from an economic point of view. So there's -- the expansion of that cybersecurity brings for us is -- it looks at the entire digital ecosystem. We are partnering with all the big AI players out there, platforms out there. The insights that we bring on cybersecurity for things like crypto 4, we've got a product called the crypto Secure, which is looking at the counterparty risk. And it's not just the risk of are you doing your proper compliance, but how care are you from a cyber point of view. We can assess cyber vulnerabilities. One of the things we are doing right now is on the cyber side is we're combining our risk recon risk recons another company we acquired, which does cyber risk assessment and third-party risk assessment. So basically, we will go in from an outside in, we can tell you your cybersecurity posture is scores at an E-level or an A level and you've got a certain score. That capability, together with the intelligence that recorded future brings now allows me not only to understand my vulnerabilities, but how do I prioritize them. If you think about the frontier models that has just come out, [indiscernible] being one of them. Our CSOs are overwhelmed. All of a sudden, I went from managing x number of vulnerabilities to 4x, sometimes 10x that. Where do I start? Because my resources are still the same, where do I start to fix things and patch things up you bring our solutions together and recorded future can say, well, we're seeing these being exploited in other places of the world. So you need to prioritize them first. And so this is where we just become a real true partner. Now this is broader than our card business. But this is the digital ecosystem within which we operate. And that's where I think that expansion of the TAM and the right we now have to play in that area is helping us for grow as well.

That's great. We have to talk about AI. You heard about AI? Anything that's kind of just out there. Let's talk about AI, not only what you're using for traditional transactions, but how you're using AI to fight AI-driven fraud as well. I think there's two different topics there.

I'll tell you, it's fascinating. If you just take a step back, the frontier models have demonstrated to us that -- in the past, if a cybercriminal wants to break into something, they will do some reconnaissance. They will plan their attack. They'll pick their tools, they'll execute. They'll take the learnings and there's a whole cycle. AI collapses all of those cycles into one continuous stream of events. And so if you think about that component, then you would argue for a human to be in the loop or on the loop is actually a constraint. It's no longer a help. So getting into the more autonomous way of attacking or defending is become -- it's going to become an imperative. In my mind, there's just no two ways about it. And so one of the things that recorded the future just launched a couple of months ago is our autonomous threat hunting agents, where we have one of the world's largest malware sandboxes. So people from all across the world if they find malware, they will send it into our sandbox. We unpack the malware. We understand the signatures, and then we put those signatures into our agents and they go and they find if any of these signatures are present in your company. Now we've automated that with agents so that instead of a cybersecurity person, has to understand this, write all the specific code to then go and hunt for these things. All of that is automated. And so this automation will continue to grow. So it's a really big part of this. In one of our products that [ Andorn ] called safety net. SafetyNet is designed to look for major breaches that maybe 1 of our customers gets attacked. The bank is reached and there's an ATM run. You cannot have a human in the loop to see if there's an attack to say, should I start declining. This has to be automated. So we have AI to identify the risk. And then we've got AI to understand how do I remediate this? I'll call the human, but somebody needs to start taking action because otherwise, there will be a whole bunch of money. So it is a big focus for us and also a big area of growth. This will continue. We've only just started scratching the surface in terms of the problem and the solution set that's coming there.

I know you mentioned [indiscernible] coming in from Microsoft, obviously, tons of experience there to bring...

Definitely CSO. Deep knowledge of cyber. So you can see there's a big area of growth, just big investment in recorded future. We're combining our cyber assets. The floor of those things, of course, we've got very strong leadership on our and is going to continue to drive that scans is going to grow. But cyber is a big area for growth for us. And the data, again, the data and then the platforms through which the data can be leveraged and recorded future will have competitors. But when you take a recorded future plus MasterCard's fraud data plus our attack data that we get from our own sea so you create a differentiated data set that honestly, nobody can compete with.

Can you sell this outside of the payments ecosystem?

We actually actively do. So recall it Future. In fact, I think the vast majority of their customers are actually nonfinancial institutions right now. So we sell to health care, manufacturing, automotive investments entertainment. So there's a whole bunch of categories out there.

Okay. So let's switch gears to your new role which you're a month into. On network and RTP. What's your initial reaction to what you've seen there in the capabilities and where things are going? We have to talk about UKPI that was just announced yesterday, at Money 2020 in Europe. That's live now, supposedly, according to the press release. But press releases are always a little KG. Talk about what your initial reactions are to what you guys have there? And where do you think the opportunities are for growth?

So a big part of my new remedy is thinking through how do we leverage our assets that we have. We've acquired VocaLink. We made some other acquisitions in the Nordics. We've got a number of assets in the real-time payments, bill payment disbursements category. And we also have our traditional MasterCard network. And we're just modernizing this in what we call our real-time stream where we just enhanced the -- we will start clearing in real time, sell much faster. There's a whole bunch of new things that we're doing there. We can help domestic markets do how do we bring these assets together to really solve for what the customers really want, which is they want choice for their consumers. Central banks want to have control over what they do. They want to have resiliency. And then payment that actually payment options that works for how they want to drive their economy. And that's, in essence, really where I'm spending most of my time right now on the white board figuring out how do we use these assets. And it's just -- so we've got the switching platforms that we can put in -- and then we've got services. So we're already rolling out services on the RTP network for Vocalink, where we do our consumer fraud risk, the scans that I explained earlier. How do we bring tokenization into the world of RTP. So there's a whole bunch of things where we can start thinking through, we have our switching networks, and we can build a value proposition. And the notion here will be very similar, how do we create opportunities for these central banks to actually build applications on top of the foundational stuff, which we know to do really, really well. With [indiscernible] the U.K. PI, again, it's competition. There's a need in the market. The banks are stepping up. The regulator is pushing this. We own -- we operate VocaLink in that market. So for us, this point -- in the U.K. So VocaLink is the RTP switch network over there. So this for us is basically just equal there. So we'll see those transactions will run over the suite network. But the competition is there, and we will go in and say, look, are there better ways for us to help them do this? Can we augment what they do? Can we do better? So we're not in the position of where we want to fight everything. We really want to see how do we help these -- there's a reason why these regulars are driving this. How do we then come and understand this reason, bring our assets together and say, let's help you grow on this. That will really be the approach that we want to take. Is there anything that the regulators have created, which would give in advantage? Are they mandating anything for banks to automatically connect or do anything like that, which gives them maybe a competitive advantage? I don't know yet. But we've seen this happen in other markets. For instance, Brazil and other places, we've seen the regulators mandate these things. But even there, there are always opportunities for us to then go and work with those banks because those payments today don't have dispute resolutions. They don't have protection for consumers if something goes wrong on the transaction. when those transactions are going into the agentic world, they're going to face exactly the same challenges that we face with car. They're going to need solutions. They're going to need tech. They're going to need data to make that work. And so that's why we are staying very close to these things, and we are there to actually help we want to really help economies grow. And that's why we don't necessarily see all of this as just bad competition, but actually has opportunities. Maybe we need to think harder about some of these things and how we accelerate even further. But for us, these are opportunities and why it's space to help grow.

I think you just kind of summarize why all the management changes could be so positive, right? Your background is a former cup that you said in security and now you're looking at this, you just bring a different perspective to a whole new world that you know about, but now you're going to become an expert in again. I'd be remiss if I didn't ask you, with the BNK acquisition still pending, hopefully, that closes soon for you guys. You will have traditional rails, you'll have the alternative rails with Mastercard move and all the stuff that you're looking at RTP. And then you're going to have a new toy to play within BVNK with stable coin infrastructure and rails. How do you envision sometime down the line, I'm not going to give years down the line. How do you picture all of these rails kind of seaming together and integrating together to do something.

It feels like it's bolo spaghetti, right, if you think about all of this, and that's actually where I think Mastercard is so good because what -- if you think about what we do today in running a global interoperable payments ecosystem, that spans across real-time payments, card payments, bill payments, P2P, P2M, that's where we feel comfortable. We can help define the rules of the road. We can help with the technology in place and the pipes and then layer on services on top of this. That's where we go. So we see this as an opportunity for us. If you think about BVNK. We've done a lot already in the P2M space with regards to getting access to crypto. How do I use my crypto to buy something? How do I actually use my card credentials to get access to digital assets, I can buy them. So the consumer piece, there are a number of solutions already there. What BV NK will bring for us is this expansion beyond P2M. How do we start looking at broader personal merchant. Person to mention, sorry, person to merchant, how do I -- instead of just using these things to pay what are the other types of opportunities out there. And that's where this is going to be really exciting for us to see how this bold. And you can see a lot of use cases being developed in those areas. That's where I think we're going to spend. That's why this is so exciting. This brings another rail that has a strong growth and ultimately, the interoperability, how we use what we call the world for multi money is really the way we think about this. You can start a transaction on a U.S. dollar. It goes through a stable coin through a different country and end up in all different other the currency. This world of managing interoperability between how I pay, how I want to get paid and then make sure that the messages flow and then the money actually moves themselves. That's where the exciting part is, and that's the complexity that we want to try and take out of the equation, so that businesses can bolt their business models on top of that. That's why this asset for us is going to be so important. And again, if you look at us versus the broader suite of competitors out there, even with local APMs, alternative payment mechanisms, we provide a global interoperability that none of them can, but this is where we can partner. We don't always have to fight about these things if your credential in this country doesn't work and you go cross-border, it's a credential that work. And for the consumer, we can make these things seamless. That's ultimately where I think the value will be, and that's where a lot of our focus will be.

I think the most exciting thing about what you guys are doing as a network is how you can start on one rail, it can seamlessly move to another back to another to facilitate faster more conversion, better transactions easier settlement, lower cost for the merchant, more conversion, you're going to have an opportunity to play with all these different things.

Exactly. And that is exciting. And we talked about Agentic Commerce in the past, but there's a whole new suite of potential transactions that will generate between agent to agent payments. How is that going to flow? There's still a world out there that a lot of it is unknown, but we've got the assets. And we've got the security layers on top of it. So that's why I think we are well positioned, I feel, and to not just compete but to win in this space as well.

And that's a great way to sum it up. We actually finished right on time. So thank you very so much. We can talk to you for a long time. Good luck in your new role, and thanks for spending some time with us this morning.

Thank you for...

Appreciate it. Thank you.