PayPal CRO’s Three Trends for Security and Risk Management

PayPal’s business is built on its ability to manage security and risk to protect its customers and the millions of financial transactions that move through its system every day.

At the Gartner Security & Risk Management Summit in National Harbor, Maryland, Avivah Litan, vice president and distinguished analyst at Gartner, asks Tomer Barel, Chief Risk Officer at PayPal, to share his three essential trends for innovating risk management and fraud detection solutions.

#1. Trust
Managing risk is tied to customer confidence and trust in the brand and company,” Barel says. “I view myself as the chief trust officer at PayPal.” He earns that trust by “futureproofing” PayPal’s risk operation. At his core, is a belief that trust isn’t just about keeping the bad guys out, but enabling the good guys to do commerce anywhere and across any device.

#2. Business outcomes
Effective risk management must be tied to business outcomes. Noting that he is accountable for KPIs and actual losses to the company, Barel suggests that this makes him more effective in his role.

The Real Business of Blockchain

How leaders can create value in a new digital age.

Download Book Chapter

#3. Match human intelligence with big data
PayPal invests in state of the art data analytics techniques; however, big data algorithms have not yet reached a level of accuracy without human intelligence, according to Barel. “What we’ve found over the years, is that if your goal is to get to a high level of accuracy, then you must complement what machines do with people who understand how other people behave and translate these human insights into code,” he says. “And anyone who wants to manage risk with accuracy has to do that.”

Barel describes a scenario where a U.S. customer conducts a transaction in Thailand. Human intelligence is necessary to instruct machines to spot an earlier travel-related transaction, say for a Thai resort or activity at her home state airport, to identify the transaction as low risk. “We need an analyst to translate that type of information into code,” Barel says. “Machines can’t do that yet.”

When it comes to mobile, Barel shares that mobile devices generate a real opportunity to increase the accuracy of risk management because of location data and the one-to-one association of a device to a person. However, most PayPal transactions are conducted on PCs and laptops. The security and risk community has work to do in making consumers realize that mobile devices are secure for financial transactions, he suggests.


Video replays from the Summit are available at Gartner Events on Demand.

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences

Complete Your Data and Analytics Strategy With a Clear Value Proposition

As a data and analytics leader, one of the most important things to articulate in your strategy is the value proposition. Learn how to create a modern, actionable D&A strategy that creates common ground amount stakeholders.

Read Free Gartner Research


Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching