Fintech Podcasts
  • All Technology
  • AI
  • Autonomy
  • B2B Growth
  • Big Data
  • BioTech
  • ClimateTech
  • Consumer Tech
  • Crypto
  • Cybersecurity
  • DevOps
  • Digital Marketing
  • Ecommerce
  • EdTech
  • Enterprise
  • FinTech
  • GovTech
  • Hardware
  • HealthTech
  • HRTech
  • LegalTech
  • Nanotech
  • PropTech
  • Quantum
  • Robotics
  • SaaS
  • SpaceTech
AllNewsDealsSocialBlogsVideosPodcastsDigests
NewsDealsSocialBlogsVideosPodcasts
FintechPodcastsThe Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467
The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467
FinTechBankingCybersecuritySaaS

Leaders in Payments

The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467

Leaders in Payments
•February 17, 2026•25 min
0
Leaders in Payments•Feb 17, 2026

Why It Matters

As payments become embedded in more platforms, a single security gap can be amplified across thousands of merchants, threatening brand trust and incurring network penalties. Understanding and deploying these precise, data‑driven defenses helps product and risk teams stay ahead of increasingly sophisticated, AI‑driven fraud attacks, making the episode essential for anyone responsible for secure payment experiences.

Key Takeaways

  • •Fraud now targets ISV platforms, not just individual cards
  • •Synthetic onboarding identities use AI, bypass basic KYC checks
  • •Card testing attacks exploit velocity limits, harming reputation
  • •Refund abuse leverages trust; conditional logic mitigates risk
  • •Layered defenses—device fingerprinting, behavior analytics, transaction monitoring—reduce fraud

Pulse Analysis

The episode reveals a fundamental shift in the payment‑fraud landscape: attackers are moving upstream to compromise the platforms that embed payments rather than stealing single cards. By targeting the ISV’s onboarding flow, API logic, and refund processes, fraudsters gain a master key that unlocks thousands of merchant accounts at once. This scale‑driven approach amplifies financial loss and threatens relationships with card networks, making platform‑level security a top priority for any payment ecosystem.

Brian Rust explains how AI‑generated synthetic businesses are flooding onboarding pipelines. Fraudsters harvest real business data, automate form submissions, and create convincing web presences that pass traditional KYC checks. Early warning signs include impossible form‑completion times, mismatched IP and physical addresses, and domain‑registration anomalies. Monitoring velocity spikes, decline‑rate surges, and geographic mismatches provides a practical early‑warning system that helps ISVs flag fraudulent merchants before they can transact.

To counter these threats, Rust advocates a Swiss‑cheese model of layered defenses. Identity verification, document scanning, biometric checks, and device fingerprinting form the first barrier, while behavioral analytics—mouse movements, typing speed, and session patterns—add depth. Transaction monitoring rules enforce velocity limits and enforce refund‑to‑original‑card policies, reducing abuse without harming legitimate customers. Aligning defenses with frameworks like MITRE ATT&CK and the fraud kill chain ensures each stage of an attack is addressed, turning a single point of failure into a resilient, multi‑layered security posture.

Episode Description

Fraud hasn’t disappeared - it got smarter. Organized rings now aim upstream at SaaS platforms and ISVs that embed payments, where a single gap in onboarding, transaction logic, or refund flows can be scaled into thousands of attacks overnight. We sit down with Brian Rust, SVP and Deputy Chief Information Security Officer at Worldpay, to map the real fraud journey (entry, action, exit) and the concrete moves product and security leaders can make right now to protect merchants and brand trust.

We start with the why: platforms offer leverage. Brian explains how bots and AI generate convincing synthetic businesses that pass weak KYC, and what early signals still break the spell - impossible form completion times, IP and address mismatches, and brand-new domains claiming long histories. From there, we dive into the middle of the kill chain: card testing. You’ll hear how velocity spikes, elevated decline rates, and geo anomalies betray large-scale testing and how adaptive limits for new merchants can contain losses and prevent network penalties. Then we confront refund abuse, where attackers exploit trust by refunding to different instruments or flooding high-value returns. The fix isn’t blanket friction - it’s precision: refund-to-original-card only, refund velocity caps, and targeted reviews that slow bad actors while keeping good customers moving.

Brian lays out the layers that matter now: device fingerprinting, behavioral analytics, and transaction monitoring that can halt suspect money movement before funds leave your orbit. He also makes the case for a fraud-cyber fusion model, aligning teams and intelligence using frameworks like MITRE ATT&CK to anticipate tactics as cyber and financial motives blend. Finally, we close with three actions you can ship this quarter: audit onboarding with bot controls and threat modeling, enforce velocity controls that adapt as trust grows, and tap your processor’s data and filters (AVS, CVV) to harden defaults.

If you lead product, risk, or engineering for a payments-enabled platform, this conversation gives you a practical blueprint to raise attacker costs, protect your merchants, and guard your reputation.

Show Notes

0

Comments

Want to join the conversation?

Loading comments...