The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467 скачать в хорошем качестве

The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467

Fraud hasn’t disappeared - it got smarter. Organized rings now aim upstream at SaaS platforms and ISVs that embed payments, where a single gap in onboarding, transaction logic, or refund flows can be scaled into thousands of attacks overnight. We sit down with Brian Rust, SVP and Deputy Chief Information Security Officer at Worldpay, to map the real fraud journey (entry, action, exit) and the concrete moves product and security leaders can make right now to protect merchants and brand trust. We start with the why: platforms offer leverage. Brian explains how bots and AI generate convincing synthetic businesses that pass weak KYC, and what early signals still break the spell - impossible form completion times, IP and address mismatches, and brand-new domains claiming long histories. From there, we dive into the middle of the kill chain: card testing. You’ll hear how velocity spikes, elevated decline rates, and geo anomalies betray large-scale testing and how adaptive limits for new merchants can contain losses and prevent network penalties. Then we confront refund abuse, where attackers exploit trust by refunding to different instruments or flooding high-value returns. The fix isn’t blanket friction - it’s precision: refund-to-original-card only, refund velocity caps, and targeted reviews that slow bad actors while keeping good customers moving. Brian lays out the layers that matter now: device fingerprinting, behavioral analytics, and transaction monitoring that can halt suspect money movement before funds leave your orbit. He also makes the case for a fraud-cyber fusion model, aligning teams and intelligence using frameworks like MITRE ATT&CK to anticipate tactics as cyber and financial motives blend. Finally, we close with three actions you can ship this quarter: audit onboarding with bot controls and threat modeling, enforce velocity controls that adapt as trust grows, and tap your processor’s data and filters (AVS, CVV) to harden defaults. If you lead product, risk, or engineering for a payments-enabled platform, this conversation gives you a practical blueprint to raise attacker costs, protect your merchants, and guard your reputation.