Bluefin’s Ruston Miles on payment security in the digital age


10 Apr 2020257 Views

Share on FacebookTweet about this on TwitterShare on LinkedInPin on PinterestShare on RedditEmail this to someone

Image: © weerapat1003/Stock.adobe.com

Share on FacebookTweet about this on TwitterShare on LinkedInPin on PinterestShare on RedditEmail this to someone

Bluefin chief strategy officer Ruston Miles discusses payment security, tech innovation and the importance of encryption.

Ruston Miles is the chief strategy officer of Bluefin, a payment security platform he founded in 2007, which now has bases in the US and in Waterford.

Here, he discusses his role in helping the company’s clients remain compliant and secure.

‘Telecommunications and payments have been going through individual evolutions, each impacting the other’
– RUSTON MILES

Ruston Miles of Bluefin is smiling into the camera.

Ruston Miles. Image: Bluefin

Describe your role and your responsibilities in driving tech strategy.

As chief strategy officer, my role is to develop a clear understanding of where our industry is heading and what role our company is going to play in it. Bluefin is a payment security platform company, so technology not only serves as our infrastructure, it is also our product.

Telecommunications and payments have been going through individual evolutions, each impacting the other. All of this change creates opportunities for disruptive and breakthrough technological innovation. It’s my job to set a path to success for the company to push forward or to pivot in an ever-changing landscape.

Are you spearheading any major product or IT initiatives you can tell us about?

Bluefin was the first provider of PCI-certified [payment card industry] device encryption for card acceptance. This is the primary defence for businesses and retailers in the fight against point-of-sale malware.

This kind of device encryption has helped merchants reduce their PCI compliance efforts by up to 90pc. Industry compliance is an important and worthwhile effort, but many merchants have still not adopted a secure approach to sensitive data, which is why breaches still happen often.

Government regulations have started to pop up in California, such as the California Consumer Privacy Act, and other states that deliver stiff penalties to businesses that breach data and who were found to be negligent with regards to security. These regulations will hopefully encourage merchants to adopt payment security technologies like encryption and tokenisation.

One way Bluefin has responded to this new era of data privacy regulations is to extend our encryption services beyond card data to also protect personally identifiable information and personal health information.

How big is your team? Do you outsource where possible?
Support Silicon Republic

Our primary technology offices, including developers, data centres and network operations centres, are in Atlanta, Tulsa and Waterford, Ireland. This configuration has served us well for access to relevant talent and network reach.

What big tech trends do you believe are changing the world and your industry specifically?

The move to mobile will definitely change the face of the payments industry by moving many point-of-sale interactions to mobile-to-mobile, contactless transactions. And since it’s necessary for payment security innovation to keep up with mobile payment innovation, Bluefin’s payment security leadership will be more relevant than ever.

My role as chief strategy officer is to align our direction with these ever-changing tech trends.

In terms of security, what are your thoughts on how we can better protect data?

Much of the focus today on security is about keeping the hackers out of networks through better authentication and stronger defensive depth.

It is true that hackers get into networks through phishing, spearfishing and other exotic penetration attacks, but for the average business, the best protection is to encrypt sensitive data at the point of entry and to only store it if necessary and, if so, then to use tokenisation.

We call it data devaluation. By using encryption and tokenisation to devalue the data, a business can remove the ability for hackers to sell the data on the dark web to fraudsters, thereby removing the incentive to breach in the first place.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.