Ruston Miles, Founder, Chief Strategy & Development Officer at Bluefin | Episode 437

Show Notes

Ruston Miles, Founder and Chief Strategy and Development Officer at Bluefin and I start with the origin story: telecom roots, fiber‑rich Tulsa, and the overlooked reality of call centers that needed real‑time authorizations long before shopping carts ruled the web. Ruston explains why Bluefin moved into security early - serving higher ed, nonprofits, and faith‑based media where brand trust is everything and how that path led to P2PE. Then comes the turning point: a decision to decouple encryption from acquiring, offer P2PE as a service, and even power competitors. That platform approach now supports around 150 devices across 17 manufacturers and underpins airlines, transport systems, fuel networks, and more, often quietly and often by requirement.

From there, we look ahead. Network tokens are rising, wallets are changing, and AI is pushing commerce from clicks to intent. Ruston separates hype from reality, showing how today’s “agentic” automation schedules deliveries and completes checkouts, while tomorrow’s agents will present payment credentials securely without platforms ever seeing raw card data. That shift demands virtual P2PE, inter‑agent boundary mediation, and standards that let authentication and encryption travel with the transaction. We also get practical: how Bluefin’s P2PE‑as‑Proxy reduces integration pain, why security must keep pace with innovation, and what skills newcomers need as software continues to digest payments.

If you care about payments security, PCI, P2PE, tokenization, gateways, ISVs, and the future of agentic commerce, you’ll find plenty to take back to your roadmap. 

Chapters

• 0:00: Host Intro & Guest Setup
• 0:34: Rustin’s Backstory: From Swamps to Telecom
• 2:32: Bluefin’s Origin as a Gateway
• 5:00: Early Security Focus Before PCI
• 6:40: Betting on P2PE and Hypergrowth
• 9:20: Platform Strategy: Partners, Not Rivals
• 11:05: Customers, Scale, and Global Footprint
• 13:05: What Makes Bluefin Different
• 16:20: The Next 3–5 Years: Tokens & AI
• 19:20: Agentic Commerce Today vs. Tomorrow
• 22:00: Virtual P2PE and Boundary Mediation
• 24:20: Founder Journey: Music to Payments
• 27:10: Passions: Security, Standards, and AI
• 29:40: Career Advice for Entering Payments
• 32:00: Closing Thoughts on Invisible Security

Transcript

SPEAKER_00: 0:00

Welcome to the Leaders in Payments Podcast, where we talk to sea level leaders from across the payments landscape. We'll be discussing the products and services that impact the payments space today, as well as trends and predictions for the future of payments. We will also hear stories from our guests about their journeys to the top.

SPEAKER_01: 0:18

Hello, everyone, and welcome to the Leaders in Payments Podcast. I'm your host, Greg Myers. And today's special guest is Rustin Miles, the founder and chief strategy and development officer at Bluefin. So, Rustin, thank you so much for being here and welcome to the show.

SPEAKER_02: 0:31

Great to be here, Greg. Thanks for having me on.

SPEAKER_01: 0:33

All right. Well, let's dive in. If you don't mind, tell our audience a little bit about yourself, maybe where you grew up, where you went to school, where you currently live, a few things like that.

SPEAKER_02: 0:40

My parents were originally Upers, Upper Peninsula, Michiganders, right? But they had me in New Orleans. So these are two different, completely different uh experiences. So I was raised, et cetera, outside of, well, actually between New Orleans and Baton Rouge, sort of a swamp area. That's where I grew up, and then moved to Tulsa, Oklahoma, which is uh, you know, the second New Orleans. So just kidding. I like to say downsized from hurricanes to tornadoes. So definitely loving it out here in Tulsa, Oklahoma. Went to college out here, and eventually moved a good bit of my extended family out here and and do like it. Turns out that uh Tulsa was a sort of a mecha, if you will, or a base for telecommunications, right? Because of Will Tel, Williams Communications, uh MCI, all these things that are now Verizon, but lots of other brands because of the fact that they used a lot of the pipelines, host sort of oil delivery, energy delivery to put fiber optics and run these things around the country. So it turned out to be a great place when the World Wide Web came out in 94 to be here, right sort of at the epicenter of telecom. And then what do we do with payments in telecom? Well, that was the next thing. And so that took my 25-year career for the last quarter century out here in working payments through telecommunications.

SPEAKER_01: 1:48

Well, let's dive in and discuss Bluefin. So tell the audience what Bluefin does.

SPEAKER_02: 1:54

Sure. Uh when I started Bluefin uh 25 years ago, started it as a payment gateway. So it was a pure play payment gateway developed by a frustrated user, you know, the the old story, was working with some brands that we probably all know that weren't quite satisfying the needs of what I needed at the time, which was to bring payments to contact centers, call centers, things like this, where you've got hundreds, in cases thousands of people sitting in rooms uh taking direct response from television or or these different things, campaigns. And so being in the middle of America out here, that is where a lot of contact centers kind of were from time zone, from the way people uh sound on the phone, and also to the good uh interconnectivity. All of the payment gateways at the time were focused on e-commerce, shopping carts, these kinds of things, subscriptions, and it's like, well, we need something that actually can serve business when it comes to doing phone payments and real-time authorizations. So from there, the natural progression happened. You know, of course we got into e-commerce and card not present kinds of things, Moto, uh, which is what we were already doing. But then eventually you become an ISO for payments. And our brand Bluefin, my brand Bluefin that I came up with, we were focused on larger kinds of organizations. So less like, you know, all the other local credit card companies, dot com, you know, were all selling terminals from the boot of their car, going to the retail and restaurant things in the front row. And all of my businesses that I serve were second-story businesses, back and boiler rooms and contact centers and these kinds of places where you don't really even know that those businesses are there. It might be a group that sells sign shop equipment to 60,000 sign shops across America, and they're working it all from you know, this two-story building in Tulsa that you don't even know what's going on inside of there. Well, they need payments, right? And so that got us into ISO and payment processing. But because of those kinds of brands, we started getting into security pretty early on because we're doing lots of um higher education institutions institutions, nonprofits, of course, being out here in the Midwest, a lot of faith-based kinds of ministries and television things like this. So a lot of these folks that really minded their brand more than maybe you know someone selling shoes if they have a breach or they have a problem. Well, let's start a new business. Change from Steve's shoes to Jane's shoes and move on with life. Can't do that if you've got a loyal following, et cetera. So that got us into security well before, I mean, before PCI was a thing. This is like it was CISP, it wasn't even called PCI at this time. So we had to get in on that very earlier because of the folks that we were serving. And it was complicated because we were we were securing, you know, not just websites and shopping carts, but physical things, virtual attendants, people working from home, people working from physical things, you know, wires going, keep key loggers, all these kinds of different things that needed to be protected. Well, that got us into end-to-end encryption pretty early on, right? And then come along in 2012, merged the company with capital payments and kind of came together. They brought sort of the ISO, the payment processing piece, and I brought the technology and the security. And they asked me, like, okay, what's the next thing? What does the crystal ball say, Rustin? And I said, Well, the crystal ball says P2PE. You know, they're like, What? But point-to-point encryption, you know, PCI has a standard, no one has followed the standard. Standard might even be at risk of going away, but it is the answer to because I was a telecom uh kind of person from my background with MCI WorldCom and all that. And so I knew kind of how risky all this stuff was. You could see stuff going over the wires, you know, and if it didn't take that much to be a hacker, if you can get in on the wire and pull the data off, even if it's encrypted, you might be able to get at it and decrypt it. It was it was sort of the Wild West, literally, at that point. And so I was kind of concerned. I could see, you know, the two freight trains coming together 100 degrees, 100 miles an hour at each other. And I said, we we ought to do this P2PE thing, guys. So we invested into that. And a year later, as soon as we had our product out, the target breach happened, which then turned into a thousand credit card breaches a year, literally. I'm not exaggerating. Some of those years it was over a thousand credit card breaches. We might have only heard of 20 or 30 in the news, but there was lots of them going on uh, you know, in down the stack. And all of a sudden, our company just started to 10x because we had the solution. Then we took that and said, gosh, we can't just use this for our own payment processing. Well, that's going to limit it, and it's really hard to do. We were the first to do it in North America to be validated for this and audited. And so we said, let's go ahead and pull that apart and sell it to our competitors and make our competitors our partners. And now we have 130, you know, gateways and processors, and you know, you can go look at our list, all the big names out there, you know, the cyber sources and these kinds of folks, you know, all these payment gateways and processors, they're out there and they're partners of ours using uh point-to-point encryption as a service, but not using us for the payments. So we kind of started in gateway the acquiring and processing, and then said, let's actually focus down, double down on security solutions and doing that. And so that's really really took the company into its third act, which was focusing on that. I think most folks know of us now as the P2PE company, P2PE as a service, and more recently uh P2PE as a proxy, which is sort of the thing that we've been doing for the last year or so, which is a way to implement this very hard to thing do with zero very hard thing to do with zero integration, zero lift, kind of like uh just send it through the tunnel and it's secured, right? It's it we can get into the details at some other point. But it is that new, elegant way to deliver what we do to make it easier and maybe faster to implement in the system. And that's that's what uh uh you know is generating a lot of the buzz and interest right now. But we we started in the gateway, went on to the acquiring, picked up payment security, and then the company 10xed, and like that's what we do now. We're we're a payment security solutions company, and having to do that, extend that beyond payments, because these companies have way more to secure than just payments. And so our platform does healthcare, PHI, PII, you know, all this other kind of uh privacy data as well. So anything that's involved with payments and non-payment data.

SPEAKER_01: 7:41

Okay. So your main customers are other payment companies, and then maybe some healthcare, is that about right?

SPEAKER_02: 7:46

Yeah, I mean our partners are payment gateways, payment processors, and software platforms. So you can think of all the ISVs and SaaS and practice management systems out there. Um, some of them go direct to the processors. We don't go through a gateway, right? And so they'll use us. Some of them go through a gateway that doesn't have P2PE until they'll say you need to get P2PE, you know, integrate with Bluefin for this, you know. We have lots of the big enterprises out there in logos, obviously because we're part of their security posture. Don't like to talk about them on a public platform unless they're present or or give specific specific permission. But you can think of like, you know, 25% of the large airlines in the world, you know, sort of like the largest car rentals in the world, probably the largest petroleum gas station networks and state and stations in the country, all of the tubes and and tolls and everything in London, you know, and and in Boston, et cetera, et cetera. Point being, the largest brands that you can think in the world, and retailers and malls and things like this, very, very, very super prominent brands are flowing over our networks either directly to us or by by driving their vendors to be required because they won't they won't take it without point-to-point encryption, or by going direct. But I have to say, we are not a go-to-direct company. Usually these enterprises and these organizations are working with us because they already have so many things solved through other gateways and software, but they just really need that point-to-point encryption piece to be fully secure.

SPEAKER_01: 9:13

So you mentioned London. Is that mean you're a global company all over the world?

SPEAKER_02: 9:18

Yes. So obviously started the company here in Tulsa, our headquarters are in Atlanta. Got folks around the country, huge center of excellence in NOC and development in Waterford, Ireland. We've got you know offices in Australia, Bratislava, you know, data centers in Germany, and you know, we're we're definitely a global company with with both employees and and infrastructure across uh North America and Europe. And we, of course, serve other areas of the world, but predominantly in those markets is where we would have our employees and infrastructure.

SPEAKER_01: 9:50

Aaron Powell Well, it sounds like you were the first, but it's uh you're you're not the only one these days. So what would you say differentiates Bluefin from your competitors out there?

SPEAKER_02: 10:00

Yeah, I mean, so we were we were the first and very much didn't want to be the only because when a standard only serves one player, then it's not a standard. It's you know what I'm saying, a standard is there so that you can create an ecosystem. And we wanted adoption, right? And in fact, part of the reason uh we decoupled or componentized or worked with the PCI Council with our P2PE 2.0 standard to create a standard that would break apart the point-to-point encryption to like key injection facilities and you know HSM uh decryption entities, terminal entities, people creating devices, all these different kinds of entities. That's in the beginning with point-to-point encryption, it was all or nothing. You had to do the whole solution, get it all validated, or you couldn't just do one part. You're like if you were a key injection facility or a KIF, you couldn't just do your part. You had to be part of a larger solution that was all audited. So we wanted that to be, in order for this thing to grow, it needed to be sort of federated and componentized. And so we very much pushed for that, which, you know, scratch your head in the beginning. Didn't you want to rule the world, Rustin? You know, well, yeah, every business wants to be build a monopoly, right? But uh, but that's just not the way my brain works. I'm like, if this thing really needs to grow, we need to have an ecosystem of participants, everybody doing their part. So we drove that and then we created a platform called P2PE Manager, which allows them all to interface and do their various parts in it. So I'd have to say, when you ask what differentiates, every other solution out there is a solution. Every other solution in the PCI listing is of which I would say 20% of the listings in the PCI listing for P2PE, of all those hundreds of listings, 20% or more are actually sublistings of ours for other brands, like White Label, right? And then there are hundreds, as I said, of folks out there using this, but who are who are just using our solution and hadn't taken the extra step to get their name with us sort of being the Intel inside kind of situation, right? But the point is that we are a platform, we are a network, we are the sort of the back-end provider of services to this industry, which many of them are using. And all of the other guys out there are like, hey, I've got a POS and we built our own P2PE. Or I've got a gateway out here, my payment gateway, and my payment gateway, we built P2PE for it. We decided not to do it as a service with Bluefin, and we decided to do it ourselves. Those are great, those are point solutions because that one gateway may focus on retail. That one may gateway may focus on hospitality, and they might be the best hospitality-focused payment gateway with their own P2PE, you know, in America. Okay, great, great, great. But that's one small vertical, not vertical, large, one vertical and one usage point, and our system is across all verticals and basically a platform that serves that market. So there's nobody else, believe me, when you do these analysis and you try to do the quadrant and see who's where. There's nobody in our quadrant. I know if that's like, oh, it's always nice to see the Venn diagram or you just kind of own the world. But but it is true that it is very difficult to do this. It's very difficult to keep up with it. You know, for example, we've got 150 different devices or so across 17 manufacturers. Like when you look at all the other solutions, they'll have like, oh, we're just an Ingenico shop, you know, just one manufacturer, and these are the two devices, right, that we support. And so I think that's what we have is sort of that decade lead of that. And I don't see anybody else having a direct competitor as a as a service or as a platform offering, but certainly within verticals, hospitality and retail, there are there are some great players. And I'm glorious great to have the competition because that that kind of drives it all forward.

SPEAKER_01: 13:31

Sure. Absolutely. Well, let's talk a little bit about the future. Where do you see payments in in the fintech space headed in maybe the next three to five years?

SPEAKER_02: 13:40

Well, uh, you know, we're we're seeing this march to sort of eradicate, I would say eradicate primary account numbers or pan or credit card numbers moving towards network tokens, for example, maybe less dependence on cards. The idea was there to be more digital wallets. Now, if you're if you're reading some of these things are like, well, gosh, with AI agentic commerce and these things, well, isn't that just gonna leapfrog the wallet? You know, why do you even need to have a wallet, right? This is things need to be secured. So I I think we're going to see a lot of this, this, this uh agentic thing really, really transforming. I'm a I'm a big AI user and it's it's it's almost frustrating to me when I'm dealing with vendors that don't allow me to use it, you know, for my Instacart or DoorDash or Uber Eats or all of my different things. Like, you know, um, so it's a I think if that's where the stuff is going. Does that mean that payments will go away? No. We always need payments. Does that mean payment security will go away? No, it becomes that much more important as we get closer to AI, as we get closer to quantum, as we get closer to these things. Payment security. Because I always like to say, payments, you know, innovation should never outpace too far anyway, payment security innovation. They should always be, you can't get to security before the innovation too much because it stifles the innovation. So you gotta have that kind of going forward. But it has to be right there, nipping on the heels, not dragging it down so much, but but making sure it doesn't just go off the tracks. And so that's really our mission is to secure point-to-points, payments between two points. Point-to-point encryption is largely thought of as two hardware points. A credit card machine, it's encrypted, it goes through over here, it's cryptid over there. But really, we're about securing even virtual points-to-points. If that goes from inter-agentic commerce or if that's between two token providers, et cetera, we are that not just the physical, but also the virtual point-to-point security platform. And so that's where I think it's going and why I think Bluefin has a bright future in that future. Trevor Burrus, Jr.

SPEAKER_01: 15:28

So that agentic commerce, I mean, we've seen some announcements by some players, and you know, we were talking a little bit earlier offline about this. You know, there's a lot of announcements. A lot of people say they're doing things, but no one's really committing, in my opinion, to do a whole lot. But I think everyone knows it's coming. And I know you're really involved in a lot of different organizations around AI. So kind of where do you think we are in that? Like is, you know, are are we going to have agents buying things for us in the next year or two, or do you think that's pretty far out?

SPEAKER_02: 15:59

Oh, I already do that like daily on a daily basis, man. So for example, in and the the different GPTs and and and platforms have different different uses, I would say, you know. For example, the perplexity, you know, the comet product, the agentic browser. So, you know, I'll go in there for my birthday. My sister sent over a Word document list that she had copied and pasted people's texts of what they wanted from a restaurant that I like, right? And so I just put that in to the AI and said, and I logged into my um to DoorDash and said, you know, go do all this. And it did it. And then it gets to the end, it's like, would you like me to click by? Uh yes, click by, right? So that's just all so that's happening today. I mean, you know, I I do all my weekly ordering on Instacart. Anything that takes more than like five or six minutes to do when it comes to that stuff, I'm already doing that, right? JAT GPT has a little bit what different way that they deliver. It's not an agentic browser, it's sort of a virtual PC desktop that it has that it uses. Um, but I think they're going to be coming along pretty quick with their own agentic browser. So I this is already being used largely, a sort of, I would call like commerce automation. But that next leap is when you not only just do commerce automation, you know, where it's basically automating and being my agent to go out and make all the orders, but my credentials, my card number, my information still exists inside of Instacart or DoorDash, and all it's doing is calling up that credential and saying, yes, use that one, but it's not actually handling the payment outside of outside of that platform. That next step is where it says, oh no, I've got the payments. I'm not going to trust Instacart or DoorDash or Uber Eats with this stuff. And when it comes time to pay, I'm going to hit, you know, an MCP or an API or whatever, and that's tokenized, and I'm going to deliver payment because now I trust perhaps my agent with my payment security more than I do that software or that platform. Right. So now that platform can't breach my credit card information either because they don't have it. So now I grow I grow even more trust. So I think that's it's going to get closer to that kind of thing. That's not here yet because right now it's more automation in the way that it's interacting. And we have to have those sort of uh protocol pipe tunnels where both sides can agree and that there's a standard to say, okay, here's I'm going to communicate to you outside of a web browser to communicate payment or that payment has occurred and authentication has happened. So I think that is that next step, and we're not quite there yet, but right now it's more automation uh-based. That's what I believe. And I think the place where P2PE, I think where P2PE will exist in that in that world is what I kind of call interagentic. So these are two agents, right? My agent and your agent, trying to, I'm trying to send you some money, or you're trying to send me money, or we're trying to send something, and our agents are talking, or maybe we're two businesses. So it's interagentic boundary mediation, right? So in other words, there's a boundary, my boundary is here, your boundary's there, and we're trying to authenticate each other. Make sure Gary's getting Greg's Craig and Rusty's Rusty, you know, we're communicating over here. So we're authenticated, and now we're passing data securely. And that encryption or that point-to-point encryption comes in virtually, I think, there and now is becomes is able to mediate boundaries and pass data securely. And so I think that is the future, and I don't think that's far off. You know, last point there, when I built Bluefin, I started it in around 2002 timeframe. I was uh working on the World Wide Web in '94. Like I was in an intern group in 1994 when the web came out. That was my job, was to figure out if this web thing could drive telecom traffic. Because they wanted to figure out how to drive more traffic, and they're like emails and text on a web page, it's just never gonna drive a lot of traffic. You know, that was true, that was the truth. That's what they thought then. And you can imagine, what's that, eight years later in 2002? That's almost a decade later. I was still the first real payment gateway provider to do real-time authorizations in a contact center with the web. So like it took that long for that huge disruptive innovation to like make it to a contact center. The world is different now and it operates much faster. So I think the cycles with this AI thing are not going to be judged in in decades and probably not even years. I do believe that between now, call it you know, 26 already, in the next four years will be a massive change uh in the way that we pay each other and get paid.

SPEAKER_01: 20:20

Yeah, I guess for you the beauty is those payments have to be secured. And so you're you're sitting in a in a great spot. We hope so. All right. Well, let's switch gears a little bit and talk about you. And I know you've talked about your background a little bit, but maybe tell us about prepayments and you know, kind of what you were doing, and then what really you know exactly happened that led you into starting Bluefin. Gosh.

SPEAKER_02: 20:46

Figure out where to start. So the very first business I started was selling music equipment because the at that time, you know, if you were I was a musician, so I'm from from the New Orleans area. So you gotta imagine, like, you know, took 10 years of jazz drum lessons, you know, played guitar on the side. When I went to college, started a band with guitar, won battle the bands, because it was okay, it was cool to suck at guitar for a little while there with the grunge era. You had to have good rhythm and no music, but you didn't have to be a shredder on the guitar. Well, then eventually you become good at guitar because you're playing live enough with it. And then also, people, some folks only know me as a keyboardist or a piano player. So it's very much of a musician. And in buying music, you can only buy it locally, and so you had tax, and you also had, you know, they'd double up the price. And you could buy this stuff, you know, mail order for half the price and no sales tax. And so I started a business doing that, and it actually took off. I got some fairly big contracts at when I was only, wasn't even 18 yet. I was like 16, 17. And it took me to spend time abroad in Russia and in Mexico, spent probably almost a year abroad before I graduated because I was on the fast plan when it came to school. I kind of, I don't know how you say that, but didn't do houser it quite, but you know, finished early and had some time between that before going off to college. And so built that business, which got me, got me in the bug of business, you know, I'm being, oh man, this is great. And also using, you know, mail order, which, you know, that's old school now, but it wasn't in the 1990s so um, you know, so that was pretty rad. And then, and then I went to college and you know, I had a choice to choose where I was gonna go, and I made that choice based on, well, it was either gonna be UIUC, University of Illinois or Ban of Champaign, which is where ARPANET or DARPANET invented the internet. So I was like, I'm going there, you know, because I knew the web was gonna change. I just didn't know how it was gonna change or when it was gonna change the world. But they had that was all inside of the engineering program, and it was, and they also had really they still had modems in the dorm rooms, you know. And so I found a university where it was like they had a program, MIS, that was inside of the business program, and you st and you did computer science, but it was it was business first with computer science, and they had a T1 on every floor. They had just invested, which was, if you remember back then, a T1 was like hugely fast. Of course, that's silly slow now. But that was that was the whole that was that was a several thousand dollars a month you pay, maybe even thirteen thousand dollars a month you'd pay at that time for a T1. Only businesses could afford this, but education had it. So I had to go to that university, right? That kind of just really put me on a fast track. I think gave me an unfair advantage of other folks at the same time working on the web on things like this in other universities. They didn't have access to the speed and they were in engineering and not coming from with the business and engineering um perspective. So that just gave me a huge boost. Started interning at MCI WorldCom, entered a program there called STARS Selection Training and Rotation was supposed to come out of manager, and then Y2K hit. And I was the only young man, only person that, because I was in the rotation program that knew what email administration, network administration, systems administration, calling, rating, all the different departments, you know, across this vast telecommunications network, and they were also buying others, knew what was going on because everybody was so siloed. So they put me in charge, and I look back, I'm like, Rustin, you weren't even, I wasn't even 21. And I was the Y2K, you know, project manager for all of the WorldCom side of MCI WorldCom, which is now Verizon, which means I got to miss Y2K and spend my night there running a command center, you know, and and all that stuff. But uh, and as soon as that was done, they said, okay, that all went well, and we're gonna sell off this entire group to to EDS, I think it was at the time. And so EDS, you know, had this non-compete. I I now I realize as an older man that it probably wasn't enforceable, but as a young man, it just seemed like I'm never gonna get to work again to anywhere else. I had to make a decision. Am I gonna branch out, start that business I always wanted to start, or am I going to take the corporate route? And it was a tough decision, Greg. But I took the, I took the the let's go ahead and let's do this. And so went out, um, started the business. Wasn't Bluefin. A couple businesses later, and lots of learning. And I'm glad I had the learning about learning how to work with other partners or not, and also how to build a business that works for you that you don't work in it, then started Bluefin. The time was Blue Financial, and uh and it really kind of went up from there. But really, uh, you know, into music, into scuba diving from New Orleans, like to cook my saucier, like to try either a new sauce every week that I make or take sauces and I have made and tweak them. So very much uh more of a creative mind, but still uh do love to nerd out in the engineering details. So uh like to play on both sides there.

SPEAKER_01: 25:31

Okay. Okay. So the next question was what were your or what are your passions? So I think you mentioned all your personal passions, work-related, it sounds like very technology driven. So just curious, any other passions within uh the work environment?

SPEAKER_02: 25:45

Yeah, I uh you know I was passionate about payment gateway, built that. You get to a point where everything was going great, and then what started happening was you kind of hit a hit a wall with payment gateways where all they could do then was lower their price and add more features, which is sort of like your 10 cents. Now you've got to be subpenny. Oh, by the way, we need to have all these new features because there's so much more happening with digital payments. So it was kind of a runaway train in the other way. So that it just didn't seem to be, it was the first 10 or 15 years of my work of the Bluefin career, but it just didn't seem to be a sustainable offering, right? And also with the advent of software, ISVs and SaaS, a lot of what a lot of payment gateways did was just pre-packaging and pre-selling components or logic that was software anyway, so that the software companies didn't have to build recurrents or they didn't have to build their own reporting from raw data, just making life easier for programmers and developers, right? But eventually they figured that out, and all they need are interfaces to talk to the payments, right? And they don't need a lot of the bells and whistles, at least if they're past that startup phase. So the passion kind of started to move to payment security, right? So payment security was you know definitely a decade where I was the wild man in the wilderness about this P2PE stuff, right? I'm on the PCR board of advisors now and have been for some time, and you know, so I very much will always be payment security evangelist. And I have to say, going back to the AI thing, I have been very much into that for the last year, which turns out to be a long time in AI time. And so that is where you see a lot of my writing, a lot of my interactions. I'm four different AI committees for various industry associations across our world, ETA, RSPA, PCI, these kinds of groups. You know, so uh very much a proponent of that, not just because it's the cool thing, but I feel it's my mission to secure it for payments so that it all makes sense. Because I saw how being on the side of security in uh for the last 10 or 12 years, I've seen how many organizations have limited their internal innovation and the things that they would go out and adopt for like, you know, mobile payments or bringing the payments out to the customers rather than the customer coming to them. And all these large enterprises, because of security, how they kind of hold it held up innovation and making life easier for the experience for everyone involved. And then once if they finally got, oh wow, it doesn't matter what software you use as long as it's encrypted and tokenized, then all of a sudden it's back open. Well, we can use all we can do all these things, and then all of a sudden you see this huge, big innovation. And I'm like, my goodness, I have to pat myself on the back, but I'm glad I did that because you wonder to a certain degree, all those hard times, wild man in the wilderness trying to tell everybody, you know, prophesies about, hey, there's a thing, there's an easier way to do this, you know, running myself ragged 200,000 miles a year on planes, and then all of a sudden you see, okay, there's liftoff. I feel like I don't want AI to have to go through that same thing where everyone's like, we can't use AI until it's secure. Yes, agenda commerce, yeah, but what happens over here? What's over there? It's like, no, let's have real clear platforms, products, protocols, lanes. Let's have things that everybody already trusts, like point-to-point encryption. How do we implement that over here? Things that are already known and credible, and how do we put them in the right places so that there's not this big half a decade hiccup with this move towards AI? Because I truly believe that AI is as much or more of a change than the World Wide Web is. And I'm just so lucky to have my first year in college be 1994, which was the first year the web came out. And I'm kind of seeing this as like, okay, this is that second chance in life where you're like, this is that next big thing that's gonna maybe even have that much more relevance uh, you know, 10 or 20 years from now, or five or now, or even now. And so I feel that is my mission and my passion to bring payment security into that.

SPEAKER_01: 29:39

Aaron Powell Great. Thanks for sharing that. So obviously, you've been in payments for a long time. So if someone came to you and they're maybe wanting to start a career in payments, maybe they're moving over from another industry, what kind of advice would you give them to help them have a successful career in payments?

SPEAKER_02: 29:56

Aaron Powell, that that advice would have changed four or five times over the Last 25 years, yeah. Now it's okay to be a nerd. It's okay to be a payments nerd. You know, there was a time when payments was very, very specific, right? And it was a certain kind of person, and maybe I don't know, it was it was different, I have to say. You know, folks like you and me were probably unique 10 or 20 years ago, maybe 20 years ago, 15, 20 years ago in the payment space that are having conversations like this. You know, it was either uh selling devices or getting lower rates or trying to figure out how to bring down fraud and risk or something like this, which is important, but it was a little more e-commerce-centric or whatever, or or retail centric in these these boundaries. I think that all that stuff's kind of going away. We're starting to see more open banking concepts coming, you know, from the from the East and from our European side. We're starting to see more privacy things happening. We're starting to see more open to new kinds of payments, stablecoin, you know, network tokens. Uh, we're we're seeing a lot of things happening in a faster timeline. I would say that for for someone new coming in, A, you know, be curious, B, be prepared. Used to be like, that's the business guy, and he's gonna run the business thing, and that's the tech gal, and she's gonna run the tech lane. And it's like, man, you really do need to understand maybe more than the basics about how things work, because sometimes that is the angle, that's the lever, that's gonna drive the business thing, that's gonna make things happen. And that and the ingenuity and the innovation that you're gonna provide may have a technical twist. And so you're, you know, you're as a founder really need to, really need to understand this stuff. Doesn't mean you have to be an engineer, but it does mean that you need to have a good understanding of payments. So I'd say be prepared, be curious, don't be afraid to be a nerd, and don't be afraid to uh to get in a little bit over your head, maybe even a lot over your head. You know, when I got into payments, you know, it's that onion thing, and I'm sure you you've been in payments for a while too. It's like as soon as you figure out what a gateway is, oh, there's acquiring, there's issuing, there's security, there's how things happen internationally, there's there's optimization, and you just keep learning and learning and learning, and I'm still learning after a quarter of a century, you know, about the things. You know, you can still find the back-end settlement and clearing and all the different things that go on. And then you add in the banking side, which is getting all mixed up in that as well, you know, and to learn. So be curious, be always learning. Be okay to just to be in a situation where you don't know everything. Because I think some folks need to know everything before they take that step, and you will never know anything in payment, everything in payments. And as soon as you know everything, boy, it's gonna change next year anyway. So it's so you so in some cases, it's easier for the newer folks to to to surpass the older folks because they're not dragged behind by what they know. So they can just come in and be like, hit the ground running. Here's the new, here's the new paradigm. Let's go make this happen. So I I think it's it's a really great time to be in payments, far more accessible than it was when I got into it. And it's getting so much more software. We say software is eating payments, it's an interesting one. But you know, I I would say they're past eating it, they're digesting it now. We'll see what happens on the other side of things. It's so much now becoming combined with where does software start and payments stop and all of that. That if you're just a software person that's interested in payments, go for it, get into it. You can figure this stuff out. And before you know it, they'll have you speaking on a panel, you know. So uh it's it's like when Garage Band came around, like, oh, I can I can make some music that actually sounds great at home. When I was making music back in the 80s, you know, you better get ready to drop 20, 30 grand on a home studio if you really want to make music. Now you get a garage band and an apple, you know, and boom. So that's payments is getting more like that.

SPEAKER_01: 33:37

Great. I think that's great advice. So, Rustin, it's been a great conversation so far. So, is there anything else you'd like to add before we wrap up the show?

SPEAKER_02: 33:44

At Bluefin, we're we're passionate about payment security. We're passionate about where payments is are going through this whole agentic AI piece of it. And we're not just um we're trying to rethink how we deliver things as well. I oftentimes will talk to folks about Bluefin and they're like, oh, you're that gateway, or it'll be like, oh, you're that, you're that this. It's like, yes, if any company that's been around for a quarter of a century, it's gonna have done a lot of things, right? And so you've got a lot going on. But we are rethinking what we do all the time and and actually oftentimes finding areas in the space that we're um that we're still pioneering even in and helping drive what the standards should be. But yeah, um excited to be here, definitely excited to be in this business and still excited about it after all this time, which not a lot of folks can say about the businesses that they're in. So I think we're lucky. You know, I my dad's a civil engineer, you know, he kind of did the wires and the plumbing and the walls, you know, and that was a very exciting thing for his 50-year career, you know, building up sewers and Michelin, Mackinac Island, and you know, all these different things. And like, okay, but all of a sudden all that stuff, you know, they put up the they put up the walls and you don't even know how it happens. You just turn on the electricity and it works. You just turn on the water. So I know that my role as a civil engineer at payments and payment security has probably, at some point, everyone's gonna be like, oh, do you know people had to figure all this stuff out at one point? So I know there's you know, that it's all marching towards that. And I'd like to look back on on my on my career and be like, yeah, I was a part of making all this stuff disappear into the walls, but be absolutely dependable, resilient, and secure.

SPEAKER_01: 35:18

Well, Rustin, thank you so much for being on the show today. I know your time is very valuable, so I really appreciate you being here. Thanks, Rick. And to all you listeners out there, I thank you for your time as well. And until the next story.

SPEAKER_00: 35:28

Thank you for joining us this week on the Leaders in Payments Podcast. Make sure you visit our website at leadersinpayments.com, where you can subscribe to the show and where you'll find our show notes. If you enjoyed listening, please share on your social channels as well.