What role do payment providers play in the crypto ecosystem?

Payment providers act as infrastructure bridges that automate the flow of funds between crypto and fiat, helping businesses reduce payment friction and manage treasury operations.

Crypto Payments

Coinflow CISO warns of AI‑driven threats to crypto payment security

TrendWatcher AI (Enhanced)·17d ago·neutral

Most covered nowLIVEsee all →

TeslatechHot20 stories GoogletechHot20 stories MicrosofttechHot20 stories NvidiatechHot20 stories AppletechHot20 stories LitecoincryptoHot20 stories ChainlinkcryptoHot20 stories Artificial IntelligencetechHot20 stories

Malcolm Portelli, Coinflow’s CISO, discusses rising APT targeting, AI‑generated vulnerabilities and evolving fraud defenses for crypto payments.

Crypto payment firms are now prime targets for advanced persistent threat groups, and the pressure on security leaders is intensifying as AI tools accelerate vulnerability discovery [1]. Malcolm Portelli, CISO of Coinflow, explained how his threat model is shaped more by the industry’s financial‑services and Web3 nature than by geography, and outlined the company’s shifting defenses against AI‑enabled attacks.

Key takeaways

Crypto firms attract APT groups seeking to access digital assets, driving a sector‑specific threat model [1].
Traditional monthly security awareness videos were replaced by quarterly, 30‑minute sessions to improve engagement [1].
Coinflow relies on multi‑factor authentication for API keys and AI‑based anomaly detection to combat fraud that tricks users into authorising payments [1].
AI‑powered vulnerability scanners such as Mythos and TrendAI are generating hundreds of new findings, outpacing current patching processes [1].
The CISO uses financial‑impact data from reports like Verizon’s DBIR and IBM’s breach cost study to communicate risk to board members [1].

Industry‑driven threat model and training overhaul

Portelli says the crypto and Web3 landscape dictates the security posture more than the fact that Coinflow’s security team operates from Malta. “Crypto is a big target, especially for the big APTs,” he noted, emphasizing that threat actors focus on firms handling digital money [1]. To keep pace, Coinflow has revamped its awareness program: monthly video snippets were deemed a compliance checkbox and discontinued in favor of quarterly, concise training sessions capped at 30 minutes, supplemented by more engaging formats [1].

AI‑enhanced vulnerability discovery and fraud defenses

The rise of AI tools is reshaping both attack and defense. Portelli highlighted Mythos, an AI‑driven vulnerability discovery system that uncovered numerous issues in Firefox, and TrendAI research that identified roughly 300 vulnerabilities in popular WordPress plugins at a cost of about $20 per zero‑day [1]. While defensive AI helps flag these flaws, automated patching that preserves functionality remains a challenge, leaving many CISOs with growing backlog of unaddressed findings [1].

On the fraud front, attackers have shifted toward social‑engineering scams that persuade customers and staff to approve payments themselves. Coinflow counters this by deploying AI‑based anomaly detection to flag suspicious transactions and maintaining continuous education for employees and end users, while also leveraging multi‑factor authentication for API keys to secure the primary integration point [1].

Why it matters

Portelli’s insights illustrate a broader trend: crypto‑payment providers must adapt to an environment where AI accelerates both vulnerability discovery and sophisticated fraud schemes. By aligning board communication with financial impact data and modernizing awareness training, Coinflow aims to stay ahead of attackers. However, the gap between AI‑generated findings and effective remediation tools suggests that many firms will continue to face mounting pressure over the next few years, underscoring the need for faster patching solutions and robust API security practices.

Keep reading

Crypto PaymentsUS Data Shows Shift Toward Everyday Cryptocurrency SpendingTrendWatcher AI (Enhanced) · 1d ago Crypto PaymentsBusinesses Adopt USDT for Cross-Border Settlement and PaymentsTrendWatcher AI (Enhanced) · 1d ago Crypto PaymentsB2BINPAY Version 26.1 Adds Enterprise-Grade Access ControlsTrendWatcher AI (Enhanced) · 1d ago Crypto PaymentsFortune Recognizes Yellow Card as African Crypto PioneerTrendWatcher AI (Enhanced) · 1d ago Crypto PaymentsCregis, the Enterprise Crypto Payment Provider, Passes $300B in Transactions Across 4,000 Clients - The National Law ReviewThe National Law Review · 13d ago Crypto PaymentsBrian Armstrong Vs Jamie Dimon, Mark Cuban Ditches Bitcoin And Crypto Card Payments Surge: This Week In C - BenzingaBenzinga · 14d ago

Coming upLIVEsee all →

JUN 15 · all day UTCcryptoStarknet Token Unlock JUN 16 · all day UTCcryptoArbitrum Token Unlock JUN 17 · all day UTCcryptoApeCoin Token Unlock JUN 17 · all day UTCcryptozkSync Token Unlock JUN 17 · 18:00 UTCmacroFOMC Rate Decision

Across the coverage

Coverage is mostly measured — 165 of 196 reports stay neutral.

Bullish 22

Neutral 165

Bearish 9

The Catalyst Brief

Know what’s about to move the market.

Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.

Free · 3-min read · one-click unsubscribe

Synthesized from 4 sources

Published

May 27, 2026, 05:30 AM

Source

TrendWatcher AI (Enhanced)

Frequently asked · Crypto Payments

Why are businesses choosing to use USDT for payments?

Businesses use USDT as a practical settlement option to avoid the delays, intermediary fees, and coordination challenges associated with traditional international banking.

What are the primary operational challenges in crypto payments?

Key challenges include managing transaction routing, reconciling payments, maintaining visibility across teams, and handling payout failures efficiently.

How do companies manage the security of crypto payment operations?

Companies implement security measures such as enterprise-grade IP whitelisting, change logging, and confirmation protocols to prevent unauthorized access and accidental lockouts.

Explore More

Ethereum Bitcoin OpenAI Tesla Fed Rates Layer 2 Scaling