Recently, payout Fintech Runa launched Runa Assure, a security suite specifically built to fortify payout processes against threats of fraud, cyberattacks, and compliance risks.
Runa Assure was purpose-built for instant payout methods, including gift cards, prepaid, and push-to-card. It protects more than two million unique monthly recipients. Runa Assure’s compliance, fraud, and security defenses are integrated throughout the entire payout transaction lifecycle, with no extra cost or action required for clients or recipients.
“As pay-ins and payouts become increasingly instant and adoption increases across more use cases, keeping funds secure is more important than ever,” said Aron Alexander, CEO of Runa. “Unlike other fraud and security models that focus on payment acceptance, we’ve designed a fraud and security engine specifically to protect payouts. Runa Assure embeds top-tier security, compliance, and anti-fraud measures into every transaction so customers can completely protect their recipients as well as their money from any suspicious activity.”
Runa Assure protects recipients at a time when fraudulent activity is escalating in payouts and disbursements. In 2024, 87% of payments businesses reported a surge in online fraud, while the Global eCommerce Payments and Fraud Report identified loyalty fraud as one of the fastest-growing fraud types worldwide. Cybercriminals are exploiting payout systems with increasing sophistication, using malware, fake identities, and AI-driven phishing attacks to target funds from survey remuneration, loyalty cash-out, incentive programs, commission earnings, and class action settlements.
Runa Assure is engineered to help businesses stay ahead of sophisticated fraudsters by deploying preventative and proactive security controls. It safeguards the entire payouts journey so businesses can protect their recipients, revenue, and reputation.
Key security features include:
Advanced machine learning fraud detection: Prevent unauthorized access with IP allow listing and multi-factor authentication, and monitor suspicious activity with user behavior analytics.
Data encryption and secure storage: Ensure sensitive information and API keys remain protected with cloud encryption technologies. Distributed denial of service protection ensures all traffic is protected from malicious threat actors. Web application firewalls monitor traffic continually.
Continuous monitoring and instant incident response: Real-time detection of threats with immediate remediation actions, including human intervention.
Tailored security controls: Customizable security control settings with features like role-based access controls and order limits.
Global industry compliance: Adherence to international security standards, including ISO 27001, GDPR, PCI DSS, AML, and KYB/KYC.