Beyond the Stack
Tapan K
Payment Village @ DEF CON 33 · Day 1 · Payment Village
In his compelling talk "Beyond the Stack" at Payment Village, Tapan K, an engineering manager with extensive experience in building and scaling payment systems, including global giants like Visa, presented a critical perspective on payment security. The talk challenges the conventional focus on hardening only the immediate payment stack, arguing that the most significant vulnerabilities often lurk in the myriad external systems, vendors, APIs, and third-party components that payment systems depend on but do not directly control.
AI review
A competent survey of well-documented payment breach case studies — Revolut, British Airways Magecart, Starbucks credential stuffing, Squarespace DNS hijacking — stitched together with a 'zoom out beyond your stack' thesis that the industry has been preaching since at least PCI DSS v1. Nothing here is original research, no novel attack vector is introduced, and the defensive recommendations read like a SOC2 audit checklist. The Payment Village audience deserves more than a curated Wikipedia tour dressed up as insight.