
Mastercard Selects Spec for First-Ever Start Path Security Solutions Program
Mastercard expanded its award-winning Start Path program to include a dedicated track for Security Solutions, handpicking five companies during a competitive selection process. We’re proud to share that Spec was chosen for the first Start Path Security Solutions cohort. By participating in Start Path, Spec will have the opportunity to tap into Mastercard’s network, expertise and technology to accelerate innovation in fraud detection.
It’s an honor to be recognized as a company shaping the future of commerce, security, and digital trust, and a major milestone for Spec and the businesses we support. With access to Mastercard’s global network, we have the opportunity to bring our end-to-end approach – combining behavioral intelligence, journey data, and real-time action – to a broader set of businesses. This drives potential for greater scale, broader reach, and deeper impact. For our customers and the industry, it signals a shift toward modern defenses built to thrive in a world where AI shapes both good customer interactions and evolving threats.
When Real-World Impact Meets Global Recognition
Some of the most sophisticated platforms on the internet already rely on Spec to detect fraud rings hiding in plain sight, neutralize automated abuse before it hits revenue, and make faster, safer decisions across the customer journey.
Now, through Mastercard’s Start Path program, we will have the opportunity to bring these capabilities to Mastercard’s global network of banks, merchants, and partners.
As part of Start Path’s Security Solutions program, Spec joins a set of startups leading innovation in cybersecurity, fraud mitigation, digital identity and payment resiliency. Mastercard’s focus on trust and security across digital interactions aligns with our mission to deliver real-time clarity into customer behavior, without relying on detection mechanisms in JavaScript, SDKs, or black-box scores which are increasingly vulnerable in a world of AI-enabled attackers.
This announcement also follows the launch of our latest capability: real-time user behavior tracking, giving teams even deeper visibility into where risk originates and how fraud unfolds in-session.
What Comes Next
This milestone marks the beginning of a new chapter for Spec. One where we’re not just delivering visionary product innovation but doing it with support from Mastercard to innovation, scale, and drive real-world impact.
For the industry, it’s a signal: yesterday’s tools can’t solve today’s fraud. The future of security is real-time, identity-aware, infrastructure-light, and deeply embedded into how digital businesses operate.
And that’s exactly what we’re building at Spec, and we ’re just getting started.
--
See Spec in Action
Now backed by Mastercard’s global network, Spec helps businesses everywhere move faster, see more, and stop fraud before it starts.
- No major re-instrumentation required: Sessions start automatically when users land on your site or app.
- Lightweight integration: API calls are linked to sessions in real-time through simple configuration.
- Spec ID activates immediately: Returning users are fingerprinted and connected across sessions as soon as you go live.
- End-to-end support: Our team partners with you to ensure fast time-to-value.
You don’t need to rebuild your fraud stack to start seeing full customer journeys. Book a demo now to see how it works.
Ready to get started with Spec?
Nate Kharrl, CEO and co-founder at Spec, has built leading solutions for application security and fraud challenges since the early days of the cloud era. Drawing from his cyber experience at Akamai, ThreatMetrix, and eBay, Nate helped found Spec to focus on the needs of businesses operating in a landscape of increasing AI risks. Under Nate’s leadership, Spec grew from its mid-pandemic founding to raise $30M in venture-backed funding to build solutions used by Fortune 500 companies transacting billions in online commerce. Spec’s service offerings today include protective measures for websites and APIs that specialize in defending against attacks designed to bypass bot defenses and risk assessment platforms.