KAREN JOY BACUDO

Finance Editor

Enfuce has published research showing that European consumers are increasingly concerned about political interference in payment systems, with strong support for greater European control over payments.

The survey of 3,000 consumers and 500 senior executives at payment providers across France, Germany, Italy, the Nordics and the UK points to growing unease about reliance on US-owned networks such as Visa and Mastercard. It also suggests the debate over payment sovereignty has moved beyond policymakers and into the mainstream.

The findings show that 62% of consumers believe geopolitical tensions could disrupt payments in their market. In comparison, 59% are concerned that the US government could instruct American-owned payment networks to restrict or stop payments. Concern was even higher among payment providers, with about 78% worried that political tensions could lead to restrictions.

Dependence on a small number of global operators also featured heavily in the responses. Six in ten consumers said it was a problem that so many payments are controlled by a small number of companies, and 67% said they would struggle to pay or be unable to pay without Visa or Mastercard.

Consumer priorities

Despite support for greater European control, the research indicates that political concerns alone are unlikely to reshape behaviour at the checkout. Just one in five consumers said they would choose a new payment system primarily because it was locally owned.

Instead, respondents said practical factors remained the main reasons to switch payment methods. Security was cited by 43% of consumers, acceptance by 40%, and privacy by 29%.

That creates a challenge for European alternatives seeking broader adoption. While 73% of consumers and 97% of payment providers said it was important for the UK and EU to have greater control over payment systems, customers still appeared more focused on reliability and trust than on ownership structures.

The findings also suggest awareness of the issue is already established. More than half of consumers said they had thought about the systems behind their everyday payments, and 56% said they were familiar with efforts to create alternatives to Visa and Mastercard.

Backing for Wero

Among payment providers, support for alternatives appears strong. Enfuce said 85% of providers have implemented or plan to implement Wero, the European payment method that has emerged as one of the main alternatives under discussion.

Three-quarters of payment providers said they believed local alternatives would be viable within a decade, while 66% said such an option could offer better value than existing global networks. At the same time, 67% said Europe could achieve payment sovereignty without replacing established international card schemes altogether.

That reflects a more mixed industry view of how sovereignty would work in practice. The data suggests many executives see room for a more locally controlled system alongside the current dominant networks, rather than through a complete break from them.

The research comes as Europe examines how far it should reduce dependence on foreign technology and financial infrastructure. In payments, the issue has gained prominence because card transactions and other consumer payments rely heavily on international networks headquartered outside Europe.

For fintech groups and payment infrastructure providers, that shift has created a broader strategic debate about resilience, market concentration and economic autonomy. The survey suggests those concerns now resonate with consumers as well as industry executives.

Around 58% of consumers said they were worried that reliable local alternatives would not be available if major payment networks were disrupted. That points to a growing perception that payment infrastructure is part of economic security rather than just a background utility.

“For decades, payments were designed around convenience and global scale. Now they are becoming a question of resilience, control and economic security. Consumers are starting to recognise that the systems moving money around the world are not politically neutral infrastructure. This is a rare opportunity to rethink what we want from payments – not just faster, but more transparent, resilient and more aligned with the values of consumers, businesses and society itself,” said Denise Johansson, Co-founder and CEO of Enfuce.

Councillor Jack Treloar said the Cornish Bakery has received no objection from Witney Town Council to open a new branch in the town.

The Cornwall-based cafe will take over the former Shoe Zone shop in the Market Square and close to Coffee #1, Gails and another independent cafe.

Mr Treloar said: “After this planning application was discussed this evening at the Witney Town Council planning committee. I’m pleased that the result was a unanimous no objection.

READ MORE: Jeremy Clarkson ‘was banned from driving’ by doctor

“I know people will say that the market is highly saturated, and to a degree, they’re right, but as a member of management in a locally owned cafe company, I think it’s safe to say there is still a great deal of hunger for more.

“Ultimately, coffee shops and cafes are the new trailblazer in hospitality, with cafes opening at an astonishing rate, and for good reason.

“I look forward to being able to get their beautiful Cornish puddings in Witney, without having to travel to Cirencester. Another great thing, it’s keeping spending in Witney.”

The chain was set to take over the Pret A Manger shop close to Carfax in Oxford, but announced in January this was no longer the plan.

Witney councillor Andrew Coles said he is “absolutely delighted” with the arrival due this summer and added: “It’s a vote of confidence in Witney’s town centre as yet another new business comes to town.”

Cato Networks said it can protect customers against newly disclosed vulnerabilities within 45 minutes, reflecting what it described as a new approach to CVE mitigation.

The claim marks a sharp reduction from the days or weeks often associated with vulnerability response in security estates that rely on customer-managed appliances and patching cycles. Cato said it had previously reduced that process to hours through its software design and has now shortened it further by using AI-driven threat research with automated delivery across its cloud service.

Cybersecurity vendors and customers are under growing pressure to respond faster as the number of disclosed vulnerabilities rises. Cato cited data from the US National Institute of Standards and Technology showing CVE submissions rose 263% between 2020 and 2025, while filings in the first three months of 2026 were nearly one-third higher than in the same period a year earlier.

At the same time, many organisations still struggle to remediate vulnerabilities quickly. Cato pointed to Verizon’s 2025 Data Breach Investigations Report, which found that about 54% of edge device vulnerabilities were fully remediated during the year, with a median remediation time of 32 days.

How It Works

Cato said its process uses AI agents, with human supervision, to monitor disclosed vulnerabilities, triage information from multiple sources, extract indicators of compromise, reproduce exploits in a lab environment, develop threat signatures, test them for false positives, and deploy protections across the Cato Cloud.

Because the platform is cloud-based, customers do not have to patch or reconfigure distributed appliances before receiving the mitigation, according to the company. That removes a step that often slows response times in traditional security environments, where vendors must develop updates and customer teams must then test and install them across large estates.

Cato framed the announcement as an architectural argument as much as an operational one. It said rapid mitigation depends on combining network visibility, platform-wide context, and cloud-based enforcement in a single system rather than relying on separate products and local appliance upgrades.

That position goes to the centre of a wider cybersecurity debate over whether older infrastructure models can keep up with attack timelines that continue to shrink. Security teams have long measured performance by time-to-protect, but the industry is increasingly focused on time-to-exploit as attackers move more quickly from disclosure to active abuse.

Shlomo Kramer, Co-Founder and Chief Executive Officer of Cato Networks, said the change in attack speed exposes the limits of appliance-led security operations.

“Attackers move in minutes. Appliance-centric security still moves in patch cycles,” Kramer said.

“Cato closes the gap by turning new CVE intelligence into protections deployed globally across our cloud service, with zero customer effort. In the AI era, security architecture is no longer a matter of efficiency. It is a do-or-die security decision,” he said.

Industry Shift

Cato said the latest reduction in response time came from applying agentic AI to stages of the vulnerability protection lifecycle that it had already automated over several years. Those stages include monitoring CVEs, creating protections, validating them, and deploying updates across the company’s cloud infrastructure.

In Cato’s account, the latest step is less about replacing existing systems than compressing the time needed to complete each part of that cycle. The company said AI agents now help automate vulnerability analysis, exploit reproduction, protection generation, and validation, while humans remain in a supervisory role rather than carrying out each step manually.

That reflects a broader shift across parts of the security market, where vendors are trying to use AI not just for detection but also for operational response. The central promise is that machine-led workflows can reduce the lag between a newly published vulnerability and a live defensive control.

Elad Menahem, Senior Vice President of Research at Cato Networks, said the significance was not limited to a faster headline number.

“The breakthrough here is not just speed,” Menahem said.

“It’s that vulnerability response itself can now operate continuously and at machine scale,” he said.

Cato, known for its secure access service edge platform, said thousands of organisations use its network and security services across cloud, hybrid, and distributed environments. The latest announcement places that platform architecture at the centre of its pitch to customers facing a heavier flow of vulnerability disclosures and shorter windows to act.

By arguing that protection can be deployed globally in minutes without customer action, Cato is also making the case that mitigation speed is becoming a defining measure of security infrastructure rather than an added feature. It said AI-era security cannot depend on manual customer operations or appliance patch cycles.

The benchmark it has set will now test how quickly other security providers can demonstrate similar response times as vulnerability volumes continue to rise and exploit activity becomes harder to contain within traditional operational windows.