Zahid
Shaikh

In 2016, PayPal handed Zahid Shaikh its Top Inventor award. Five patents. A device intelligence product quietly saving the company north of $40 million every year in fraud losses. Most people would have called that a career highlight and stayed put.

Zahid kept moving. Uber. Then Revolut, where he led the U.S. launch of the crypto buy/sell product, standing at the collision point of two industries fraudsters had already learned to exploit. What he saw wasn't just a fraud problem - it was a fragmentation problem. Dozens of point solutions stitched together with hope. Every gap a potential entry point for a sophisticated fraud network.

In April 2020, Zahid left Revolut with two colleagues he'd been watching think through the same problem: Soups Ranjan (now CEO) and Aditya Goel (Head of Payment Products). They didn't leave to chase a trend. They left because they'd each spent years at the bleeding edge of financial crime - and had a clear picture of what the unified platform should look like.

That company became Sardine.

The name is deliberate. Sardines move in coordinated schools - a collective intelligence that's notoriously hard to predict or outmaneuver. Fraud networks operate the same way. Sardine the platform was built to do both: move faster than the attack patterns, and see the network behind individual signals.

Sardine is an AI risk platform - but that framing undersells the specificity. Zahid's role as Head of Risk Products means he owns the intelligence layer: device fingerprinting, behavioral biometrics, real-time risk scoring, and increasingly, the agentic AI layer that handles the grunt work so human investigators don't have to.

The core insight behind the product is counterintuitive: most fraud platforms create noise. They alert on thousands of transactions. Teams drown. Fraud still slips through because the people who should be making decisions are clearing a queue instead.

Sardine was built around the opposite thesis: surface fewer signals, but surface the right ones. Combine device intelligence (how the device is behaving) with behavioral biometrics (how the person behind the device is behaving) with network analysis (who else connects to this device, account, or identity) - and you get a picture that's genuinely hard to fake.

The platform spans fraud prevention, KYC/KYB onboarding, AML transaction monitoring, sanctions screening, and case management - domains that historically required separate vendors, separate integrations, and separate teams. Sardine's proposition is one API, one risk decision, one view of the customer.

For the banks, fintechs, crypto platforms, and retailers that use it, that means fewer false positives, faster onboarding, and - critically - a compliance workflow that doesn't require an army of analysts to run.

Zahid's path to Sardine wasn't a straight line - it was a decade-long accumulation of pattern recognition at scale. He started in electronics engineering at the University of Mumbai, then added a post-graduate diploma in software technology from NCST. The early career was technical: Hitachi, Verizon, Chase - the kind of infrastructure roles that teach you where systems break before you ever have a title that lets you fix them.

PayPal was the inflection point. As a Senior Product Leader, Zahid built the Device Intelligence product - a system that looks at how a device behaves, not just what credentials it presents. It's a harder problem than it sounds. Devices can be spoofed. Credentials can be stolen. But the behavioral signature of how a fraudster interacts with a device is distinctly different from a legitimate user - and that gap is exploitable.

PayPal's fraud losses dropped by more than $40 million annually. The company filed five patent applications with Zahid as named inventor. The recognition was warranted, but what mattered more was what the product proved: you can make fraud significantly harder without making the customer experience significantly worse. That insight would become the foundation of Sardine.

At Uber, he led the Trusted Identity team - a different fraud surface, same underlying problem. How do you know the person behind the app is who they claim to be, in real time, at scale? At Revolut, working on crypto buy/sell, the stakes went up again. Crypto's irreversibility means fraud losses don't get disputed; they get eaten.

Most fraud prevention professionals have a specialty. Zahid's is device intelligence - and it's a niche that turns out to be load-bearing for almost every other part of the fraud stack.

The premise is simple: your phone knows things about you that your password doesn't. The way you scroll. The speed at which you type. The angle you hold the device. The apps running in the background. None of these data points is definitive. Together, they're a behavioral fingerprint that's extremely difficult to fake consistently across a session.

Sardine's behavioral biometrics SDK captures this signal at the device level, feeding it into a risk scoring model that can flag - in real time - when the person behind an account doesn't match the person who opened it. Account takeover, synthetic identity fraud, remote access tool attacks: these attacks all leave device-level traces that rules-based systems built on transaction data alone will miss.

The agentic AI direction Sardine announced in its Series C tells you where Zahid is taking this next. The goal isn't just better detection - it's eliminating the manual review bottleneck entirely for the cases where the AI already knows the answer. The human investigator gets the hard cases: the borderline synthetic identities, the novel fraud patterns, the edge cases that require judgment. The AI handles the rest.

For a fraud and compliance team running lean, that's not a feature upgrade. That's a different operating model.

Zahid sat down with J.P. Morgan Payments for a deep-dive on fraud prevention fundamentals - covering device intelligence, behavioral signals, and how modern risk teams should think about building fraud defenses that don't break the customer experience.