Christmas is just a mere days away and, as this is America, you can only imagine the recent uptick in online fraud. It’s a sad truth by now that identity theft happens every day; thieves frequently steal people’s credit card information — be it online or in person. This was exemplified by the recent security breach at Target that left millions of customers at risk.
The problem is twofold. How does a consumer avoid identity fraud, and how does the merchant avoid fraudulent transactions? This is especially relevant to smaller businesses, which are on the hook if they process a fraudulent transaction. The onus, therefore, is on the stores to be hyper-vigilant.
A recent survey found that fraud during the 2013 holiday season will cost retailers $3.4 billion. With this increase in fraud, merchants are seeing the need to be more cautious in approving transactions — especially during the holidays. The downside with this vigilance is that customers are being turned away whose accounts are completely kosher.
But the science that merchants use for declining potentially fraudulent accounts is anything but perfect. At least that’s what Eido Gal, co-founder and CEO of credit card “risk enablement platform” Riskified, claims.
Riskified is an external service that merchants can use to analyze the potential risk of an incoming credit card transactions. If a merchant is unsure about the legitimacy of an account, it can send it to Riskifed, which will analyze it. If it’s approved, Riskified will charge the merchant a nominal fee; if its declined, no party gets charged. If Riskified approves the transaction and it turns out to be fraudulent, it incurs the fees, not the merchant — a kind of money back guarantee. Gal says that some merchants send most transactions to Riskified and others only send fringe cases.
Gal’s business plan is predicated on the idea that merchants may be too conservative with approving transactions. According to company statistics, merchants, on their own, decline between three to four percent of submitted orders. At the same time, only about one percent appear to be fraudulent. This means the majority of those that were declined should have been approved.
In other words, paranoia is resulting in merchants leaving money on the table.
“When [Riskified gets] these transactions,” Gal says, “76 percent were able to get approved.”
Gal believes his background in anti-fraud departments at companies like PayPal, BillGuard, and Fraudsciences, gives him a leg-up. Riskified uses an automated system that can weed out the most obvious cases, however if one transaction requires a more scrupulous eye, the company assigns a living, breathing human being to analyze it. For the automated system, it takes minutes to approve the transaction. For the other cases, it can sometimes take up to a half hour.
What it comes down to is that most merchants don’t have time to implement a process by which to analyze these transactions, and this is what Gal does. “This is what he do,” he said. “It’s what we’re good at.
Of course, that doesn’t stop Riskified from approving corrupt cards. Gal told me that only about twenty percent of the company’s revenue ends up being used for merchant chargebacks. But that’s a risk the company is willing to make, because the vast majority are approved. And the merchants are happier because they are approving more transactions.
One would think that credit card companies would put some safeguards in place to stop them, but Gal explained that its not in their interests. “They’re happy with the risk being on the merchant,” he says.
And doesn’t that just put you at ease, knowing that credit card companies don’t really care if your account is stolen? Either way, you’ll probably still get a refund. Except when you won’t and the thief has already bought his ticket to Maui.