May 14, 2014
According to a report by emarketer, global ecommerce sales are expected to reach $1.2 Tn by end of 2013. But even with the growth in online commerce or e-commerce, and several innovations later, the credit card security and online payments fraud remain the biggest issues today. Globally according to a study by Nielson, the loss due to online fraud was estimated at $11.27 billion in 2012. In a recent survey by TechRepublic, 79% customers said they would like to shop more online if provided with simpler and secure payment options.
Apart from online fraud happening at the time of remote payments (CNP), the offline payments (proximity payments) done using mobile phones at merchants are also prone to fraud and so are card present situations at POS. We have all read a lot about Target and Neiman Marcus cases.
Another aspect, often ignored, is to look at the revenue leak by inaccurately doing fraud detection and prevention. According to a report from Visa, merchants globally are declining 5% of all transactions due to fear of fraud. Riskified’s independent study found that 80% of the supposedly high-risk orders are from legitimate customers who appear high risk to typical fraud detection systems and are blocked by them. This is an interesting observation because the accuracy of your detection system could mean additional dollars.
In order to counter the rising fraud related issues, several companies have started offering significant fraud detection, security solutions as well as risk management functionalities. Some of them have been discussed here (illustrative, not exhaustive):
SafeNet maintains a strong position in the market in terms of providing security solutions, protecting over 80% of the world’s fund transfers. SafeNet hosts an array of Multi-Factor Authentication products providing authentication as a service (AaaS) as well authentication management platforms. The company provides security products that protect networks, intellectual property, software, and personal identity. SafeNet clicked revenues of approximately $455 Mn in 2010.
For payment sector, the company offers a range of authenticators prominent one being the certificate-based PKI smart cards combined with strong security and cost effective measures. Such smart cards providea single solution for strong authentication and applications access control, including remote access, network access, password management, network logon, as well as corporate ID badges, magnetic stripes and proximity.
2Checkout maximizes online sales conversions by giving global buyers localized payment options. Over 50,000 merchants are linked to the company. 2Checkout supports transactions in 196 countries through 8 payment methods, 26 currencies, and 15 languages. E-service includes a merchant account, a pre-integrated payment gateway, international fraud prevention, PCI compliance, and plug-ins for 100 popular carts.
In an Interview with Let’s Talk Payments, Kevin Gallagher SVP BD of 2Checkout spoke about Fraud. We are able to handle fraud better than others. Its not only about the engine and analytics but the fact that we have 14 years of experience handling it. Our negative databases and rules and ability to track fraud is better than the newcomers. And also our advantage is that we are global. So we do have analytical data on a global scale. That’s how we create the big difference. Our experience spanning over 13-14 years helps us, he said.
On 2nd April 2014, it was announced that California based mobile payment startup Sekur.me had received a patent for secure logins and secure mobile payments. The ‘US Patent 8,677,166’ utilizes QR Codes, sound waves, push messages and radio waves. Sekur.me was founded by Jack Bicer – the inventor of Uninstall and Automatic Software Updates.
The company says its solution reduces fraud by authenticating shoppers before a payment is made. The multifactor authentication also creates a secure login capability that renders Keyboard Loggers and Man-In-The-Middle attacks useless and significantly reduces fraud.
Some features of their platform:
CipherCloud enables organizations to adopt cloud applications in a secure manner through its cloud data protection solution. It protects enterprise data inside and outside the cloud without any impact on backend integration and application functionality. It overcomes data privacy, security, residency and regulatory compliance risks associated with cloud applications.
Some features of CiperCloud:
Cloud Data Loss Prevention: It examines cloud content to prevent damaging leaks. Multiple enforcement options and policy-based encryption secure data are also enabled without interrupting the user’s business.
Advanced AES 256-Bit Encryption: CiperCloud Secures data with high levels of protection that can only be unlocked by the user, whilst preserving the functioning & format of his applications.
Key Management: CipherCloud enables the user to keep control of his data as the encryption keys never leave his organization. Compliance is ensured by enterprise key management tools.
Tokenization: It substitutes randomly generated values for the original data to meet strict data residency requirements which never leave the user’s enterprise.
Activity Monitoring: It tracks all user interactions across multiple cloud applications to generate detailed reports, audit trails and security dashboards.
Cloud Malware Detection: CipherCloud stops viruses from entering the user’s network through the cloud with real-time scanning, quarantining, cleaning, and zero-day updates.
CipherCloud boasts 2 Million users in over 30 countries for its cloud security software service currently.
CiperCloud was founded in 2010 by Pravin Kothari (CEO). The management team consists of Mike Kochanik (Worldwide Sales), Kevin Bocek (Marketing), Tagore Boyella (VP & GM, IDC), Varun Badhwar (Product Strategy) and Dev Ghoshal (Field Operations). The company has received a total funding of $30 Mn through investors Andreessen Horowitz, Index Ventures and T-Venture.
Norse is an innovator in the live threat intelligence security market with the goal of transforming the traditionally reactive IT security industry. Their intelligence-based security solutions are designed to enable organizations to defend against the advanced cyber threats, says Norse.
Norse was co-founded in April 2010 by Sam Glines (CEO) and Tommy Stiansen (CTO). The company has received a total funding of $10.1 Mn through investors Capital Innovators and Oak Investment Partners. Norse is located in St. Louis, Silicon Valley and Atlanta.
Signifyd is a fraud prevention company co-founded in June 2011 by Rajesh Ramanand (CEO) and Michael liberty(COO). Their fraud detection mechanism involves 120 parameters including offline and online ones. From public records, negative lists of merchants (multiple), location, transaction history, social graph, and device fingerprint, they analyze a whole lot of things to protect.
The company has received a total funding of $2Mn through investors
Andreessen Horowitz, Data collective, IA Ventures, QED Investors, Resolute, Tekton ventures and Safty Rashtchy. Signifyd enables e-commerce business to sell confidently by protecting them from fraud. According to the Startup the average e-commerce retailer loses 3.1% to fraud every year.
Some features of Signifyd:
Acculynk was founded in 1999 and is based in Atlanta, Georgia. The management team includes Ashish Bahl (CEO), Nandan Sheth (COO) Judi Vitale (CFO) Sandra Chesnutt (Sr V.P, Marketing), Collin Flotta(Sr V.P, Operations). The company currently has a 100 Mn cardholder base within the internet PIN debit network, 7000 debit card issuers and 3000+ online merchants.
Tel Aviv startup Riskified, was co-founded in 2012 by Assaf Feldman (CTO) and Eido Gal (CEO). In July 2013, the company received a funding of $1.6 Mn through investors Genesis Partners, Formation 8, Founder Collective, The Accelerator Group, T5 Capital and Entrée Capital.
According to a report from Visa, merchants globally are declining 5% of all transactions due to fear of fraud. Riskified’s independent study found that 80% of the supposedly high-risk orders are from legitimate customers who appear high risk to typical fraud detection systems and are blocked by them.
Riskified uses proxy detection, device finger printing, data enrichment through the social graph and entity linkage to classify transactions. If someone has an IP location in France, a credit card in the U.K. and they are shipping to New York, this might be a red flag, but it could be a legitimate sale to someone who used to live in the U.K., now lives in France and is spending some time in the U.S., said Eido Gal. We read the full story.
This ensures that merchants will not face charge-backs in case of a problem.
Scammers and phishers find a way to access your hard earned savings. In the case of the elderly this is quite true. True Link a Y Combinator funded Startup, planning to cash in on this unique business opportunity by targeting the elderly in the USA. True Link was launched in August, 2013 to help families avoid being scammed by equipiing prepaid Visa cards with personalize fraud protection.
On inquiring about the reason behind starting off this initiative, CEO Kai Stinchcombe said he saw a business opportunity arise from seeing his grandmother write about 75 checks a month for scammers posing as charities. Once a check is written by the elderly and processed by the bank, banks cannot refund the money back to the user.
True Link offers a custom credit card to the elderly that is free for usage in the first year and is charged $20 annually thereafter.