According to a report by emarketer, global ecommerce sales are expected to reach $1.2 Tn by end of 2013. But even with the growth in online commerce or e-commerce, and several innovations later, the credit card security and online payments fraud remain the biggest issues today. Globally according to a study by Nielson, the loss due to online fraud was estimated at $11.27 billion in 2012. In a recent survey by TechRepublic, 79% customers said they would like to shop more online if provided with simpler and secure payment options.
Apart from online fraud happening at the time of remote payments (CNP), the offline payments (proximity payments) done using mobile phones at merchants are also prone to fraud and so are card present situations at POS. We have all read a lot about Target and Neiman Marcus cases.
Another aspect, often ignored, is to look at the revenue leak by inaccurately doing fraud detection and prevention. According to a report from Visa, merchants globally are declining 5% of all transactions due to fear of fraud. Riskified’s independent study found that 80% of the supposedly high-risk orders are from legitimate customers who appear high risk to typical fraud detection systems and are blocked by them. This is an interesting observation because the accuracy of your detection system could mean additional dollars.
In order to counter the rising fraud related issues, several companies have started offering significant fraud detection, security solutions as well as risk management functionalities. Some of them have been discussed here (illustrative, not exhaustive):
SafeNet maintains a strong position in the market in terms of providing security solutions, protecting over 80% of the world’s fund transfers. SafeNet hosts an array of Multi-Factor Authentication products providing authentication as a service (AaaS) as well authentication management platforms. The company provides security products that protect networks, intellectual property, software, and personal identity. SafeNet clicked revenues of approximately $455 Mn in 2010.
For payment sector, the company offers a range of authenticators prominent one being the certificate-based PKI smart cards combined with strong security and cost effective measures. Such smart cards providea single solution for strong authentication and applications access control, including remote access, network access, password management, network logon, as well as corporate ID badges, magnetic stripes and proximity.
- SafeNet provides different financial data security solutions to the concerned institutions including eTransaction Security and Online Banking Security.
- By implementation of virtualized environments, risks of frauds are mitigated enabling safe and secure transactions.
- Additionally the company offers virtualized infrastructures based solutions enabling both enterprises as well as cloud providers to store and protect private data in the cloud.
- Major customers in payment segment include Egg Plc, NH Bank, Bank of America, and Citigroup.
- The Company seeks to expand its boundaries with focus on increasing its cloud based services globally.
2Checkout maximizes online sales conversions by giving global buyers localized payment options. Over 50,000 merchants are linked to the company. 2Checkout supports transactions in 196 countries through 8 payment methods, 26 currencies, and 15 languages. E-service includes a merchant account, a pre-integrated payment gateway, international fraud prevention, PCI compliance, and plug-ins for 100 popular carts.
- 2Checkout’s Direct and Dynamic Checkout products are designed to make it easy for your customers to buy.
- Their PCI Level 1 Compliance is the highest level in the industry and protects you and your customers from online threats.
- The company’s three tiered protection strategy uses over 300 variables to identify fraud.
- Checkout Mobile allows you to monitor your account details and manage your online business on the go. Stay up-to-date on sales, payments and stay close to your customers.
In an Interview with Let’s Talk Payments, Kevin Gallagher SVP BD of 2Checkout spoke about Fraud. “We are able to handle fraud better than others. Its not only about the engine and analytics but the fact that we have 14 years of experience handling it. Our negative databases and rules and ability to track fraud is better than the newcomers. And also our advantage is that we are global. So we do have analytical data on a global scale. That’s how we create the big difference. Our experience spanning over 13-14 years helps us,” he said.
On 2nd April 2014, it was announced that California based mobile payment startup Sekur.me had received a patent for secure logins and secure mobile payments. The ‘US Patent 8,677,166’ utilizes QR Codes, sound waves, push messages and radio waves. Sekur.me was founded by Jack Bicer – the inventor of Uninstall and Automatic Software Updates.
- Sekur.me says it provides disruptive login and payment solutions with the best user experience.
- Their 1-Button Mobile Web Payment and the QR Payment capabilities enable convenience and security without ever entering any data.
- Sekur.me solutions result in increased revenue, more repeat customers and reduced support costs for merchants and websites not to mention a more secure login and payment process, according to the company.
The company says its solution reduces fraud by authenticating shoppers before a payment is made. The multifactor authentication also creates a secure login capability that renders Keyboard Loggers and Man-In-The-Middle attacks useless and significantly reduces fraud.
Some features of their platform:
- One button click Mobile Web payments
- Omni-channel Mobile Payments (Online Web, Mobile Web, Retail, Mobile Apps Paper BillPay
- Multi-factor authentication for logins and payments.
- Secure authentication with FonePrint.
- Online registrations.
- Anonymous payments
CipherCloud enables organizations to adopt cloud applications in a secure manner through its cloud data protection solution. It protects enterprise data inside and outside the cloud without any impact on backend integration and application functionality. It overcomes data privacy, security, residency and regulatory compliance risks associated with cloud applications.
Some features of CiperCloud:
Cloud Data Loss Prevention: It examines cloud content to prevent damaging leaks. Multiple enforcement options and policy-based encryption secure data are also enabled without interrupting the user’s business.
Advanced AES 256-Bit Encryption: CiperCloud Secures data with high levels of protection that can only be unlocked by the user, whilst preserving the functioning & format of his applications.
Key Management: CipherCloud enables the user to keep control of his data as the encryption keys never leave his organization. Compliance is ensured by enterprise key management tools.
Tokenization: It substitutes randomly generated values for the original data to meet strict data residency requirements which never leave the user’s enterprise.
Activity Monitoring: It tracks all user interactions across multiple cloud applications to generate detailed reports, audit trails and security dashboards.
Cloud Malware Detection: CipherCloud stops viruses from entering the user’s network through the cloud with real-time scanning, quarantining, cleaning, and zero-day updates.
CipherCloud boasts 2 Million users in over 30 countries for its cloud security software service currently.
CiperCloud was founded in 2010 by Pravin Kothari (CEO). The management team consists of Mike Kochanik (Worldwide Sales), Kevin Bocek (Marketing), Tagore Boyella (VP & GM, IDC), Varun Badhwar (Product Strategy) and Dev Ghoshal (Field Operations). The company has received a total funding of $30 Mn through investors Andreessen Horowitz, Index Ventures and T-Venture.
Norse is an innovator in the live threat intelligence security market with the goal of transforming the traditionally reactive IT security industry. Their intelligence-based security solutions are designed to enable organizations to defend against the advanced cyber threats, says Norse.
Norse was co-founded in April 2010 by Sam Glines (CEO) and Tommy Stiansen (CTO). The company has received a total funding of $10.1 Mn through investors Capital Innovators and Oak Investment Partners. Norse is located in St. Louis, Silicon Valley and Atlanta.
- Norse’s live global threat intelligence platform is a patent-pending infrastructure-based system that continuously collects and analyzes live high risk Internet traffic, identifying the sources of cyber attacks and fraud.
- Norse provides live, actionable, cyber threat intelligence that enables organizations to prevent fi‑nancial fraud and proactively defend against today’s most advanced cyber threats including zero day and advanced persistent threats.
- IPViking: Learn how to reduce the cost, frequency and impact of cyber attacks with their live cyber-risk intelligence solution.
- IPVizor: Take back control of your network with the only live cloud-based network monitoring and remediation service.
- NorsePayments: Stop fraud, reduce chargebacks, and take back control with the most robust and secure payment solution.
Signifyd is a fraud prevention company co-founded in June 2011 by Rajesh Ramanand (CEO) and Michael liberty(COO). Their fraud detection mechanism involves 120 parameters including offline and online ones. From public records, negative lists of merchants (multiple), location, transaction history, social graph, and device fingerprint, they analyze a whole lot of things to protect.
The company has received a total funding of $2Mn through investors
Andreessen Horowitz, Data collective, IA Ventures, QED Investors, Resolute, Tekton ventures and Safty Rashtchy. Signifyd enables e-commerce business to sell confidently by protecting them from fraud. According to the Startup the average e-commerce retailer loses 3.1% to fraud every year.
- Signifyd provides the user with SaaS solutions that analyze fraud and customer service agents who review the site for fraud purposes.
- Its product is built on a relationship graph that analyses the scoring data from various sources such as social, geographical location, address, phone, names which helps the business in making decisions in a simpler way.
- Signifyd’s SaaS simply sits on top of existing payment structures and processors, and then pulls data together to screen the transaction according to its CEO Rajesh Ramanad.
Some features of Signifyd:
- Device Fingerprint: Signifyd’s device fingerprinting uses data through which the device is identified uniquely. This can be done through the user’s desktop, tablet, game or Smartphone console.
- Proxy detection: Signifyd identifies the geographic source of an IP address of the customer browser which prevents the user data from fraudsters.
- Issuing Bank data: Signifyd Bin identifies the institution and geographical location from where the card is issued including prepaid cards and gift cards.
- Social Graph: Signifyd also checks the data from various social networking websites like Facebook, Twitter & Linkedin.
Acculynk was founded in 1999 and is based in Atlanta, Georgia. The management team includes Ashish Bahl (CEO), Nandan Sheth (COO) Judi Vitale (CFO) Sandra Chesnutt (Sr V.P, Marketing), Collin Flotta(Sr V.P, Operations). The company currently has a 100 Mn cardholder base within the internet PIN debit network, 7000 debit card issuers and 3000+ online merchants.
- Acculynk’s PaySecure is enabled for mobile and touch screen devicese based on the iOS, Android and Blackberry.
- One of the main features that helps PaySecure keep the data safe is the feature of Scramble. Scramble randomizes the way the PIN pad is displayed after every key press. This helps it against key locker softwares and malware that track key presses.
- Also the PIN collected is not stored by the merchant or the device. PaySecure records and encrypts the coordinates of each click.
- Another way that PaySecure delivers convenience is that the user does not have to leave the merchant page as PaySecure’s PIN pad is embedded in the merchants page itself.
Tel Aviv startup Riskified, was co-founded in 2012 by Assaf Feldman (CTO) and Eido Gal (CEO). In July 2013, the company received a funding of $1.6 Mn through investors Genesis Partners, Formation 8, Founder Collective, The Accelerator Group, T5 Capital and Entrée Capital.
According to a report from Visa, merchants globally are declining 5% of all transactions due to fear of fraud. Riskified’s independent study found that 80% of the supposedly high-risk orders are from legitimate customers who appear high risk to typical fraud detection systems and are blocked by them.
Riskified uses proxy detection, device finger printing, data enrichment through the social graph and entity linkage to classify transactions. “If someone has an IP location in France, a credit card in the U.K. and they are shipping to New York, this might be a red flag, but it could be a legitimate sale to someone who used to live in the U.K., now lives in France and is spending some time in the U.S.,” said Eido Gal. “We read the full story.”
- Riskified’s analysis is mostly done via the company’s automated system.
- It is supported by a staff of human financial and fraud detection experts.
- The company’s systems analyze declined transactions, filter out those from good prospective customers, and guarantee the transactions.
This ensures that merchants will not face charge-backs in case of a problem.
Scammers and phishers find a way to access your hard earned savings. In the case of the elderly this is quite true. True Link a Y Combinator funded Startup, planning to cash in on this unique business opportunity by targeting the elderly in the USA. True Link was launched in August, 2013 to help families avoid being scammed by equipiing prepaid Visa cards with personalize fraud protection.
On inquiring about the reason behind starting off this initiative, CEO Kai Stinchcombe said he saw a business opportunity arise from seeing his grandmother write about 75 checks a month for scammers posing as charities. Once a check is written by the elderly and processed by the bank, banks cannot refund the money back to the user.
- True Links wants to authorize any transactions initiated by the elderly so that the elderly don’t lose their savings money.
- All of the payments initiated go through a pre-paid True Link Visa card which has a user’s checking account details on it.
- True Link takes up the role of a pre-authorizer and approves or denies any transaction related requests.
True Link offers a custom credit card to the elderly that is free for usage in the first year and is charged $20 annually thereafter.