X

The national telecommunication company, which provides over 30 different web services to employees and customers, needed to improve load balancing and guarantee service availability. With a large number of web applications running and high daily network traffic, they needed more control of the application process and ensure continuity during all migration phases. The IT infrastructure of the company is constantly evolving every 18 months, requiring them to modify their solutions to adapt to the demands of their customers. They needed a solution that offered scalability and the opportunity to grow on demand.

Produban, one of the largest banks in Mexico, was facing a significant challenge as their business expanded. They needed an on-demand solution for computing resources and processing power. They required a flexible application delivery solution to deploy their online banking business and provide load balancing capabilities in the data center. While cost was very important to Produban, the solution also needed to provide a quick install with minimal service disruption for its clients. Internet banking is one of Produban’s most important business channels, handling more than 1.5 million transactions per hour and 300K concurrent users. In order to eliminate these challenges and ensure application availability for their customers, Produban pursued solutions from some of the industry’s top security companies.

Traveloka, a leading platform for booking flights and hotels in Southeast Asia, was facing two main types of abuse: payment fraud from stolen credit cards and account takeover (ATO) from stolen credentials and social engineering schemes. Both these problems led to financial loss and, more importantly, damaged user trust and brand reputation. Traveloka had an internal team dedicated to fraud and risk, developing a series of elaborate fraud rules that attempted to provide an automated first screening of all orders. However, as the range of customers on the site changed, Traveloka’s rules-based system couldn’t keep up. They experienced many false positives that were blocking good customers and their orders, leading to poor customer experience. On the ATO side, static rules were missing a lot of cases, weren’t able to adapt quickly enough to emerging trends, and resulted in a lot of false positives, blocking legitimate users from accessing the site.

Travelmob, a social marketplace for travellers, was facing a growing trend of fake listings on its site. Bad users were posing as legitimate hosts, posting photos of properties they didn’t own, and trying to con unsuspecting guests into making their payment offsite. This was negatively impacting the customer experience and the company's brand image. Additionally, the company was also dealing with credit card fraud that was resulting in costly chargebacks. Initially, Travelmob began by manually reviewing new listings and booking requests, but this approach was not scalable and fraud was slipping through the cracks. Building dedicated internal tools for fighting fraud would require time and resources that they couldn’t spare, and anything they created internally couldn’t adequately address the complexity of fraud.

Logitravel, an online travel agency, was facing a significant challenge with fraud as they expanded into new markets. They were vulnerable to various types of fraud, including organized crime fraud rings, friendly fraud in contested ticket sales, and phishing and account takeover. Their existing third-party rules-based fraud solution was unable to keep up with their growing business and evolving markets. After a particularly destructive barrage of fraud, they realized they needed a more robust and scalable solution.

Remitly, a company that enables customers to transfer money internationally, was facing a significant challenge with fraud. As the company expanded its services in the Philippines, fraud activity increased. The company's risk team, despite having several years of fraud investigator experience, was overwhelmed with the volume of data they had to review. They had set up 80-100 rules to capture suspicious activity, but scaling was proving to be a challenge. The system they were using was also incapable of learning from the company's data.

Everything But the House (EBTH) was facing a challenge with fraudulent bids on their online estate sale platform. Fraudulent activities included users bidding with stolen credit card information or without any real intention to complete their purchase. This not only delayed profits for the sellers but also potentially lowered the selling price of the items when they had to be relisted. The continuous occurrence of fraud could lead to customers questioning the integrity of the site. EBTH was using a tool that sent identifiable information about bidders to its servers, but it was reactionary and didn't offer any proactive notifications. Therefore, the company started looking for solutions that could detect and prevent fraud proactively.

Touch of Modern, an online destination for curated designer products, was facing an increasing amount of fraud as the company grew. Initially, the company simply absorbed the cost of any chargebacks due to fraud, but this approach was not scalable. The company's customer service team had a very limited window to stop fraud, between processing an order and shipping it. They needed a solution that could accurately stop fraud without blocking legitimate users. The solution also needed to scale with their business, integrate with their internal systems, and automate decision-making to ensure quick processing and fulfillment times.

Shippo, a B2B shipping API provider, was facing a significant challenge with fraud. The company's business model, which allows users to create multiple shipping labels before having to pay, made it a target for fraudsters. The majority of the fraud fell into two categories: users who sign up with a fake email address and use a stolen credit card number, and users who create labels, hit the threshold, and then create a new account to avoid paying their invoices. In both cases, Shippo lost money – either from chargebacks from the accounts with stolen credit card numbers or lost revenue from the unpaid invoices. The company needed a solution that could preemptively identify account abuse and prevent users with stolen credentials from purchasing.

KSL.com, a user-driven platform of both buyers and sellers, was suffering from an existential problem due to a growing percentage of fraudulent postings. Bad users were scamming legitimate users from all sides: publishing fake listings, taking over legitimate customer accounts, and running scams from hijacked accounts. Malicious users were also harassing the sellers of real listings, trying to scam them out of their goods and services. The main challenge Eric faced was not only finding and eliminating existing fraud, but also blocking bad users as they tried to re-access the site after one device or account was banned. KSL needed the ability to autoban bad users and repeat offenders. Fighting an imposing fraud rate of 75-80% in some of the more popular sections of the site, KSL’s sole fraud analyst wasn’t able to keep up with the demands placed on their internal fraud tools and manual review process.

Zoosk, a leading online dating company, was facing challenges with fraudulent users who were spoiling the experience for legitimate ones. The company was already working to reduce friendly fraud and payments fraud on the site. However, the real-time nature of Zoosk’s service and their ever-expanding user base meant that the company needed a solution that could adapt instantly and scale as their business grew. The existing tools and processes used by the dedicated team tasked with tackling fraud for Zoosk were not sufficient to meet these needs.

iwantmyname, a global domain name registrar, was facing a significant challenge with fraud. The company was losing 2% of its revenue to fraudulent activities, which was unsustainable given the competitive nature of the industry. The process of detecting fraud was entirely manual, with two of the co-founders checking every single transaction for suspicious signals. This was not only time-consuming but also led to the company blocking all users from countries with high levels of fraud, negatively impacting their business. The company was missing out on revenue from legitimate customers in these countries and existing customers traveling in these countries faced extra hassle with their accounts. The team was spending as much as 30% of their time managing fraud, time that could have been better spent on growing the business and improving customer experience.

Purse, a San Francisco-based company, is working to create the world’s largest online marketplace using bitcoin. They offer the lowest prices and fast, frictionless commerce, processing millions in bitcoins every month. However, they faced a unique challenge with payment fraud. Since bitcoin transactions are final and irreversible, Purse had to detect and remove malicious actors attempting to game their bitcoin escrow system by purchasing items for Purse shoppers with fraudulent/hacked Amazon accounts. Initially, they combated fraud with internal tools, requiring three full-time support staff committed to fraud management and review. However, this was unscalable as the site grew.

Patreon’s work connecting fans with creators poses unique challenges, particularly around content, account, and payment fraud. Because their platform relies on the instantaneous transfer of funds – unlike in a traditional e-commerce model where a purchased good can be held while cardholder identity is verified – it is imperative to prevent payment fraud before it occurs. Payment fraud for Patreon comes in the form of either money laundering or traditional credit card fraud – and almost always, there are stolen credit card credentials at play. As their global reach grew, chargebacks and their resulting fees began to rise as well. In addition, manual review of listings and shared content was not keeping up with the rapidly expanding platform community. Patreon, a young and agile company with no fraud prevention measures in place, needed a content abuse and fraud solution that could scale with the business and would ensure the user experience remained seamless.

Creative Market, a San Francisco-based design marketplace, has a broad and continually expanding community. Their users vary from big corporate purchasers to independent freelancers, but they all shop through one-click checkout. This simple checkout means less friction, but it also opens the door to payment fraud. As the marketplace grew, payment fraud crept onto the platform. Although the teams originally built an internal rules-based fraud management system to combat the growing threat of fraudsters, their commitment to keeping the marketplace safe meant they wanted to get ahead of fraud and keep their chargeback rate low.

Wanelo, a global marketplace for Gen Z, was facing a significant challenge with spammers and scammers. As the company evolved from a social shopping site to a marketplace, it started experiencing payments fraud. The fraud showed up in the form of disputes, with both friendly and scammy customers demanding 'charge not authorized' chargebacks. Nearly 70% of their chargebacks could be attributed to friendly fraud, which was a unique challenge to address because such customers often look like good and valuable users – until they decide that they don’t want to pay. Wanelo’s job then was to convince the bank that the customer is committing chargeback fraud. As more fraudsters attempted bad activity and Wanelo’s chargeback rate crept up to 0.87% – including friendly fraud – Courtney Bode, Marketplace Operations Manager, turned to the system that had worked so effectively for the social side of the company.

StackCommerce, a leading native commerce platform, was dealing with a significant amount of fraud involving purchases made using stolen credit cards. The most impactful type of fraud was the loss of digital goods that are distributed instantly. This not only hurt cardholders but also the merchants. StackCommerce needed to stop these transactions as quickly as possible and sought a solution that could prevent them in the first place. They were using a legacy, rules-based solution that didn’t include any machine learning. As the company’s order volume grew, they discovered the shortcomings of rules-based systems: they don’t learn and they don’t scale. The team found themselves reviewing hundreds – or even thousands – of orders per day, and fraud review became unmanageable.

As dbrand's business grew, so did the number of fraudsters creeping onto their site. The majority of the fraud they experienced was from bad users purchasing goods using stolen credit cards. The resulting chargebacks were costly, not only due to the high-quality product that was lost, the sale that was refunded, or the bank-levied chargeback fees, but also the hours of manual review and headaches that the fraud caused. Even as their chargeback rate reached a high of 2.18% in a single month and 4 customer service employees became dedicated fraud management experts, fraudsters continued to slip past their defenses. To mitigate the impact of fraud on their bottom line and brand, dbrand sought a smarter and more scalable solution.

A few months after launching their business, Harry’s started considering the need for a proactive, scalable solution to put into place before fraud became a larger problem. Being a trustworthy site is critical to Harry’s business model and core beliefs, so getting the jump on fraud before it became a deep-rooted issue was essential. Harry’s did see some fraud, mainly in the forms of promo abuse, payment abuse, account abuse, and friendly fraud. Resellers would make fake accounts to buy large quantities of blades and sell them them at a profit online, while other fraudsters would use Harry’s for stolen credit card testing. Some returning customers would try to game the system by canceling their subscription after having received product. Harry’s needed a solution that wouldn’t just stop all of these types of fraud, but would teach their fraud team about the tactics of bad users.

Destinia, a Spain-based online travel agency, faced challenges with payment fraud, fraud rings, and occasional friendly fraud due to the global nature of its offerings. The quick access to flights, hotels, and other digital bookings made manual review unscalable, as the team had a narrow window to investigate hundreds of suspicious orders daily. When chargebacks did hit, it often took over two months for the fees to appear in Destinia’s books, affecting analytics. To prevent chargebacks, rather than simply respond to them, Destinia felt that it was necessary to invest in a solution that required less hands-on maintenance and increased the team’s efficiency.

Etix, the largest independent ticketing company in North America, was facing a growing problem of fraudulent transactions as their online and mobile business scaled. These fraudulent transactions resulted in chargebacks, costing the company money and the invaluable time of fraud analysts who had to respond to fraud attempts. The challenge of discovering fraud through manual review was daunting and unsustainable. Chargebacks often were not reported until after events, making it even more difficult to track and prevent fraud. Etix needed a solution that could respond in real time to potential fraud and prevent fraudulent orders before they were processed.

GetYourGuide, an online platform that connects travelers to experiences, was facing a significant increase in fraud as the range of attractions offered on the site and the number of daily transactions grew. Chargebacks from card-not-present fraud and fraudsters using last minute bookings for nonrefundable products began to impact GetYourGuide’s bottom line. To combat fraud, GetYourGuide’s lean team started manually reviewing suspicious transactions. But this cumbersome process did little to reduce their fraud, and chargebacks remained debilitatingly common. With GetYourGuide, customers had the ability to purchase tickets minutes before walking into an event; this miniscule window of time made scalable and efficient manual review impossible. Even worse, GetYourGuide’s imprecise system for flagging and blocking suspicious transactions produced a high false positive rate. Honest users, frustrated and inconvenienced by slow service, began to complain.

Curve, a company that offers a smart bank card that combines all your cards in one, was facing a growing threat of fraud due to its rapidly expanding customer base. The ability to quickly add new cards with the Curve app and then use them within moments was of particular interest to malicious users who tried to circumvent Curve’s many layers of account authentication. This resulted in expensive manual resources for fraud reviews and chargeback management. As the business was growing at a fast pace, Curve needed a solution to preemptively knock out the growing threat of fraud.

Cozy, a startup that offers a platform to streamline interactions between property managers and renters, was facing a significant challenge with fraud. With listings and renters in 13,000 cities nationwide, the company was experiencing both payment fraud and content abuse in the form of fake rental listings. Fraudsters were using fake rentals to ask for wire deposits from unsuspecting renters. As the company expanded its payment options beyond ACH to credit card, the problem only grew. Cozy needed a solution that could keep up with their wide user base and prevent fraud before it resulted in losses.

ChowNow, an online ordering platform for restaurants, was facing a growing problem of fraud. As the business expanded, so did the losses from chargebacks, which had grown to 1% of revenue. Fraudsters were actively sharing tips on how to defraud ChowNow, and certain locations like Miami, Atlanta, New York, and Chicago emerged as significant sources of fraud. This situation was discouraging growth in large markets. The company was spending an increasing amount of time fighting chargebacks, and was considering hiring a full-time team to tackle the problem. As a growing business, ChowNow didn’t want to restrict sales or spend too much on fraud operations, but couldn’t continue operating with growing revenue loss.

Couchsurfing, a global travel marketplace, was facing challenges with fraudulent content and repeat offenders on their platform. The company operates on a currency of trust, and fake accounts and spammy content were affecting the experience for legitimate users. These issues could involve phishing, malicious comments, or further risk when linked to offline schemes. Couchsurfing had built in-house tools to combat these issues, but they were clunky, led to lots of manual review, and became outdated quickly. They needed a solution that could address a variety of bad content, malicious users, and returning users who were hiding their identity after being banned. Furthermore, there was no way to proactively improve safety for the community by preventing these bad users from creating fraudulent content.

Universe.com, a global events marketplace, was experiencing an increase in fraudulent listings and spambot attacks as it expanded to over 3 million active users worldwide. The volume of event listings, hosts, and users was increasing rapidly, escalating the risks and potential impact of spam, scams, and other fraudulent activity. The attacks were becoming more sophisticated and harder to address. A major client's event was attacked, which was a pivotal moment for Universe. They didn't want customers to hesitate to host major events for fear of attacks. The fraud team was constantly playing catch up. If a fraudulent event was posted or a spambot started messaging thousands of users, the team would only find out about it once it was too late. Each attack meant multiple developers would have to drop what they were working on to address the issue in time.

Skillshare, an online learning community, was facing issues with fraud, fake accounts, and spam. Teachers were creating fake student accounts and watching their own classes to increase their earnings. The company also discovered collusion between teachers and students, with fraudsters using stolen credit cards to create many fake student accounts, and then redeeming the same teacher referral code across those accounts to get the fraudulent teacher referral bonuses. Fraudsters were also using Skillshare to engage in SEO spam by creating landing pages on the platform for products they were selling. This was risky as the landing pages could take users off-platform to questionable sites, and it was also detrimental to Skillshare’s reputation. Skillshare’s fraud management was primarily via SQL queries, and these schemes were only discovered after they had already happened. They needed a way to proactively detect and remove networks of colluding users, and to keep SEO spammers off of the platform.

Rently, a company that simplifies the process of finding and showing new homes for both renters and property managers, was facing a significant challenge with fraud. Fraudsters were using fake IDs and selfies found on the internet to bypass Rently’s identification verification process. The company also started experiencing account takeover (ATO); fraudsters were taking over property manager accounts to change property pricing and availability, and provide access to the unit to unauthorized individuals. Without automation, catching ATO in real time during manual reviews proved incredibly difficult. They had a rules-based system in place that was catching some fraud, but wasn’t able to keep up with fraudsters getting smarter and finding ways around those rules to get onto the platform. Rently needed a solution that could automate decisions and proactively detect fraud, rather than continue to react to fraud after an incident had occurred.

Turo, a car sharing marketplace, implemented Sift in 2013 for payment protection. As they grew, they saw account takeover (ATO) becoming a widespread, industry-agnostic issue and took proactive measures to maintain the security of their community. To prevent ATO, Turo required users to verify their identity when logging into an aged account, including resetting the account password. This process created serious friction for the user and a lot of time spent on manual password resets and identity verification for the fraud team. The team was also manually reviewing every user to stave off ATO, labeling thousands of events every day in order to stay on top of their increase in activity. It took 100+ hours of manual operations a week to effectively defend against ATO attempts. Turo needed a way to introduce friction for malicious users, maintain a seamless experience for good users, and spend less time managing fraud.