Sift Science Uses Machine Learning to Weed Out Credit Card Fraud
(Page 2 of 2)
A variety of signals influence the risk score, and they’re different for each Sift customer, Tan says. At Uber, for example, the score might depend in part on where a driver picks up a customer; some neighborhoods generate more fraud than others. At Airbnb, the more nights a customer books, the higher the likelihood that the transaction is fraudulent. (Both companies are actual Sift customers.)
At an e-commerce site, a user who goes straight to the checkout page several times in a row, without stopping to browse, might be flagged. So would one who asks for next-day shipping, or gives a shipping address that’s far away from the billing address (like Vietnam and Kansas).
Sift can also use certain clues to identify individual computers involved in past chargebacks and flag all transactions coming from those machines. And because Sift saves what it learns in a central database, there’s a network effect for the company’s clients; an individual customer who’s flagged as suspicious on Uber might also be flagged at Airbnb, if he were to use the same device, e-mail address, or credit card number.
If a risk score is high enough—say, above 90—Sift will automatically recommend that a transaction be canceled and the user banned. But in the gray area between 70 and 90, Sift doesn’t reject suspicious transactions, instead flagging them so a human reviewer can investigate more closely.
In theory, the scores get more accurate over time as reviewers confirm or contradict the software’s suspicions. “Humans are actually really good” at sensing a telltale combination of fraud signals, Tan says. “It creates this feedback loop between human intelligence and machine intelligence.”
One limitation of rules-based fraud reduction systems is that there’s no gray zone, meaning a certain number of good transactions will be canceled. In e-commerce, Tan says, these false positives “are really bad,” leading not just to lost revenue but also to angry customers. The big benefit of a system like Sift Science’s, he says, is that it can reduce false positives, while allowing human reviewers to ignore the low-risk transactions and focus on the toughest cases.
When I interviewed Tan in late April, the company had already signed up several hundred companies to use its system. The service is free for up to 10,000 transactions per month. Between the 10,000- and 20,000-per-month levels, the company charges 2 cents per risk score; above that, it’s 1 cent per score.
RSA’s 2012 acquisition of fraud detection startup Silver Tail Systems for $230 million is a “promising sign” that Sift Science chose a hot market to enter, Tan says. “Fraud is the type of problem that can kill a business,” he says. “If you are about to get killed, you will pay whatever it takes to stop that threat.”