The Fraud Defense Triangle of Sadness

The Fraud Defense Triangle of Sadness

People can be complex and messy, so there’s some general acceptance that businesses inherit some of this complexity and messiness.?

Something special happens when you start to see the same patterns emerge over and over again from multiple perspectives, it starts to become clear that you’re not witnessing chaos, you’re actually seeing lots of people who are trying their best, but are stuck in a flawed system. That’s what occurred to Patrick, Matt, and I during our careers, so we designed technology and built a whole company around upending that flawed system. More on this later.

We asked our customers to reconstruct their journey of discovery from the system they lived with before they adopted our platform, and how they would describe it now that they're on the other side of it. Distilling that, I feel comfortable giving the old system a name and explaining why we’re all-in on taking it down.

The Fraud Defense Triangle of Sadness

Let’s categorize three key groups of people involved in online fraud defense:

No alt text provided for this image

  • The tech team that owns technical delivery of a company's online experience.
  • The fraud team that builds the strategy and operations that keep that experience safe and profitable.
  • The fraud vendors that deliver specialized services, like identity verification, transaction risk modeling, device fingerprinting, consortium data, etc.

Ideally, this creates an environment where these three groups harmoniously contribute to an outcome that creates amazing online experiences. On paper, this is how it should work.

In reality, each of these groups have outside forces that keep them from being stable partners to the other two:

Tech teams deal with a massive amount of competing priorities

No alt text provided for this image

Managing fraud defense technology requests generally makes up less than 5% of a technology group’s focus, despite it driving millions to the top and bottom lines of an online business.?

In addition, the data, integrations, and tools they need are scattered across a broad collection of backend systems. Coordinating the teams that own these systems to agree on and prioritize new work is incredibly complex and time consuming.

Fraud teams deal with constantly changing business needs

No alt text provided for this image

As the business launches new products, new marketing campaigns, updated policies, or reacts to evolving abuse patterns and shifting market trends, fraud teams need to respond to new requirements in order to unblock new revenue, take pressure off of operations teams, and save the bottom line. This creates a constant stream of new requirements.

Fraud vendors deal with a constantly changing threat landscape

No alt text provided for this image

As fraud solutions pick up steam, attackers get incentivized to pressure test for gaps, reverse-engineer how defenses work, and ultimately circumvent these controls. Fraud vendors need to constantly review their integration points, ingest additional data, and undergo periodic integration refreshes as attacker tactics and the online experience constantly evolve.


This leads to the broken system that virtually every major online brand finds itself in:

The Fraud Defense Triangle of Sadness

No alt text provided for this image

  • The embattled tech team can’t prioritize the support the fraud team needs, what they can prioritize takes months of planning to execute on despite the fraud team’s need to stay on top of business needs that can change in hours. As an additional casualty, what fraud vendors can get integrated are generally done with trade-offs for speed and simplicity instead of comprehensiveness. And even these integrations are rarely maintained or updated despite the need to continually adjust coverage of the company’s online risk surface.
  • The fraud team, operating with whatever support the tech team can spare, has to find a way forward with vendors who perform well-enough out of the gate, but performance decays as attack tactics and business needs shift.
  • The fraud vendor does everything in their power to keep delivering value to the company, but they’re so reliant on deep support from both the tech and fraud teams that they’re largely at the mercy of those teams to make the time and resource investments to help them understand why they’re not performing. That takes personal commitments from the leaders of those teams, and those arrangements aren’t long term propositions in an industry where professionals change jobs every 3-5 years. When a new fraud team or tech team leader is asked to make the budget justification to re-implement a fraud vendor their predecessor brought in, more often than not they’ll instead choose to switch to try a new fraud vendor.

So when you ask the big questions in this industry, like…

“Why have online fraud losses ballooned to $48B a year, almost tripling since the pandemic?”
“Why hasn’t there been a multi-billion dollar fraud vendor that solves fraud forever with AI models/federated identity/consortium data/etc.?”
“Why are online brands spending a combined $180B fighting a losing battle against online fraud?”

… I point to the Fraud Defense Triangle of Sadness and reply...

“This, this, 1,000,000 times. This.”

We built Spec to destroy the Fraud Defense Triangle of Sadness

The challenges facing these teams won’t change, so we built a platform to simplify how each team manages their unique challenges.

No alt text provided for this image

We imagined a world where these teams collaborate on fraud defense in a fundamentally different environment:

  • Tech teams get a unified risk infrastructure that enables fraud teams to self-service the technology adjustments they need to satisfy changing business needs.
  • Fraud teams get the ability to instantly access and adjust the data, integrations, and tools they rely on to deliver amazing online experiences.
  • Fraud vendors eliminate dependency on embattled tech teams and connect fraud teams to the full potential of their product’s value instantly.

We built Spec because we didn’t want to live in the Triangle of Sadness any longer, and frankly some of our favorite people were living in it alongside us. Now that Spec is out there in the wild, teams and vendors using the platform are getting some of the best work of their lives done with a fraction of the time, stress, and effort, which also happens to drive amazing outcomes for the brands they work for.?

Andrew Austin

Head of Fraud Prevention @ Sardine ??

1 年

Are we going to start getting the Nate Kharrl WOTD?

要查看或添加评论,请登录

Nate Kharrl的更多文章

社区洞察

其他会员也浏览了