Every growing marketplace goes through stages as they make the journey from startup to profitable large company. Each of those stages brings with it different requirements for risk protection. At first, a marketplace’s emphasis is on onboarding users. Marketplaces typically start by onboarding suppliers, while the demand side grows more gradually. Because they start off small, most marketplace companies need a minimal risk toolkit in the beginning, which are mostly built with in-house signals. This generally includes basic email and phone verification using a one-time passcode (OTP).
Once the platforms begin to scale, so do the risks. As the biggest metric of success, users are critical. But as the company grows, so does the need to protect those users from fraudsters and the company from account abuse. Now, in order to maintain their user base—and continue growth—the marketplace needs to reduce risk without negatively impacting the customer experience.
Growth-stage marketplaces need a more robust risk toolkit to handle the increase in fraud. They typically build that risk toolkit out of the following categories of solutions:
IP/Device Identification
Tools that allow companies to identify the IP address and device ID of the user.
- IP address is generally used to detect proxy risk (for example, if a user’s billing address is thousands of miles from the IP address they’re logging in from).
- Device ID is constructed based on attributes of the phone, tablet, or computer which can then be associated with a specific person or account.
Checking for these signals can effectively help companies avoid broad-based attacks, but aren’t as effective for targeted schemes. Additionally, device collisions can be a big challenge as many devices look the same.
Data Validation and Verification
These services enrich sign-up data provided by users to assess risk. They work by validating that the data is accurate and verifying users by identifying linkages between data points (such as name-to-phone and name-to-email).
To get the most benefit from a data validation and verification service, look for these features:
- Flexible search types
- Comprehensive identity data coverage
- Global data
- Speed of search response
Two Factor Authentication
Generally one of the first fraud deterrents a marketplace puts in place is two factor authentication (2FA) that requires a customer to use a secondary communication platform to verify the customer has possession of the contact point they claimed. Generally this takes the form of a text message code or a link in an email.
However, 2FA can be skirted with the use of burner phones and throw-away emails. Discouraging those workarounds requires added verification. Additionally, delivery rates are crucial to user experience when it comes to 2FA.
KYC/AML
Know your customer (KYC) and anti money laundering (AML) checks are required for regulatory compliance when dealing with financial payments and transactions. These checks verify that the customer’s name, birthday, address, and Social Security number all match—but this data can easily be purchased on the black market, so additional verification is required.
With KYC/AML checks, marketplaces also need to balance the cost and friction to users with their effectiveness in improving trust and safety of their platform.
Document/Selfie
Marketplaces can also require customers to take a selfie which is then matched against a drivers license or other government paperwork in order to verify their identity.
The user friction and cost goes up with this method, but so does the security.
Background/Criminal Check
Some marketplaces require a background or criminal check, particularly for suppliers of services like house cleaning or childcare. This is generally a standard criminal background report that searches county databases, and is typically done via API.
The turnaround time for a background check can be hours or days, and the price can be unrealistic for large-scale growth on the demand side. Additionally, lightweight verification is still needed for the demand side.
Building your Risk Toolkit
Any one of these solutions isn’t enough to effectively fight fraud on a marketplace platform, which is why growing marketplace companies need to create a toolkit that works together to meet their objectives.
Learn how Ekata’s data validation and identity verification services work with the other aspects of your risk toolkit to help you decrease fraudulent sign-ups.
