
Fight fraud frugally  - jasontan
http://blog.siftscience.com/prevent-ecommerce-fraud-frugally/
======
web007
Quick question if Sift is hanging out in these threads: Why would you use $val
arguments in your JSON API? It seems like nearly any other symbol would have
been a better choice, since PHP, Ruby, Perl and others use $ in string
interpolation.

Yes, developers should be smarter about escaping and using string values, but
this seems like a very easy thing to get wrong.

~~~
tehwebguy
Agreed, this was a huge pain using YouTube API v2 in PHP. Nothing crazy to
work around, but why when it's easy to avoid entirely?

------
rm999
Makes perfect sense for a couple reasons.

Machine learning based anti-fraud systems perform asymptotically better as you
get more variety and volume of data, and Sift can market it as such ("our
network consists of over X merchants"). The 100 dollars of free service they
are giving away is likely worth more to them in the data alone. The biggest
credit card fraud solution I know of markets itself as a better solution
because of its "consortium" of thousands of card issuers:
[http://brblog.typepad.com/files/falcon_scoring_srvr_2519ms.p...](http://brblog.typepad.com/files/falcon_scoring_srvr_2519ms.pdf)

This arrangement also lets Sift very naturally eases merchants into being
paying customers as they grow.

~~~
x0x0
This crucially depends on merchants being comfortable sharing data. Data coops
sometimes work and sometimes don't. I'd read the contract very carefully. And
even if everything is on the up-and-up now, as the purchase of ghostery by
evideon shows, it doesn't necessarily remain that way. For starters (and I
haven't read sift's contracts), people tend to purchase things in spurts.
Knowing someone just bought something on a merchant is incredibly valuable
data. Plus this is amazing data for retargeting; amazon has built an ad
business that is speculated to be well on the way to a $1B run rate [1]

[1] [http://www.forbes.com/sites/roberthof/2013/06/05/amazons-
ad-...](http://www.forbes.com/sites/roberthof/2013/06/05/amazons-ad-business-
suddenly-looks-real/)

------
finnh
I especially like the idea of watching the visitor's pageviews across the
entire site for clues to sketchy behavior. Is that a common feature of anti-
fraud systems, or something unique to Sift Science?

... and is that pageview information predictive, so far?

~~~
segmondy
common, not unique to sift science.

------
x0x0
I think it's an open question if there will be enough online merchants that
aren't {amazon, newegg, zappos} -- assuming that zappos has access to amazon
anti-fraud tech -- to build a business on. They're not the only ones gambling
there will be a large ecommerce ecosystem, but prime in particular has moved
my online purchasing nearly exclusively to amazon.

------
ToastyMallows
Doesn't a user that has Ghostery/NoScript render this completely useless?

~~~
lightcatcher
Former Sift intern here.

Sift Science also has both Javascript and server side APIs. See
[https://siftscience.com/docs/rest-api](https://siftscience.com/docs/rest-api)
for info on the REST API. This allows companies to send all relevant
transaction and behavioral data to Sift even for users who don't execute
Javascript.

------
shelltreader
This is spam. Their product isn't innovative or even interesting. They're not
doing anything new. Google Analytics and Microsoft's AdCenter give merchants
the same information.

~~~
lightcatcher
I don't know anything about Microsoft's AdCenter, but Google Analytics does
not do fraud prediction of any form as far as I know.

Assuming you're putting all of the relevant data into Google Analytics, how
would you query GA with a pending transaction and figure out the probability
that it is fraudulent? This is the sort of thing very few (or no) general
analytics products do, but is the domain of fraud prediction software.

