Hacker News new | comments | show | ask | jobs | submit login
Fight fraud frugally (siftscience.com)
57 points by jasontan 1487 days ago | hide | past | web | 13 comments | favorite

Quick question if Sift is hanging out in these threads: Why would you use $val arguments in your JSON API? It seems like nearly any other symbol would have been a better choice, since PHP, Ruby, Perl and others use $ in string interpolation.

Yes, developers should be smarter about escaping and using string values, but this seems like a very easy thing to get wrong.

Agreed, this was a huge pain using YouTube API v2 in PHP. Nothing crazy to work around, but why when it's easy to avoid entirely?

Makes perfect sense for a couple reasons.

Machine learning based anti-fraud systems perform asymptotically better as you get more variety and volume of data, and Sift can market it as such ("our network consists of over X merchants"). The 100 dollars of free service they are giving away is likely worth more to them in the data alone. The biggest credit card fraud solution I know of markets itself as a better solution because of its "consortium" of thousands of card issuers: http://brblog.typepad.com/files/falcon_scoring_srvr_2519ms.p...

This arrangement also lets Sift very naturally eases merchants into being paying customers as they grow.

This crucially depends on merchants being comfortable sharing data. Data coops sometimes work and sometimes don't. I'd read the contract very carefully. And even if everything is on the up-and-up now, as the purchase of ghostery by evideon shows, it doesn't necessarily remain that way. For starters (and I haven't read sift's contracts), people tend to purchase things in spurts. Knowing someone just bought something on a merchant is incredibly valuable data. Plus this is amazing data for retargeting; amazon has built an ad business that is speculated to be well on the way to a $1B run rate [1]

[1] http://www.forbes.com/sites/roberthof/2013/06/05/amazons-ad-...

I especially like the idea of watching the visitor's pageviews across the entire site for clues to sketchy behavior. Is that a common feature of anti-fraud systems, or something unique to Sift Science?

... and is that pageview information predictive, so far?

common, not unique to sift science.

I think it's an open question if there will be enough online merchants that aren't {amazon, newegg, zappos} -- assuming that zappos has access to amazon anti-fraud tech -- to build a business on. They're not the only ones gambling there will be a large ecommerce ecosystem, but prime in particular has moved my online purchasing nearly exclusively to amazon.

Doesn't a user that has Ghostery/NoScript render this completely useless?

Former Sift intern here.

Sift Science also has both Javascript and server side APIs. See https://siftscience.com/docs/rest-api for info on the REST API. This allows companies to send all relevant transaction and behavioral data to Sift even for users who don't execute Javascript.

Not sure how you would figure that...my take on Sift is that they utilize pattern recognition to determine risk level of a transaction for the seller. Basically, the goal is thwart fraudulent transactions before they get to delivery status.

EDIT: I just checked out what you mean, since Sift utilizes Javascript code for their api call to determine risk, I agree with you...it would render their pattern check ineffective for the Javascript api integration...they need to run server side code, which Sift offers in their REST API.

This is spam. Their product isn't innovative or even interesting. They're not doing anything new. Google Analytics and Microsoft's AdCenter give merchants the same information.

I don't know anything about Microsoft's AdCenter, but Google Analytics does not do fraud prediction of any form as far as I know.

Assuming you're putting all of the relevant data into Google Analytics, how would you query GA with a pending transaction and figure out the probability that it is fraudulent? This is the sort of thing very few (or no) general analytics products do, but is the domain of fraud prediction software.

How much does a premium membership of Google Analytics or AdCenter cost? For a small company, under 10k transactions for free is pretty much unbeatable.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact