For online marketplaces - “Trust & Safety” IS the value proposition
The COVID pandemic has had a significant impact on ecommerce in 2020. With lockdowns becoming the norm, most businesses and consumers “went digital”, purchasing more goods and services online, raising ecommerce’s share of global retail trade from 14% in 2019 to about 17% in 2020. The relentless disruption was felt across nearly every vertical, making it easier for fraudsters to slip through the hands of trust and safety teams, stretched thin by surging online traffic and unpredictable consumer spending patterns. For online marketplaces fraud rates increased by 67% & fraudulent order value by 20% Y/Y in 2020.
While ecommerce has gone omni-channel, brands are facing challenges with BOPIS/curb-side pickups, as fraudsters pickup illegitimate orders (especially when it comes to small stores). Gift cards is another area where consumers lost ~$80M in Q3 2020 alone in the US (Source: US-FTC). While consumers understand these challenges, they are quick to accept the responsibility but “not the blame”.
Source: sift.com
So, if you are a global/local marketplace, there is one team you never see in the spotlight. These are actually the unsung heroes managing the battlefield- the “Trust & Safety Team” — triangulating IP addresses & GPS data to identifying fraudulent seller/buyer behaviour, identifying IP clusters showing a certain buyer behaviour, buyers with multiple ID’s trying to take advantage of a FT/RB offer for high value transactions, credit card transactions beyond a certain value, fraudulent claims by sellers/buyers (cost of which finally needs to be borne by the marketplace). Imagine doing this at a global level- then you require marketplace safety experts by country — especially when you need to identify false positives or manage regulatory and cultural nuances. Some marketplaces capture these as “Best Practices” so that the learnings can be replicated more easily across geographies.
Primarily three key elements play a significant role for Trust & Safety teams and define the success/failure of these teams:
· Experience & Expertise (People): How well do you understand the platform, systems & processes & how many years you have managed such processes. The experience is important- especially when there are known gaps in the platform which have still not been addressed by technology.
· Risk Analytics: As the marketplace matures- it becomes easier to capture key learnings into an analytics model, so that risk assessment become easier. The experience & expertise also are critical in this stage, as raw analytics, will show exception cases/false positives — and manual decisions has to be made when exceptions arise.
· Technology: How well is the product team enabled to understand marketplace risks and prioritise development- basis risks and costs associated with the same? With limited resources “prioritisation” becomes a key.
The areas of work for the “Trust and Safety” teams are generally divided into 4 pillars: Payments, Platform Integrity, Product Authenticity & Privacy Protection.
PAYMENTS
Payment related frauds can further be classified as seller & buyer frauds. The technology changes might involve the core platform, the transaction workflows or adding fresh elements to the risk platform.
Payments Frauds (Buyers): Did you know,
1. Visa/Mastercard Credit cards issued outside India (specific countries) can’t be used to make transactions of Indian marketplaces.
2. Cash on Delivery (COD) generally has a limit of INR 50,000 and might not be available to all customers across India.
3. Most credit cards have a “Total Credit Limit” & “Available Credit Limit”, hence for any online transaction you cannot spend beyond your available limit. There are other limit based restrictions too on your online credit/debit cards, which users are not aware (done mostly for safety & security of your online transactions).
4. Most times “Pay Later” offers block the money as a loan in your bank account. You could probably see the same in your CIBIL data as a “bank loan”.
Imagine with all these complexities we have 2 teams in the marketplace — GROWTH teams (trying to increase GMV, conversions and add new FT customers) vs. RISK teams (trying to maintain the financial integrity of the platform for all stakeholders). The best way to address this is to get both the teams in a room- before the launch of a campaign. Some marketplaces keep the GROWTH & RISK teams in silos, so that the RISK team is seen as impartial to any stakeholder- but, I have generally seen it to be counterproductive.
Most risk teams will follow the below steps:
1. Identity minimum elements to be collected to keeps fraudulent transactions under check.
2. Set manual riders for risk filters to remove “False Positives”.
3. Create a A/B testing model (workflow) for high risk vs. low-risk customers & incorporate learnings in the business flow.
While larger marketplaces will do most of these in-house, a lot of payment providers also provide services for risk assessment which can be easily outsourced. This will also ensure reduction in friction in payment flows.
Source: sift.com
Payments Frauds (Sellers): Did you know,
1. Regulatory compliance requires proper seller identification (address proof, bank details, social security # or Aadhar/PAN/GSTIN #). I still remember our marketplace transition to GSTIN and getting sellers to update their GSTIN # while ensuring VALID PAN # for his business. Being an open marketplace, a big chunk of sellers where “mom & pop” sellers, unlike professional sellers you find in most marketplaces now. Most sellers were on a learning curve & tried to enter wrong GSTIN# for business continuity, and am you will get a hang of how the problem was solved, from the example below.
2. The risk with sellers is 10x higher than buyers- especially when you enter new markets. Fraudsters make good of lack of knowledge amongst marketplaces to do a lot of payment frauds.
3. There are possibilities of seller frauds — supported by internal teams (sourcing, onboarding, seller management) in the marketplace. Some of these go unnoticed for long periods of time and cost the marketplace millions of dollars.
To overcome these challenges, a lot of marketplaces use onboarding partners to do the initial document & business verification (at times physical verification).
PLATFORM INTEGRITY
These frauds are slightly more technical and might involve bots, spam, a little bit of social engineering, SIM-Swapping and account takeover (ATO) on both buyer and seller accounts. For ATO (especially sellers), in open marketplaces we used to realize that the culprit would generally be an ex-employee who used to manage the marketplace account for the seller & ended up with a dispute with his employer.
There could be multiple models to control these frauds:
1. Sentiment Analysis: look for content in articles, social media posts, tweets, etc. Use algorithms to mark the content as +ve, -ve or neutral. This helps easy classification of seller & buyer risk profiles.
2. Reputation Data: This data is primarily internal/external to the platform pertaining to the reputation of the seller/buyers. Some marketplaces leverage 3rd party tools for seller verification (e.g. CIBIL Scores for financial reputation). This helps especially in open marketplaces, as sellers try to come back with a new name or address.
3. Marketplace Rules: most marketplaces have rules/policies to define a “fraudulent action”. These rules are easily deployed as SQL queries. The rules are verified for compliance & a weighted score applied. If the aggregate score is above/below a certain threshold the seller/buyer is classified as “fraudulent”. The moot point is that these rules have to be “dynamic” as fraudsters learn the game the system very fast, so you should be in a position to change the rules as new scenarios appear.
4. IP Triangulation with GPS data to identify risky sellers/buyers.
PRODUCT AUTHENTICITY- “FAKES” (Sellers):
Most e-commerce sites understand how to authenticate customers and to verify that their payment credentials are legitimate and legitimately theirs. But how much effort is spent making sure that third-party provided products are everything that they are supposed to be? 85% of consumers trust online reviews as much as personal recommendations from family and friends. Add in sellers willing to pay for (buy) that “faith”, and a profitable ecosystem of inauthenticity is born — leaving users with no concrete information about what they’re buying or who they’re buying it from.
Imagine this- In 2020, Amazon destroyed more than 2 million products that were sent to its fulfilment centers and that it detected as counterfeit before being sent to a customer. Amazon blocked more than 10 billion suspected bad listings before they were published in its stores. Robert Handfield, a North Carolina State University professor who has studied Amazon’s counterfeiting problem says, roughly 80% of counterfeits that enter the United States come out of China and Hong Kong. Interestingly the problem is not limited to fakes in high value items (luxury) but, has now got into having fake versions of relatively inexpensive household goods (soaps & toiletries)
Marketplaces, while acknowledging the problem have been slow to implement strong policies to manage this & refer to their role as “intermediaries” when it comes to consumer complaints & enforcement agencies. Amazon has “Project Zero” and even eBay has a long time “VERO” program. The problems with most marketplace programs is that, they make the “Brand Accountable” of the counterfeit issue. The role of the marketplace is that of an “intermediary” — they just blacklist the sellers and removes their listings from the platform- problem solved!!
PRIVACY PROTECTION
This is the last pillar of the “Trust & Safety Model” for a marketplace. From both a buyer & seller perspective, marketplaces collect a lot of PII (Personally identifiable information) data — which needs to be handled as per regulatory conditions in the respective markets (e.g., GDPR for EU). Outside of PII, marketplaces also capture credit cards, bank, tax, location, PAN, GSTIN and AADHAR data. The dark web is a perfect place where you will find most of the data easily available, if any marketplace data has been breached. Also, this brings in attention from regulatory authorities including financial & reputation risks. Hence, it is important that marketplaces have strong data handling practices from onboarding of customers to their off-boarding.
Each of the 4 pillars have cost associated with them- so marketplaces prioritise the same basis cost to the business, regulatory needs and resources available. Sometimes the cost of resolution/solving the problem are way higher vs. cost to the business or resources available — marketplaces do have to make a decision of letting go off “small fish” to catch the “big fish”. A lot of times this is defined basis ecommerce transaction value (≤ predetermined value) which gets coded in the marketplace rules/queries and is assumed as a risk associated with the “cost of doing business”.
To conclude, elements of trust & safety above are not limited to marketplaces but are applicable to most organisations that are taking their businesses online. The core reason why “Trust & Safety” is fundamental to the existence of the marketplace is due to their role as “intermediaries” i.e. ensuring both the buyers and sellers interact safely.
For a true marketplace- “Trust and Safety” IS the value proposition.
Pankaj Ukey
About the author: The author is an online marketplaces, retail and omni-channel consultant. He was the former Chief Operating Officer at Fawaz Alhokair Group, Saudi Arabia and helped build their Omni-channel Fashion Marketplace. He has 25+ years of experience across FMCG, IT/ITES, Ecommerce & Startups like Nestle, Microsoft, eBay & Flipkart. You can follow him on LinkedIn.
