Get your free personalized podcast brief
We scan new podcasts and send you the top 5 insights daily.
Businesses and financial institutions intentionally accept a certain level of fraud. The friction required to eliminate it entirely would block too many legitimate transactions, ultimately costing more in lost revenue (lower conversion) than the fraud itself. It is a calculated trade-off between security and usability.
Related Insights
Unlike banks that react to fraud, Palmer Luckey's Erebor is proactively partnering with intelligence agencies from its inception. The goal is to design a system where fraud is nearly impossible, creating a moat that attracts legitimate, high-value clients while inherently repelling bad actors who prefer less scrutiny.
Binary decisions are brittle. For payments that are neither clearly safe nor clearly fraudulent, Stripe uses a "soft block." This triggers a 3DS authentication step, allowing legitimate users to proceed while stopping fraudsters, resolving ambiguity without losing revenue.
Stripe frames unoptimized payment infrastructure not just as a missed opportunity but as an active state of "low-revenue mode." This leakage from poor conversion, authorization, and fraud prevention rates represents one of the highest ROI growth levers a company can pull, often overlooked for splashy ad campaigns.
The evolution of fraud prevention is shifting from a static view of "who the customer is" to a real-time understanding of "what this customer is trying to do right now." This focus on intent allows brands to adapt dynamically, either stopping abuse or creating loyalty.
Rather than simply failing to police fraud, Meta perversely profits from it by charging higher rates for ads its systems suspect are fraudulent. This 'scam tax' creates a direct financial incentive to allow illicit ads, turning a blind eye into a lucrative revenue stream.
AVS for credit cards doesn't return a simple pass/fail. It provides a range of statuses because perfect address matching is impossible due to data entry variations and stale bank records. Businesses choose an acceptable risk threshold, often just matching the ZIP code, to avoid declining legitimate sales.
Unlike profitable credit cards, Zelle is a low-monetization service banks created to compete with fintech apps. Because it can't afford the fraud costs mandated by Regulation E, banks attempt to argue that customer-authorized (but fraudulent) transfers aren't their responsibility, creating a major policy conflict.
The chargeback system creates a powerful perception that using credit cards is virtually riskless for consumers. This sense of security, intentionally cultivated by the card industry, was critical for overcoming early internet fears and unlocking billions of dollars in online commerce that would not have otherwise happened.
Purely model-based or rule-based systems have flaws. Stripe combines them for better results. For instance, a transaction with a CVC code mismatch (a rule) is only blocked if its model-generated risk score is also elevated, preventing rejection of good customers who make simple mistakes.
While 10% of Meta's revenue comes from fraud, the company's anti-fraud team was blocked from taking any action that would impact more than 0.15% of total revenue. This minuscule 'revenue guardrail' was an explicit internal directive to ensure anti-fraud efforts would not succeed.