Comment by gregw2

This was LONG ago so some context is less relevant now and may not apply to others, but three of a dozen of our tactics turned the tide, the last being the best, but building on the others:

1) The basics: track all information entered in the signup process and display it in a signup email to our customer service/onboarding rep, along with whether and how often each piece of info was used (or was similar) in past locked/disabled-for-fraud accounts and have a human determine via eyeball if the composite picture looked like fraud. You’ll be surprised how often a customer saying his name was Ibrahim with a phone number in Egypt had a IP in Jordan and was using a credit card belonging to Sally Jones with a zip code in Kansas. Don’t automate fraud decision. Have a human in the loop. Know your customers with a human touch up front at signup. (“Do things that don’t scale” is the more recent mantra for this approach.) But never emit info so fraudsters couldn’t game the system beyond the binary of getting enabled/disabled, and even then don’t give them immediate feedback during/post signup to run permutations quickly. Have a human vet asychronously shortly post-signup as part of customer welcome/orientation call.

2) Silently partially disable international customers so they could sign up and give us info and do certain things but not really generate expensive transactions until a customer rep called and welcomed/vetted them and checked a box unrestricting them in our admin panel. (I say silently but if they actually got to the final step of a transaction, we did give them ways to reach out to us to get activated after talking to someone (which was manned 24x7). 99+% of the time, fraudsters never called/reached out.)

3) Most subtly, reps especially offshore ones from white label partners of ours were slow to use our ways to vet their (and thus our) customers even though their management was pushing our development team for more and more technical solutions to cut fraud. It was frustrating because I could see the fraud and it was a massive chunk of our partner’s revenue (1/3rd?) shortly out of the gate with us, but since they were a white label customer of ours I/we couldn’t exactly tell their lower level rep employees to get off their butts and take the fraud seriously (when even their management wasn’t getting through), nor did I want it to continue to harm their business because it would also harm ours.

Remembering the mantra “you can’t manage what you don’t measure”, I built an admin screen that their reps (and thus their bosses) could see that showed when each recent customer signed up and when they were cleared or locked out as fraud, how many minutes were between the two and who (which rep) locked/cleared the customer and how much was spent (lost) before the account was locked. The difference was profound. Fraud from the white label partner’s customers dropped practically overnight, from $5000 a month to under $50 just by adding a report that quietly made the humans in the loop accountable. I didn’t even have to tell the partner’s people what to do. I just made the outcomes measurable and visible and the problem took care of itself. It was a profound lesson for me early in my career. I wish that exact trick had been more useful for me since, but still — very eye opening. Chargebacks were never a problem for us again.