“I used to work in bricks-and-mortar retail in the 1990s, and there were security dye packs that would explode if you tried to walk out with a pair of jeans,” says Spotrisk cofounder Jordan Lewis.
Lewis says the fraud detection tools used by most online retailers today are the equivalent of those exploding dye packs: expensive, primitive and in-your-face intrusive.
He and business partner John Gregoriadis founded a startup called Spotrisk last year, after a tidy payday associated with Vend’s sale (keep reading). They pitch their product as a cheap, seamless way to spot risky buyers, run a verification check and approve or block an online order.
Or as Lewis styles it, the software equivalent of the cheap and discreet security tags used by traditional retailers today.
Their software integrates with two of the largest online shopping platforms, Shopify and BigCommerce, and adopters include fashion label World, gaming PC outfit Playtech and Golf Warehouse.
Spotrisk looks for multiple online shopping behaviours that could indicate a risky buyer. For example, someone who orders multiple items from the same IP address (that is, the same device or location) and wants each shipped to a different address. Combined with other tell-tale signs, it could mean the buyer is using a fake or stolen ID, and a stolen credit card.
A recent study found a 16 per cent rise in online fraud during the pandemic.
More of us are online shopping, more of the time, and the shift to hybrid working has created security holes that make it easier for hackers to steal credit card numbers and other personal data.
The Government’s Computer Emergency Response Team (Cert NZ) has tracked a big rise in such phishing and fraud during the Covid outbreak - and at a time when hard-pressed retailers can least afford it.
Retailers aren’t usually aren’t alerted that an item was bought with a stolen credit card until after the order is shipped, which leaves them carrying the cost of the chargeback, facing a potential escalation in credit card fees, and even suspension of their payment facility altogether, Lewis says.
Spotrisk signed up several hundred customers to its software-as-a-service product, offered for free.
Now, on the back of the startup joining Shopifiy’s ecosystem (in April) and its BigCommerce integration (announced this week) and new verification features, the startup has introduced paid plans over the past few weeks, and embarked on a growth drive.
Pricing ranges from free (for up to 30 orders analysed per month) to US$25 per month (for up to 150 orders analysed) to US$99 per month (for up to 1000 orders).
Their target market is the sort of small to medium retailers who create online stores using Shopify and BigCommerce’s platforms, with their various pre-made tools.
Lewis began his career in traditional retail, with a retail area manager role at Calvin Klein followed by a retail and distribution role for Trelise Cooper, while Gregoriadis was a retail manager for Spark.
Both ended up joining point-of-sale software startup Vend - in Gregoriadis’ case, after Vend bought a startup he’d founded called Shopim.
After several years at Vend, both joined Xero, where Gregoriadis rose to become head of engineering, and Lewis “growth hacking lead” before they left to co-found Spotrisk last year.
The Auckland-based Vend was sold to Canadian company Lightspeed for around $455 million in March last year.
Both Lewis and Gregoriadis held small parcels of Vend shares issued under the firm’s ESOP scheme - and while the Lightspeed buyout didn’t deliver the pair a payday on anything like the scale of Vend’s founders and early investors, it still delivered a tidy sum; enough for them to assemble a crew of developers and get Spotrisk to the market without the need to tap venture capital.
A third Vend and Xero alum, Nick Houldsworth, took a minority stake and serves as an adviser (Houldsworth was chief marketing officer at Vend, then later GM, ecosystem for Xero).
Although their roles are more high-tech these days, Lewis says some basic themes don’t change.
He remembers a training game from his bricks-and-mortar days, where you had to try to steal goods, or spot a “shoplifter”. “It’s not always the obvious thing you would spot. The longer you worked there, the better you got at it.”
He draws an analogy with Spotrisk’s machine learning capability today. Its platform is always adding new suspicious online behaviour and “social signals” to its list of possible fraud flags.
Today, the startup is still in the first weeks of commercialising its product. But its co-founders already have plans to expand beyond online retail to apply their approach to other industries.
Meanwhile, their existing product does want it says on the tin, according to Playtech owner and general manager Paul Kao
“We had a robust process for detecting fraud but some orders were still getting through, so adding an extra layer of security never hurts,” Kao says.
“Since installing Spotrisk, we have been able to automate the fraud checks we used to do manually, and by combining Spotrisk with our payment gateways protection we can quickly identify a fraudulent purchase and not ship it. Avoiding the time and headache just one fraudulent order causes chasing courier companies and dealing with chargebacks pays for itself.”
And World’s Benny Castles says, “We used to only rely on Shopify’s inbuilt fraud analysis to alert us to suspicious orders.
“At the end of the day, it was really left to me to investigate and decide if each order was genuine. We might get 300 orders in 24 hours during our sales period and we simply don’t have time to look at all of them.
“Before using Spotrisk, I really didn’t feel confident fulfilling those orders, but our focus had to be getting the product out of the door and to the customer.”