A new middleware technology platform has launched to help e-commerce and m-commerce merchants manage the risk of ‘consumer-not-present’ transactions and reduce fraud.
Known as Sphonic, the service acts as a channel between an organisation and multiple third-party vendor services in the fields of identity and verification, credit agencies, device fingerprinting, IP geo location, email and domain profiling, web tracking, PEP/Sanction, payment instrument verification and analytics.
Merchants can select the third party vendor services they feel will help reduce the risk of fraud, and Sphonic acts as the middle man, constantly researching and adding vendors to its network and allowing clients instant access to new products as they emerge.
“We're charging a pence-per-click fee to access our network and not build it yourself,” said chief product officer Andy Lee, speaking to Techworld. “In that sense we're just a technical conduit, so all the merchants can access the data that they would access anyway if they coded directly to these vendors and contracted with them.”
Lee explained that banks have historically worked to a very rigid model, whereby customers' identities are verified using the electoral roll and companies like Equifax and Experian. However, this completely misses the whole concept of consumer-not-present risk.
“If someone applied over the phone with my name, address and date of birth they would get a loan. It would pass the existing rules,” he said.
Sphonic collects relevant data from all these various third party services and uses that data to build a complete profile of the user, based on their personal information, credit rating and web history. This method of identification can be as secure as physical tokens issued by banks for two-factor authentication, according to the company.
“It's about significant data. Instead of having 1,000 data items that you run complex rules over, only return significant data,” said Lee.
“So is it significant that an email address is valid? Probably not. Is is significant that an email address was created yesterday? Well that's highly significant because a fraudster stealing my identity would probably set up an email in my name.”
The Sphonic platform is written in the Scala programming language, meaning that it is all open source. It is built using social media technologies rather than the Microsoft programmes traditionally used by mainstream financial services companies.
“E-commerce and m-commerce have been nothing more than an interface over existing technologies. We're actually building a product that's fit for purpose for the future,” said Lee.
“The next generation of financially active people don't even use emails; it's all social media, they all expect things to work. This is what we've tried to bring to the table.”