NS8, a fraud prevention platform designed to protect online transactions, has raised $123 million in a round of funding led by Lightspeed Venture Partners, with participation from AXA Venture Partners.
Founded out of Las Vegas in 2016, NS8 meshes automation, behavioral analytics, device fingerprinting, and real-time scoring to identify fraudulent activity and establish the authenticity of a transaction. The company’s gargantuan raise comes as ecommerce expands due to lockdown and social distancing measures enforced by the COVID-19 crisis. As consumers flock online, businesses have had to bolster their security, which could prove fruitful for a company like NS8.
NS8 looks at activities like how quickly a user navigates between pages, whether they use a mouse, and how many times a page is loaded. This information can provide clues to the user’s motives or whether the “user” is in fact a bot.
“We also look at factors that assess the technology being used and to detect if the user is attempting to mask their identity or spoof their location,” NS8 CEO Adam Rogas told VentureBeat. “We combine these factors with attributes such as browser profiles, IP addresses, and geolocation to assess whether … the user is a bot. If the user is human, we then determine whether … their behavior is deceptive and indicative of fraud.”
A possible red flag may be using Tor’s anonymizing software to access a website. “Most consumers do not normally try to hide their identity with Tor, which makes its use suspicious in commerce — this would negatively affect the user’s trustworthiness,” Rogas added.
Ecommerce is the most common use case for NS8, which integrates with many third-party shopping platforms, including Shopify, Magento, and BigCommerce. However, NS8 can detect fraud across all manner of online transactions, including on the payment gateway “card processing” side. Live events companies can also use NS8 to prevent bots from mass-purchasing large numbers of tickets for scalpers.
Of course, merchants don’t want to deter legitimate customers from using their website. Through the NS8 dashboard, they can set their own trustworthiness “score range,” which may determine whether a shopper is asked to provide additional verification or their order is held for manual review or denied outright.
Above: NS8 screening a Shopify store
NS8 had previously raised around $35 million, including a $26 million tranche last year. With another $123 million in the bank, the company is looking to double down on product development and expand into new global markets by extending its partner network to support more platforms.
The COVID-19 effect
According to Rogas, NS8 saw a 350% growth in demand for its product from February to April 2020 and more types of businesses looking for fraud prevention smarts. New markets included clothing retailers and restaurants offering online orders, both of which have been in greater demand during lockdown.
As businesses have tried to increase sales, Rogas said some have “relaxed” their fraud standards in order to approve more orders. “Orders that might typically be flagged for manual review or put through secondary verification steps are now being approved to preserve revenue in the uncertain marketplace,” Rogas added. “If other merchants adopt this same approach, there stands to be a significant increase in ‘friendly fraud.’”
Friendly fraud, or chargeback fraud, as it’s sometimes known, is when a customer buys something online and then disputes the charge with their credit card company. But the more information a company can glean about a customer, their purchase, and the delivery, the easier it is to discredit the false claim.
“We always advocate for more stringent verification and authentication solutions. Those who can afford to add verification steps into the customer experience will deter a lot of fraudsters, who will move on to easier prey, and make their real customers feel like their brand is more secure,” Rogas said. “In these times, when merchants may elect to increase their risk appetite, they must remain diligent and protect against disputes and the unwanted penalties that typically follow with increased chargebacks.”
The cybersecurity talent shortage has been well documented, and some reports suggest the gap is widening. Automated tools such as NS8 go some way toward addressing this need, but the technology is more about helping companies scale their security to a level that would be nearly impossible with humans alone. With something like click fraud, where bots and bad actors tap pay-per-click (PPC) ads to blow out advertisers’ budgets, manually reviewing every interaction on a daily basis is unfeasible. The same applies to any high-traffic ecommerce website, which is why automated tools are crucial in cybersecurity.