Stephen: This is your host Stephen Sargeant. Another great episode of Around The Coin. We talked to a person that worked at Etsy, Airbnb, and now one of the top fraud vendors in the world, Sift. It's Brittany Allen. She's the Senior Trust and Safety Architect at Sift. We talk a lot about what are the olden days of fraud and chargebacks, and scams look like.

We going to talk about how payment fintech and crypto companies are using these technologies to fight financial crime and other types of frauds are being committed against their platforms. We talk a little bit about what's happening in the conference circuit and what are some of the top of mind things.

They're happening in the industry, especially when it comes to payments and fintech. Really great episode. If you're touching fintechs, payment crypto, this is the one you probably want to listen to, especially as you try to mitigate some of those risks as we go closer and closer into a global recession.

Let me know how you like this. Brittany Allen from Sift.

Stephen: This is your host, Stephen Sargeant, the Around The Coin podcast, and we're finally getting to the subject matter that I love, you know, trust, safety, compliance, and I welcome Brittany Allen. You're the Senior Trust and Safety Architect at Sift. Maybe just tell us a little bit about, like, what does that title mean to you?

And, you know, I always find that architect throws me off when they include it in, like, compliance or crypto functions. So, you know, explain to me what the architect of Senior Trust and Safety Means.

Brittany: It Definitely means I get lots of targeted jobs on LinkedIn that are for architecture firms that have nothing to do with any of my experience. I actually went to school to be a history teacher and then got another degree in German. So even just going back into what my educational background is, that doesn't even seem to match what I do.

But a trust and safety architect is somebody who has a lot of experience in fraud prevention. Working for merchants or fintechs or any other entities on the frontlines fighting fraud. And that architect side sort of speaks to the fact that we give recommendations and we try to help others best prevent fraud within their own organizations.

So that's what my role here at Sift is. I work with lots of different companies and I could be talking to a. Fast food restaurant in the morning and a car rental company in the afternoon, but still be able to share my knowledge and expertise on fraud prevention and trust and safety.

Stephen: And the rate these criminals are going, you might have to put them on a three way call because they're stealing cars, they're going to get junk food. But everyone in compliance has this like trajectory which is unconventional. As you said, you studied in a totally different topic. What was kind of your intersection where like, hey, trust and safety compliance is something I want to get into.

Brittany: So I'm going to give the shortest version of this because we could just spend, you know, forever. Everyone has such an interesting story about where they've come from. And I've already given a little bit of a hint to the fact that I was going to be a high school teacher and was one for a year, but I got caught up in the great recession.

In 2009 and 2010 and found myself needing to find some other role. And I had a cousin who had an art degree and was in the same bucket. And she convinced me to move to New York city. And when I got to New York city, I ended up interviewing for a customer support role at Etsy, which was a very unknown marketplace at the time, we got excited once I did begin working there that when we became the answer to a Jeopardy question.

So that's how small it was at the time, but I, during the interview was asked. When have you dealt with a really difficult situation at work? I didn't really have a great one that I thought would apply from my experience teaching, but I used to volunteer on a website called couchsurfing. org and I volunteered within a private group that was meant for independent women travelers who may or may not have run into a difficult situation or just otherwise need help.

while they were staying with someone abroad. And so I told them about a few of those situations and a few of the things that we had worked through, and they said, you know, I think you might be a better fit for a team other than customer support. And they put me over on Trust and Safety, which, to give a little bit of background on the Trust and Safety world, and this is 2010, it was not called Trust and Safety it was called the Abuse Team.

And I still have a business card somewhere that says Brittany Allen, Abuse Specialist. Because that was my title, and I'm so glad that we changed it to Trust and Safety before I had to go to conferences with a title like that.

Stephen: That's super interesting. Usually people don't move to New York during a recession. Usually people move away from New York during the recession. Like Idaho sounds like a great place where, you know, cost of housing is probably significantly cheaper.

Brittany: Wow, but you know what, I had someone to go up there with, I came up on the Amtrak into Penn Station with my two boxes underneath the train, hauled them all the way to Queens, where I still live today, so it ended up working out.

Stephen: Tell me about, you know, you were early on Etsy and early at Airbnb to be quite frank. Tell me about the early days. What was some of the things that you were looking at from like, A trust and safety perspective. Cause when you're thinking about Etsy, you're like, people are buying deodorant, like natural deodorant you know, I bought a ton of stuff for the kids, like custom Legos uh, and images. Uh, What were some of the things that you were like looking at? Like, Oh, this is, especially since this is a fairly new field to you. You're like, Oh, this is interesting that someone's doing this or, you know, a list of actors are trying to you know, take advantage of this platform.

Brittany: Well, I mean, I've definitely seen the fraud prevention world develop within marketplaces over the past 15 years. When I got my start, there were still payment, or there were still problems from day one that existed before and still exist now. You know, we would have people getting defrauded to payment fraud.

So, bad buyers coming onto a marketplace using the stolen payment method or otherwise abusing the chargeback dispute system. We would see collusion fraud, so a seller and a buyer or a guest and a host account working together in order to, let's say, harvest funds from stolen devices or even just money laundering, completely closed loop fraud.

And then we would also see merchant fraud. I got to just basically jump in feet first with some instances where we, I think within the first few years of my career, I worked with the Secret Service because somebody thought they had bought a very high end engagement ring online that turned out to not exist.

Or instances where we would work with local law enforcement because a fake chalet had been made up that existed in the beautiful mountainscape in Switzerland, and someone lost quite a bit of money on that instance of fraud. It's all stuff that existed and still exists today, but what we didn't have was.

The sort of support and ability to identify what it was. I can remember with one case that I had at Etsy, again, 15 years ago, they're super advanced now compared to anything that I could possibly do at the time, but I had a paper notebook where I was just trying to write out What all of these interconnected transactions between this large group of users could possibly be, and it was my first instance of money laundering, but I just didn't have the context or a mentor or anyone to turn to who could tell me what you're actually looking at in a giant money laundering ring.

So that's pretty much the biggest shift and improvement is just our ability for these teams at new companies that are being founded today to know what fraud looks like and to try to fight it from the first moment that they open their doors.

Stephen: And you're working with organizations like about fraud, P. J. Rohal, like collaborating, meetings, sharing ideas, thought leadership, best practices. What was there at the time during fraud, AML? Was there like any huge meetings? Like how did you were able to share knowledge or were you able to share knowledge or, you know, ideas, strategies on how to combat certain types of illicit activity that you were seeing on the platform?

Brittany: So the organizations existed at the time, like the Merchant Risk Council existed, or the MRC, and we just weren't a part of them or aware of them. You know, it took that information being shared as people moved teams and then joined new companies. You have to remember at Etsy, I was the first round of external hires.

For their trust and safety team at Airbnb, I was the first round of an external hire for their trust and safety team at First Dibs, where I went next, I was the first person hired to work under the manager of the Marketplace Trust Team. And so with all of that, starting off new until we got to the point where people had some experience in the industry and they could bring it into that role, we were all just figuring it out net new.

I mean, but you're right. Some of the recent work that Sift has done with AboutFraud, and specifically Ronald Prej and also PJ Rohal, was based around driving that sort of community exchange and interaction about fraud. When we did And I think we even did some, some lunches, but just did various community events in Berlin, London, Los Angeles, San Francisco, New York.

And it was really great to bring together the community in each of those places. And in fact New York specifically, because that's where I live, so I get the most excited about it. They were even saying like, we want this to happen regularly. We want to have more opportunities to meet more people in our field.

So, you know, that's huge. Whenever you can do that. I don't know if I don't know exactly where you're located and whether or not you can attend any events like that, but if you can, you will definitely leave with a lot of fascinating stories.

Stephen: I'm in Toronto, Canada. We're still, we have events up here too. You make it sound like a bit like somewhere short of Alaska, like, I don't know where you're from. And you know, if you get out very much, or if it's still, you know, midnight, if it's still, if there's daylight there. But yeah, we definitely get down.

New York and San Francisco is usually where a lot of the meetings of the mind happen in DC. We were just at a conference recently here in Canada. It's a big Web3 blockchain conference. Yeah. Yeah. But to see four or five panels on main stage about regulation and compliance, it just shows how much of this is part of, you know, the fabric of what these organizations are thinking about, even though many are involved in token launching, NFTs, or they're running crypto exchanges.

To come back to, obviously, you've been in the industry for a bit, you've seen a lot of vendors, why are organizations still struggling to find a suitable solution? Like, why does there need to be so many solutions out there for organizations to go to protect against fraud?

Brittany: Yeah, I mean, there's a lot of answers to what you just put out there. As far as struggling, some of that can just be budget. or getting the attention within an org to know or to get someone's ear that fraud is an issue that needs to be tackled. And so they may be fighting against overall company layoffs where they're not able to hire more people to their team or they're not able to review and potentially improve the tools that they use or vendors that they contract with.

So budgetary restrictions Especially with this, like, ever potentially oncoming recession, that it just seems like every year I'm almost immune to it or numb to it at this point. The past four years, all we've heard of is recession, recession, recession. Is that going to happen? And so, that unpredictability and that lack of budget, Can really hurt some companies.

And then there are others who have, let's say, done really well in one particular vertical, and then they're expanding into something new, but they're not anticipating the potential fraud with that expansion, either because they don't involve trust and safety or fraud prevention teams, or they just aren't acknowledging it all.

And. The response or the needed response to changes with global events has put some companies in a, a tough spot. I remember in 2020, right in the beginning of the pandemic, when restaurants in particular, were forced to make tough decisions about whether or not they could potentially stay in business, could they pivot their food to delivery if they didn't already do delivery.

I read about one restaurant in Los Angeles that actually fully went out of business. Because they shifted all of their orders online and they didn't anticipate or know how to deal with online fraud. And they've lost so much money due to fraud that they just had to close their doors completely. So, something like that can also happen.

Without a large team or without anyone dedicated to fraud within your org, you may not then be able to even know that's a possibility.

Stephen: and we saw a lot of that during the pandemic, right? Every organization was forced to come online to do at least a part of their business, or to your point, they're out of business. And we see with the massive tech layoffs, even at Twitter or X, or you see trust and safety be one of those roles along with marketing and recruitment, you know, but what's the risk of that?

Getting rid of trust and safety, you know, personnel at a time when more people are online, whether some of the, like for companies are like, Hey, looking to make a hard decision right now in the, in the midst of a recession. You know, how can they either scale back or become lean, but still maintain a proper fame right?

So they're not taken advantage of, but more importantly, you know, their customers and the customers that is not taken out of their system.

Brittany: I would say the biggest risk, or the risk they should be the most aware of, is If they're thinking of scaling back all of their, their budget or their headcount or whatever it is when it comes to trust and safety, what are they potentially putting at risk for the user experience of the entire rest of their online community?

They're legitimate, trustworthy users. Are they now going to have an instance where they are taking automated actions that are You know, maybe based on old rules or old assumptions, and they're going to now be blocking a whole bunch of people who otherwise would have been long time users of the site and they're wasting, you know, their money that they might spend on marketing to acquire those customers.

Are they canceling transactions or stopping transactions that they actually should have let through because there was no risk to them? So Stepping away from prioritizing fraud prevention will always put a company in risk of then over indexing on taking punitive actions against their best and new customers.

Stephen: You talked a little bit about, you know, how internal staff need to convince, you know, maybe upper management, the importance of fraud. I come from anti money laundering and compliance, which is considered a cost center. Anti fraud is, you know, usually you can show the business, hey, this is how much your money you're losing due to fraud.

So hiring somebody at maybe one fifth of the amount that you're losing might reduce that cost and pay for themselves. Why is that still a hard conversation? I know a lot of my AML folks are like, that sounds pretty easy to me. Hire more staff, reduce the fraud. That's a, you know, right there. That minuses the amount they're losing. Plus the things that you mentioned, reputation, the impact on their actual users and the trust of the ecosystem. If you have a marketplace or something similar.

Brittany: You know, so we're fraud experts. We know what fraud looks like. We know what is a potential aberration in user behavior, but it's hard to, like you said, quantify that, or even explain why what we know is true. So let's say you have a website where people can sign up and create an account. And let's say that's a brand new account. That we're now reviewing for potential fraud. And the only information that we have is their email address and maybe IP and device data from where they signed up. Let's see, we've never seen that device before. The IP is a public one we can't do very much with. And the email address is, let's say, new.

We don't see any data or history on it, but it's also not obviously fraud in as much as its syntax or the risk of its domain. Well, then what do we do? Well, maybe there are some patterns that let us know that this is potential fraud based on how they use the account. Or the fact that we've not, we've seen email addresses that still are quite similar in their formatting because we can extract features and look at that email in, in more depth.

But how do you then explain the potential fraud loss for an account that's done nothing? Hasn't made a purchase, hasn't otherwise created any monetary risk. Now, you could say our average order value for fraudulent orders is X, or the average, you know, number of spam messages that a fraudulent sign up can send is X.

How do you then maybe convince leadership? That just sees you blocking a new user that didn't quote unquote do anything as being part of that equation. That's where, you know, I've run into some of those issues before. And you just have to back it up as much as you can with the similar behavioral data, the similar patterns, and of course have an advocate within your team who is good at explaining those challenges.

I found myself as I've gone through my career, Becoming more and more someone who focuses on what the language is that the person I'm speaking to is used to hearing or is most interested in hearing, and then trying to use that or mimic that when I'm describing my challenge. So for example, if I'm talking to somebody who's in sales, I'm trying to talk to it from a, from a sales angle which is an example that I actually do have from my career where I've had to do that, where I was told that I was more revenue minded than anyone in trust and safety they had ever spoken to.

And I was like, yes, because I'm speaking your language, because that's how I will get you to understand. I know what I'm talking about, and this is a risk to the company, but you're right. Cause we can't just, we can't wait until something bad happens. You know, we can't wait until somebody's. Twitter account or X account has been taken over and used to send spam. We want to stop any fraud from the moment someone who is unauthorized logs into it. That's a big challenge.

Stephen: And these platforms are like jumpy castles for kids. Once one kid gets in there, the rest of them are going to come piling in. So, to your point, if that person does get past the system and it doesn't have any activity, that's opening up the doors for other criminals to now enter the system. And to your point, they're not going to just do it incrementally.

They're going to hit all at once. And by the time you realize what's going on, millions of dollars have been lost and we've seen that time and time again. Talk to me about probably the elephant in the room, especially right now, chargeback fraud. You mentioned it earlier. It's a term I hear a lot. I fought my credit card company

Brittany: Oh no!

Stephen: But now we're seeing, as you said, you know, our, our, our quote's going to be, We're entering the global recession. And hey, people just don't have money. So an otherwise law abiding system sees what's called friendly fraud. I believe it's called in the industry. They don't think it's a big deal or a criminal deal, but it has financial impacts to everybody involved.

Talk to me, like really lay down the landscape of what chargeback fraud is. And, you know, maybe some different positions that companies are taking. Do all the companies go after these? Do some of them just consider that, you know, just doing business and a write off from their, you know, as a loss? Walk us down chargeback fraud, because I feel that is still the, one of the biggest things going on in the industry, but feel free to educate me on that.

Brittany: It is. Alright, well I'll start with the education with talking on some terminology. So, friendly fraud is definitely what it's been called in the past, but we're trying to move away from using that term because, I mean, the jokes just write themselves. It's not, it's not very friendly fraud. It's unfriendly fraud.

I think I even spoke once at a conference where I was like, No, you're a frenemy! How to fight friendly fra So we're trying to move away from describing it as something upbeat to just using a term that says more about what it is. To help people understand what the challenge is they're facing. So we're using the term first party misuse.

First party indicates that you, in fact, are the person who owns the credit card. It's not a stolen credit card. And you're then Abusing or misusing the process of chargeback disputes, which has been set up for consumer protection, but if you know how to play the game, can then get you an unwarranted refund.

Now I feel like I'm straying into the territory of like, listeners, please use this for good rather than for misuse or abuse. But the overall challenge is You've now got a situation where it is a customer who may have some kind of value that they are contributing to your platform. Like let's say maybe they bought 10 transactions, but now they're just filing a chargeback dispute on the 11th.

Saying that an item didn't arrive. Do you trust them? Do you have enough data to know if you should trust them? Or does this fall into that bucket of first party misuse where they're actually lying, they've already gotten the item, and they're just looking to get a replacement so they can double dip and then say that one didn't arrive and then end up getting a refund in the end and have two items.

So it is a Ever increasing in the top of mind for merchants, this year at the Merchant Risk Council when they debuted their 2024 Global Payments and Fraud Survey, was for the first time, a top concern across multiple geographies and multiple company sizes for merchants who took that survey. Both that and then just general policy abuse like refund fraud.

And so we know that companies, if it's not increasing for them, they are at least now way more aware of it than they were in the past. And unfortunately, It's prevalence in the consumer side is seeping more and more into a gray area. So, I'm going to probably stick my foot in my mouth again, making assumptions about you since I messed up with Toronto, my bad, but I'm an elder millennial.

And so whenever I explain this to people..

Stephen: So hold on, let's qualify elder millennial. Did you, when you watched TV as a child, was the converter stuck to the TV by a wire, by a cable? And you had 13 channels. Is that older millennial?

Brittany: My, the first TV my parents had did not have cable. It was just regular old antenna. And my grandmother had a black and white one where you turned the knob, the volume knob up, and that turned the TV on. So

Stephen: All right. You're valid. We have to, we have to double check on this podcast. We have to make sure you're valid if

Brittany: My first console was a regular Nintendo. I was a little bit too young for an Atari, so I missed that one.

Stephen: All right, we're right, we're right there. We're in the same age bracket.

Brittany: Okay, so when I explain this gray area of first party misuse to people, I say, hey, if you're around my age, how many of you downloaded Music on Napster, LimeWire, anything, anyone? Hello? Downloaded a movie? Downloaded TV shows?

I have never said that to a room where there wasn't a single person who could admit, Yeah, I did that. Okay, well, this is kind of that same thing where you'll go on TikTok or you'll go on social media and you'll see it be, you know, openly, candidly discussed. Hey, you can get away with this. You can just tell them that, you know, something was wrong with the rental, the lights didn't work at some point.

You can try to make up these stories and you can get your money back. And My caution for consumers there is just to be aware of sort of what consequences can bubble up if you abuse that chargeback process, because I have seen it before. I have been on the phone with people whose credit card companies cut them off and would no longer let them file any disputes. And even in some cases, even if they claimed it was fraud, because that person abused the process so much. And I've also spoken to some companies where they're so inundated with this first party misuse problem that they now just ban people at the first chargeback. They're just done. You're off the platform and you can't buy from them anymore.

And what we see within policy creation, because I also used to be a policy manager, and I love to talk about policy, is that sometimes they aren't crafted with the idea that there will be an expiration date. for your punishment. So if you buy from a merchant that you love and you love what they sell, maybe you're setting yourself up to not be able to buy from them for 10 years, for 20 years, for the rest of time.

Who knows? And is it really worth it for that one dispute? And I just, I think a lot of consumers don't think that far in the future when they're filing these disputes. Or do you want to be the person crying to me on the phone because you can't file any more chargebacks? And your credit card company doesn't believe you anymore because you cried wolf too many times.

That really does happen.

Stephen: And the criminal just put $10, 000 from Hope Renfrew..

Brittany: Right! And then we have the other side of

Stephen: ..that they skimmed from you and you have no recourse. That's very scary and very realistic.

Brittany: Exactly! There's that other side of it where it's not just consumers who are looking for a quick and occasional refund, but there's actually professional fraudsters who call themselves professional refunders who will guide people through a refund process where they can hit some larger, let's say big box retailers for $10, 000, for $20, 000 in one order.

And they can even, if their refund request doesn't work, misuse that chargeback dispute policy. So going back then to the first party misuse, and we've heard from companies that are, let's say crypto companies. Where any kind of dispute that should come in against a purchase somebody made using a fiat payment method to buy crypto should just be along the lines of, Oh, I didn't get the crypto.

It went to the wrong wallet. It should still be related back to that idea of the fiat to crypto transaction. But we've seen some fintech companies say, we're getting chargeback disputes that are completely different. Like one saying that it was a physical good that should be delivered. And in that instance, the bank will ask the merchant, or ask the crypto company, for a proof of delivery, a signed proof of delivery.

Well, they don't have one, so they spend all this effort in their chargeback representment, or response, arguing, I'm a crypto company, we don't sell pallets of wood, we don't sell houseplants, or whatever the fraudster lied and claimed they bought, but that puts them at risk of losing that dispute, because they aren't, they're not only, responding to a false claim, but they're trying to explain what their company even does, and a lot of issuing banks will only have 30 seconds to a minute for their agents to review each chargeback dispute response, and so those may then just get decide decided immediately against the crypto company, because an agent scrolling really fast will say, eh, there's no attached proof of delivery, they didn't provide the evidence requested, denied.

Stephen: And we've seen a lot in Crypto

Brittany: it be that complicated.

Stephen: Crypto is a lot of people listening to this in crypto So I want to really stay here We saw a lot and remember you're dealing with banks and credit cards that aren't 100 percent crypto friendly So you're using credit cards that you're not really supposed to be using to buy crypto There's nothing the bank can do to stop you with the transaction But they will suspend your credit card after But what a lot of people took advantage of that By just charge it using their credit card, buying as much crypto as they could.

And then when the market went down and crypto went down, they're like, Oh, fraud and the bank's like, well, Hey, the crypto company, you know, we don't really accept crypto. So we're allowing these chargebacks. A lot of crypto companies, a couple of went out of the business. Allegedly due to these chargebacks, I'm sure there was other reasons why they went out of business, but they pointed towards the chargebacks as a huge thing with 10 millions of dollars worth of chargebacks.

Coming through when the market hit hard.

Brittany: Wow. I mean, that's, that ties it back. I, I told a story of fraud taking down a restaurant. Here we're talking about crypto exchanges. It really can touch any and all industries equally. You can defraud, anything that money flows through can be defrauded.

Stephen: Now this podcast loves a good use case. We love a good case study. Talk to me. You can either go industry specific. We covered chargeback fraud. You can go industry specific because you're in gaming, fintech transportation is really interesting to me, or you can go use case specific. Like what are the, you know, account takeover or what are some of the things that, you know, people in payments, tech, crypto should be at least keeping their ear out to.

Brittany: So we're speaking right now towards the end of August and we're coming up on, you know, Labor Day weekend or maybe people are thinking about the last summer travel that they want to take. And travel's a really fascinating one because over the past few years we've really seen an increase of fraudsters targeting that vertical for fraud as a service.

So fraud as a is a term used to describe fraudsters who They don't just sell stolen accounts. They don't sell stolen payment methods. What they do instead is they use that data that they've already got to then purchase something on behalf of a customer who is willing to pay maybe 20 percent up to 50 percent interest.

of the value of that good or service for the fraudster to do it on their behalf. And so we'll see them booking vacation rentals, or hotels, or even flights, which that one still blows my mind. The fact that you can, through such a heavily identity focused and regulated system, Get a plane ticket that you can buy on behalf of someone else and have that be successfully used.

Of course, they'll put parameters out there saying, you know, you need to buy it no more than one week before your trip. They'll put all these rules in place, but these fraud is a service. Posts that we'll see on secure messaging apps like Telegram or otherwise shared on the deep and dark web really have been focusing in on travel.

I've watched groups that we've monitored for years that used to only do e commerce, return fraud, shift into travel because they found it to be far more lucrative. And there's also these things called vouch channels on Telegram, where they will ask people to give a video or a photo proving that they got The ticket that was purchased by the fraudster.

And so we'll see videos within hotels, we'll see videos from basketball games, basically all just bragging that they're able to get away with this. And so, that's been more attractive for people who are maybe sticking their toe into the pool, trying to see if they want to warm up to fraud or not. That gray area again, the Napster area that I described earlier.

Because they're, like, they don't see themselves as running as much of a risk because they didn't. Steal the credit card or the loyalty points or register an account that was fraudulent to make the purchase. They're just benefiting from it. So it's something they're willing to try out and see, you know, how successful it can be.

And Fraud as a Service covers a lot of different offerings. It can even bleed into fintech, where we'll see cash out fraud. being a huge threat to any account that has stored value. So we'll see this in iGaming. If you have your, your favorite sports betting account where you've got a whole bunch of winnings sitting and you're debating, do I re bet that on something else?

Do I want to withdraw that right now? Or you've just got a crypto wallet sitting there that has a lot of funds in it and you're like, I don't want to sell any of these coins right now. I'm waiting until I hit X price for these various investments. I don't want to lose any money. Fosters don't really care about those decisions.

They just care about getting access to those accounts and then withdrawing the funds. And we've seen fraudsters post and work together where one of them says, Hey, I have an account. See, I have this crypto wallet, but I'm not, I was good at getting it. I was good at tricking Stephen into giving me his one time password or sharing codes with me otherwise.

Helping me get into his wallet, but what I'm not good at is the withdrawal part. Faking his identification documents, actually being able to get the money out, connecting a bank account and verifying it without the exchange or wallet provider becoming suspicious. And so they'll post, I have this account, it has this much money in it, I'll split it 50/50 with whoever can help me cash out, and another fraudster will step up and say, I can help you with that.

And they work through the problem together. Of course, at that point, we lose vision onto what they're doing. It all goes to DMs. But it comes back enough that they must have some success to it. And so that's fraudsters helping out other fraudsters. You might just think, oh, my account got hacked. It's one person, but it could be a network of people, each specialized in a different step, committing fraud against you.

So maybe that makes you feel less safe online, but that's generally what my job is.

Stephen: Are you shocked about how open and blatant, like, downloading an album on Napster 12 years ago that's probably 1699 at HMV. And that's heavily overpriced to begin with. It seems a lot more different than, you know, running multiple gaming fraud and emptying out some of the roadblocks and then selling in the black market.

But I'm actively seeing on TikTok, people have skimmer chains and they're showing people and going in and skimming. Are you shocked about, you know, the blatancy of some of these criminals? And then the lack of law enforcement capacity, which is the reason why they're able to do this is really law enforcement doesn't have the capacity to, to go after everyone in a timely manner anywhere?

Brittany: I mean, I am shocked simply just because. You're speaking to a former high school teacher. Like I'm disappointed in the children. So that old teacher energy does come out from time to time. But at the same time, you have to just think about the volume of posts online. So let's say we've got a YouTube video.

And it's an hour long, and there's a violation, like let's say somebody shares something fraud related or something about fraud comes up in the, in the hour long conversation at minute 18, and it's only 20 seconds long, and then, this is all just theoretical, but YouTube gets really good at then identifying what is said out loud, and can take that video down.

Well, the next time the fraudster uploads it, they don't say anything out loud, but they hold up a piece of paper that has written words on it. Okay, that's another way to communicate. Maybe then YouTube gets good at identifying that. Then maybe the fraudsters switch to using emojis, where they know the meaning behind those emojis, and that that's something that's being communicated.

Way more opaque for YouTube and YouTube is trying to figure out what does that mean? But then you look at the volume of what's uploaded to their site and I think it's something like 500 hours of video a minute which is like 30, 000 hours of content an hour and we can just keep escalating that up and up and how from all of that Are you able to to identify each and every instance of fraud?

Now, I agree on TikTok, there are some where I'll see fraud posts that have a lot of engagement and a lot of activity. And those tend to go down a little bit faster. But I also see some where the fraudster is just using TikTok to direct traffic to their Telegram channel. And because they only ever posted three things, and nobody really engages with their posts, Because they see it, and then they go to the Telegram channel, maybe it doesn't even float up to a high enough level to get attention.

But then to go to law enforcement, which you brought up, that's also very true, but they've got to then go through the correct channels of being able to subpoena information, reaching out to these various platforms, getting something, and then when they subpoena it, maybe that fraudster signed up with a fake name and a temporary email address and temporary phone number that are already Disconnected, and they did so using a VPN.

Like there's so many layers of what they have to sort through.

Stephen: Or they can just say they're just creating content, right? And then they're like, Oh, I'm not a fraud. So I'm just creating fun content. Look at my engagement.

Brittany: Oh, I have seen that. Let me tell you about fraud forums where fraudsters post stolen identities for sale with the caveat of these are only to be used for entertainment purposes. Or educational purposes. I've seen that.

Stephen: I love it. I want to get into Sift. I think you've shown why you're working with Sift, but what is Sift? What is Sift doing? Because obviously your expertise is leading and creating these frameworks to stop a lot of the things that we're talking about. But maybe tell me a little bit about Sift and, you know, with so many vendors out there, what do you feel gives Sift that kind of competitive advantage?

Or maybe just the approach to fraud that you're doing that you think that you're doing differently than others.

Brittany: Yeah. So Sift is a fraud prevention platform. And first and foremost, we focus on securing digital trust for our companies. So helping them both be able to trust the users that come to their platform, but allow their users to also trust them right back. And so we offer a large and robust global data network against which most risk assessments can be made.

And we support customers across their user's entire user journey. So we're looking at account creations. We're looking at potential ATOs or account takeovers when people say their account has been hacked. And we're also looking at points of money movement, like deposits, withdraws, or, you know, transactions.

So we're trying to provide any company that we work with a comprehensive platform that they can then use for their fraud prevention needs. And while, you know, There are so many companies that can use the same tools that we provide. Each one of them will have a little bit of a difference. Like they'll have a unique way their users navigate their platform or something interesting and unique that their users can do.

So of course we also work hand in hand with them to help them address those fraud challenges using our platform. And in some cases it can be handled. By our AI powered decisioning. And in other cases, it can't. And we have to make a decision about how to approach that fraud problem along with them.

Stephen: How do you decide on features, right? You've been in business, I think, for over a decade. How do you decide on, hey, you know, this customer wants this, this customer wants that, this customer is saying, I can get that somewhere else. How do you decide, like, hey, what's going to have the most impact across your suite of products?

And your customer base and what's like, Hey, that's cool. Like, it's cool that we can measure how long someone spends on your website and they tell us exactly when, you know, if it's less than 13 seconds, that's probably fraud, but we're only seeing people spend, you know, that's not really the most, that's not the way they're committing the most fraud on your website.

So you have other issues like your onboarding process or just, you know, being able to siphon through all that data with our AI. How do you guys decide which, you know, problem to attack or prioritize?

Brittany: hm. So I'd say first and foremost, it's the problem that the company approaches us with. I used to be the trusted safety manager. And so I would be the one reaching out to vendors. And I would likely be reaching out because I know exactly what What fraud challenge I'm up against, and I'm looking for something specific to help with that. But, that's not always the case. There's not always someone like me at a company who has that knowledge. It could be that fraud prevention has just been shifted to someone from operations or from finance or from any other team. That doesn't have that direct fraud knowledge. And so instead they're trying to get us, the potential company they're going to work with, to tell them what a fraud problem could potentially be for them.

And that's when we then start asking questions, making sure we understand what their industry is, what their geography is, and being able to share the knowledge that we have from working with companies like them to propose what we think is Their biggest fraud challenges are. But, you know, it's always going to start with that conversation because we don't know until we start speaking to them how knowledgeable they are about fraud, you know.

Do they, for example even know about first party misuse and that potential threat to their platform?

Stephen: How are you looking at things like crypto, payments company, payment service providers, where they're worrying about getting a certain amount of customers? They might have an AML team because they have to put in certain things due to the regulations in places like North America. Where does trust and safety fit do you feel like?

As you're, you know, should it be you're hiring a legal officer, then you're hiring a trust and safety person? As you're, you know, creating the platform or it's like, okay, once you have your regulatory compliance measures, now we bring in trust and safety because we've noticed the problem where you're losing money.

Like, where are companies, you know, usually approaching you and where did you wish they would approach you at in their building process?

Brittany: Okay. So there's a lot to touch on there. One thing I want to call out as a big trust and safety concern for crypto companies and fintech in general is social engineering and phishing scams. Things that happen off of their platform that they have little ability to prevent, but directly affects them, whether that's somebody who, like in the aforementioned example, where you gave up your one time password and let somebody log into your account.

Or just where you've maybe fallen for a romance scam and you're actually trying to send money to a fraudster who you believe is somebody you're falling in love with or who otherwise has your best interests in mind. So they're going to be having customers who are taking actions within their own accounts.

No ATO, no account takeover here, but those actions are then to support. The end gain of a fraudster, and they're going to want to intervene and try to educate that individual to stop them from giving their money away to fraud. So they've got a lot of those external threats that are very difficult for them to identify and intervene with.

And then beyond that, of course, they've got threats to the platform. Anywhere where a user can create an account and have stored value will be targeted by fraudsters. And so maybe we'll be working with a crypto company, for example, on guaranteeing that they don't have any unauthorized access to their user accounts.

So we're looking at the behavior and activity of a account upon registration, upon, you know, funding a wallet, making a purchase, et cetera. But then we're also comparing that to any KYC step ups, seeing what data we get back from that, and then looking at the most vulnerable points, such as withdraw or transferring, et cetera.

So we're, we're looking at that whole journey and helping them be able to stop fraud to going back to what I said earlier, to be able to make sure that their users can trust them and they can trust their own users.

Stephen: As For a crypto exchange, we used to see a lot of that. The account takeovers, a lot of what you see is API takeovers. Because you have these like TikTok gurus, like, yeah, I'll trade on your behalf. Give me your API. And then as soon as they get the API, they just drain the funds out of the user's account.

So we used to see a lot of account takeovers, especially when you're dealing with non face to face onboard. I guess I don't have to tell you that, but you probably know that better than I do. That non face to face onboard, it makes it really tricky, right? Anyone can hold up their ID and picture. You really have to look at a lot of the nuanced things that you're talking about.

The bite, like. Is, you know, a grandmother going to be using the latest and greatest iPhone to sign up for her, or register for an account? Maybe, but you have to take into account jurisdictions. Is she traveling all over the world or using VPN versus someone that's, you know, maybe a younger millennial?

Talk to me about, like, what's your home run product? Because I think every company has that, like, that product that everyone knows them for. And they obviously probably have a suite of products, but what's that one that you're like, Oh. This is our jam, nobody does it better than us in this arena and this is why, you know, we got so good at this.

Brittany: so I mean, we've been around for a long time, I think close to as long as I have had a career in trust and safety, and that really then points to The robustness and diversity of data within our global data network. We have 16, 000 different signals that we can analyze for a particular customer. We have a large amount therefore that we can, repeating myself there but we have a robust global data, global data network, and we also have the ability to help customers understand.

What that data is telling them. So we actually just recently created a, a tool called RiskWatch. And RiskWatch leverages AI to automatically account for changes in user behavior patterns in real time. So during fraud attacks or any other dramatic shifts. And it can adapt block rates. It can take actions that are informed by all of that robust data that Sift has been able to work off of for so long.

And that can help a company adjust risk thresholds and otherwise approach fraud that they may never have seen before. So as far as our flagship, you know, use case, we definitely hang our hat on payment protection or fighting against payment fraud. But we're also really proud of the way that you can use that tool.

To either, you know, depend upon our scoring, to use business rules, which we call workflows, but also to use sort of our new innovations, such as RiskWatch, to be able to take some decisions and anticipate potential fraud, even if you're an organization that hasn't seen fraud before. Like that before.

Stephen: I love that, we have a huge payment network that listens to this show, so that's a perfect thing for our listeners. Quick question, you talk about, you know, thresholds and behavior, especially in real time. How do you balance that with like, Hey, I went on vacation. I didn't call my credit card company and saying, Hey, I'm going to Dubai for three days.

And now they're seeing all these charges because I got a booth in Dubai at a conference. How do you balance that? Like, Hey, you know, risk alerts, but also with like, Hey, this person needs to operate their business or, you know, their account, and we don't want to like close it down because, you know, we didn't train the AI properly.

I think there's a lot to that question, but how do you, even before AI, how would you balance that customer experience and also customer or consumer protection? Wow.

Brittany: You don't want to just say it's a hard and fast rule that if somebody, you know, is more than X kilometers away from the last place they made a purchase or from where we usually see them, that we're going to immediately take an action.

There needs to be other factors put in place that lead to that decision. And that's something that doesn't even. only affect consumers but as a merchant, I've had to deal with issues like that using other fraud prevention tools. One of the companies I worked at in the past, we had a event that I didn't know about.

It was really small. Our offices are based in New York. This event was in LA. Team just didn't share the information with the trust and safety team. And all of a sudden, We had a big spike in transactions from this one IP address and one single device, and that every transaction was the exact same dollar amount, which generally is a bad sign in a marketplace that has, you know, thousands and thousands of items that are of varied dollar values.

So that could look like a big spike in fraud. And unfortunately our fraud prevention system at the time did end up blocking a lot of those transactions until we got a panicked. message from the person who was running that event saying, Hey, I'm using one device, my device to run these credit cards so that people can buy tickets into this event, which is why they're all the same dollar value.

We were a physical goods platform. We didn't sell any digital goods. So of course all of this looks funny. No one's entering a shipping address. That's why the system flagged all of this as incorrect. But thankfully what I was able to do at the time was, Use something like Workflows or introduce a business rule that just said, you know, for the rest of today, any orders from this device and IP that are under this dollar value, because I was still worried that something might go wrong, need to be auto approved.

Yeah, you can't predict all of that. Someone's going to drop the ball somewhere and not communicate with you. So in that instance, just the ability to be able to pivot and make a decision quickly is also really useful. But to protect the consumers that you described earlier, who are traveling and, you know, may throw a wrench in the system, don't over index on one signal and instead look for a pattern of fraud.

And if you can, see if there's ways where you can offer a consumer a path To remediate on their own. A way to appeal the decision that was made, that gives you more data back. You know, we used to do that for chargeback disputes. Some companies I've worked at. If you filed a chargeback against us, We would send you an email asking why.

Some cases, we wouldn't get a response. In some cases we would get someone saying, "Because!" And then they would, would be angry all over again.

Stephen: All you would get was a response.

Brittany: But, sometimes we would get an email from someone saying, I didn't dispute that. And it was because maybe they did lose their card.

And their bank just disputed all purchases from the last five days and we were included. And then we were able to work something out. So, you know, reaching out and getting more data, giving people the ability to remediate and appeal is also really helpful to try to learn where you're maybe over indexing on particular fraud signals and what changes you can make.

Stephen: And that's difficult in 2024. I ain't trying to pick up no phone calls, no emails, no links.

Brittany: Me neither, no.

Stephen: Whether it's my my bank. The only one I've seen recently, like, during the pandemic, the government didn't have any problem wondering if I took a booster shot or not. Ha ha, that's the only time I've ever heard from the government in 43 years and they're wondering if I took the vaccination, which I found interesting. I want to talk to you about AI because you're brought it up. Are you seeing a rise in things like deep fakes, AI modified, you know, video, pictures, images, documentation? Have you seen a spike in that across any of the companies that you've been working with?

Brittany: So I would say yes, because the accessibility of generative AI has increased. Fraudsters who wouldn't have known what tool to start with, or even that those tools exist, now do know that. But whenever I talk about increases of AI, I always want to, sort of, throw in this counter argument really quick and make sure that people don't lose sight of the old tried and true fraud methods because those aren't going anywhere.

We've actually watched some fraudsters communicate with each other in forums and say, Yeah, that sounds interesting. Yeah, that's something that I may employ. Maybe I will use, let's say some deepfake technology to fake a voice. For fraud social engineering phone calls, but they'll also then say, but the texts that I send are working just fine.

You know, people are used to seeing some kind of automated text from UPS or USPS or from their bank. And so I'm not getting pushback or failure rates on those that are as high as would be. Enough to push me to change my method. So I'm just going to stick with the text messages for now. Now there's obviously changes that could happen there where then they end up realizing, Oh, I do need to fake somebody's mother's voice, somebody's sister's voice to be able to ask for funds.

And that'll be what will be more successful for me. But we're in 2024 and people still commit check fraud with paper checks. So you have to remember that those old methods aren't going to go anywhere. Even if now we're seeing, what What was that story that came out of Hong Kong of the company that had someone use generative AI to do fake voice and video and I think they sent, I don't know how many millions of dollars to the scammer, but it was really, really substantial.

So even while that's happening, we're still going to see the low tech versions of fraud.

Stephen: I love that. That's a great explanation. I don't know if I'm getting this right. You know, I was listening to fraudology with our friends. Carice at her podcast, I think it was about two years ago around Christmastime, there was this huge upwards trend where the fraudsters weren't attacking your customers, they were attacking vendors like yourselves and trying to access that kind of attack vector.

Can you just give us a little bit, because I think that's the first time it's ever You know, really been focused on in history. Can you maybe just give us a lay of the land just so, you know, the listeners can make sure like, Hey, if this happens again, this is something I need to keep in the back of my mind.

Brittany: So that's something that it has happened a few times in history. I can think of one of that even before when there was abuse against one particular fraud prevention platform, because they had figured out something within their strategy. Don't want to give away too much there, but it's always a potential threat.

Now, actually getting some kind of internal access. Into a system is, thankfully, much, much, much more rare, though it's much more impactful. But fraudsters are always testing a fraud prevention system for vulnerabilities. They usually do so from the outside. So I've seen fraudsters, for example, use sites like BuiltWith.

To see what tech a particular company might use, and then, if they are using a fraud prevention solution that that fraudster is more familiar with, test dollar values for purchases, test velocity for purchases, test velocity for registrations, and then, if they think they've figured out Maybe not just that company's vulnerability, but that solution's vulnerability, going after other companies that use that solution.

So we have seen that before, and that's something that I think Merchants and companies can work more against, you know, they, they can't really help with the potential breach or loss of data directly from the fraud prevention solution, but they could help with making sure that, you know, those known vulnerabilities and having that insight is something that they're aware of.

They can do that maybe by deep and dark web forum monitoring or just having, you know, open line of communication with other merchants and getting to know other merchants who use that solution. Now, as far as consumers. Kind of very rarely do these testing events directly touch on a consumer unless it's just that consumer's identity being compromised.

But have you heard those stories of people getting purchases in the mail that they never made?

Stephen: I've heard I just saw something. I think it was probably TikTok. It's probably, we probably spent a lot of time on TikTok for older millennials, but I definitely saw that. But maybe give you know, a brief description of what people are seeing.

Brittany: So that's one potential way a consumer might get looped into that. So I think there was one from years ago where it was all like rings or cheap jewelry being sent. I've seen it before. Soap it can just be Socks was one that came around for a couple of years. It's usually a lower value item that you didn't expect, maybe even from a merchant, that you never have purchased from.

But what the fraudster is doing is they are, on whatever that platform is, Establishing a pattern of legitimate purchases so that they can then come around, let's say for the fifth order and get a high value item and get away with it and maybe be able to trick a fraud prevention solution because of that good history.

That ties back to the one Sort of, you know, I wouldn't call it breach, but just focused, targeted testing of a particular fraud prevention solution that happened in, oh man, 2018 or so? I'm a little fuzzy on the year for that one. Time is a flat circle since the pandemic. I don't know what year it is anymore anyway.

Stephen: Whatever you thought it was, add five.

Brittany: it was definitely pre pandemic. And what they would do then was they would make low value purchases, maybe four or five of them from Merchant A. But their true target was Merchant B, but they knew Merchant B used the same fraud prevention solution and then there might be a better recommendation on, let's say, that high value order of a television or a laptop.

And so that can be a particular type of abuse. If you're a consumer, you get something in the mail you didn't order, If there's anyone that you can reach out to, if you can either report that to the company directly or if you have an account on that company, at least log in and see if your account has been used.

If there's some step you can take to be the person to raise that flag, that could be pretty helpful. But just know that there's No little free gift that you've gotten for no purpose. There's probably a fraudster behind that free soap that just showed up on your front door.

Stephen: Now, Brittany, times are tough. I need those socks. You know what I

Brittany: Okay, the socks then. The socks..

Stephen: I'm too old for my mom to buy them for me. I'm keeping those socks. I ain't calling nobody. I'm keeping the socks.

Brittany: We've learned nothing. Great.

Stephen: I joke. As we wind down now uh, we mentioned at the top of the episode PJ Rojal, and I know he has a partner, and the partner's probably always like, How come nobody ever mentions me?

You can mention the partner. I don't know who his partner is, actually. But you were, you're a part of the Risk Revenue Forum and you've also attended the Merchant Risk Council events. What's the hottest topic right now? And, you know, it's summer, it's, you know, we just got through, you know, a pretty great summer across the board weather wise, but what's heating up when it comes to like the fraud discussions?

What are, what's top of mind that's actually happening versus like AI is the future, what's actually happening right now that everyone's talking about?

Brittany: So start with at the MRC and other industry events. I mean, obviously, We're going to sound like a broken record, but refund fraud, policy abuse, first party misuse. It's something that more and more companies are now acknowledging is a real problem, and so they're really looking for solutions to that problem.

Not just discussing that it exists, but looking for anyone who has the answers on what they can do. When it comes to regulation, especially within the EU, We're now going to be moving on from PSD2 to PSR, which will be coming probably sooner than we realize, again, with how fast things seem to be moving with our perception of time nowadays.

And that will affect the way that merchants do verification of customers. You know, there'll be discussions about strong customer authentication and the use of, let's say, 3DS in both regulated and unregulated markets. So there'll be a lot of payments discussions as well, but at the same time of maybe entering into a potential recession, there's a lot of chatter around how to keep your customers happy, your legitimate customers, and to keep them safe from fraud.

And there's going to be a conference in a couple of weeks at it's called MRC San Diego, and I'll be speaking in a session on ATOs and VIP accounts. So how your most valuable users are targeted on your platform and ways that you can try to prevent that from happening. But to go back to the Risk Revenue Forum, one of my favorite discussion points that came out from those various sessions that first came up in New York, and then I brought it up when we were in London, and I brought it up again in San Francisco, was this idea of when will fraud prevention sort of catch up with cybersecurity?

As far as getting attention and getting a voice within a company, if we go way back 15, 20 years, you would see companies that didn't have a CISO, didn't have somebody in seat to speak at an executive level for cybersecurity concerns, but now so many organizations do. When are we going to see our first, Chief Fraud Officer, and I know that CFO, that abbreviation's already taken, but I haven't thought of a better one but something in the lines of a Chief Fraud Officer.

Who would be able to, you know, argue for the needs of a fraud prevention and trust and safety team at an executive level. And that's one that I can't wait to keep having a forward look at and to see who is the first to hold a title like that at a company.

Stephen: Sounds like Sift, sounds like Sift, sounds like Sift

Brittany: I'm, so I'm asking you to angle for a promotion for me.

I would like, no, no, no, no.

Stephen: We'll work on the name. Just get the money right, Sift. I love, I love that. Great topic. As we end the podcast, you just published an article somebody else wrote that you contributed about funny animal stories. Maybe tell the funny story. You worked in startups. Everyone can, I'll link the article.

Everyone can go see it and maybe just kind of share your funny story.

Brittany: Well, the, the, the prompt was asking about animals in the workplace and I've had my entire career in startups. So, you know, they're very animal friendly workplaces. There was even a time when I owned a hamster and when I traveled, I would bring the hamster in and it would become the office pet and sit on my desk and people would take care of it.

But the story that I, I shared on Ask a Manager and then put on LinkedIn was about an unauthorized dog. Okay. that entered one of my workplaces. I guess I can say it was Etsy because it's, you know, 15 years ago. No one's gonna be mad about it, but we were in an elevator building on a high floor and all of a sudden there's a dog in the office that people are not familiar with and nobody seems to be taking responsibility for, and that dog is getting more excited and more out of control.

We used ICQ chat and so, cause it didn't have Slack yet, didn't have any of those

Stephen: Ha ha.

Brittany: And so the, the chat goes from. You know, whose dog is this? Or who owns the And they would describe the dog to, someone needs to come get their dog. Okay, this dog won't stop jumping on me. And it's barking, it's really getting animated.

So we go to the front desk and end up learning that the dog came in on its own. It piggybacked behind somebody who badged in to the office. Speak to another employee and he's like, oh yeah, that dog rode the elevator with me. Just, I guess, because he said he thought the dog knew what it was doing. Because I guess we all just assumed, like, the dog is the main character in this Disney movie.

Like, the dog knows what it's doing. Anyway. So, very embarrassingly for me, I, I mean, look, this was my first job after teaching. I had gone from a very regimented environment to, like, fun people when we did wall demolition who would let us knock the wall down ourselves. So, I was getting all wrapped up in the moment, and there was a conference room that had its door cracked.

Because we had bad air flow, and the dog went in, and I went in right after it, tackling it, laughing, saying, This is a loose dog! You know, being excited. And it was definitely a meeting being held by our CFO with an external party of some sort, and he was the exact opposite of amused. And I had to drag this dog out.

Turns out the dog belonged to somebody on a different floor, and it had gotten out of their office, into the elevator, ridden with someone to the lobby. I don't know how long it was in the lobby, but then followed one of our employees back in, went up to our floor, and then came into our office. So it was, I think, the last day that ever happened, because after that, dogs had to have some sort of identifier.

They had to have some sort of code or name or something to, you know, show that they were authorized in the office. But, you know, I couldn't have imagined that, being a public school teacher, and then, you know, a year later, I'm going to be working in an office where a dog just breaks in and nobody knows what to do, but that was my contribution, my story and..

Stephen: And that meeting is probably why there's no C suite trust and safety people in the industry, right?

Brittany: Well, I'm glad to know that I'm the problem and that it's all my fault. I'm going to feel real good about myself for the rest of today. I'm

Stephen: Honestly, I'm so glad I work from home. I have bad allergies. I remember going to a rework, and like, you know, everyone's like bringing their dog in, and I could barely breathe the whole day. I'm just like, You know, and everyone's always like, yeah, that's hypoallergenic. Like hypoallergenic to you that doesn't have allergies.

To me, it doesn't matter what it is. That is awesome.

Brittany: I've still had an instance where I took my shoes off at work under my desk and then learned never to do that ever again because one of those friendly office dogs had relieved itself under my desk. So yeah, working from home doesn't have those risks.

Stephen: has its benefits. As we close off, tell me about anything that you're excited about, any product features at Sift and then where people can people chat with you. Is that the next forum that you're hosting or contributing to?

Brittany: Yeah. So I know I already went in a little bit into RiskWatch, but just a alternate way to be able to use machine learning and AI that is analyzing big data sets to then make predictions. Risk assessments and recommendations. So if you haven't heard yet about RiskWatch, I'd recommend you go to our site and check that out.

If you're attending MRC San Diego in the coming weeks, I will be there. We'll also be at MAG Orlando in the coming weeks. So you can also see us at that conference. If you are. Looking for any other information about the deep and dark web, I run the team at CIF that does those investigations and we're always happy to do sweeps and to give even, you know, some training sessions on how you can do those points of research on your own and not destroy your computer.

Please don't do that all on your work computer and get me in trouble. I didn't give any recommendations to that right now. But there's just plenty that we love to share. I have a team of people who are all former merchants who get to share our knowledge. So, you know, please don't hesitate if you have any questions about anything you see on the Sift website. Yeah.

Stephen: And maybe we should do another mini episode in the future about the dark web scrapes, because I think that would be interesting to a lot of folks, especially those in crypto. Brittany, you've been hilarious, so educational but yet you're having fun with this and we love this conversation and thanks so much for at least highlighting some things that fintech payment and crypto companies need to at least keep in their mind as they move forward, especially as we start hitting the recession, maybe they can think twice about, you know, letting go, they might not, you know, they might decide not to name another stadium and instead invest in trust and safety might be the way to go.

Brittany: Nice.

Stephen: Thank you so much.