Often, when you shop online, fraud prevention technology, using machine learning and AI, reviews a host of data, such as your shipping address, your location and your spending patterns to determine if you are a legitimate customer. When you’re depositing money into a bank or buying an NFT or digital asset, it doesn’t quite work that way.
“Fraud detection isn't only about shipping addresses or shopping carts; it's about behavior,” says Soups Ranjan, CEO of Sardine. “How you type, swipe, scroll, move the mouse, or even hold your phone - it all tells a story about legitimacy and whether or not you're being impersonated.”
For example, say you type your social security number in when opening a bank account. Most of us are going to type it very fast from long-term memory. “If someone is impersonating you and using your social security number in a data breach, they’ll be looking it up and exhibit what is called segmented typing. Look up, come back, type, look up, come back, type,” notes Soups.
Founded with two other veterans in the risk and intelligence space, Zahid Shaikh and Aditya Goel, Sardine is a one-stop API for fraud, compliance and payments for the financial industry. Here, Soups talks with us about fraud trends, what about generative AI keeps him up at night and how crypto is like the tough neighborhood of payment rails.
What is your elevator pitch for Sardine?
Soups: Sardine is a fraud intelligence platform that uses behavior biometrics, device signals, and third-party data to help banks, fintechs, and online retailers fight fraud and make smarter decisions about who can access and transact on their platforms. We offer solutions for all touchpoints across the customer journey, which also includes identity and business verification, watchlist screening and monitoring, AML transaction monitoring, and chargeback protection..
What was your aha moment when you decided to start Sardine?
Soups: There wasn’t just one moment. At Coinbase, I was one of the first 15 engineers and I wrote the machine learning algorithms to detect fraud risk when you’re buying crypto using a card or bank transfer. I later took over the risk team. At that time, I did not know about payments. I was never really taught payments or fraud prevention in school or university. I started an initiative called the Risk Salon, where we got together with companies in Silicon Valley to bounce off ideas on how to detect fraud or account takeovers. It grew to 2000-people strong with monthly meetups and three conferences, so I learned with the community.
In 2019, I saw new banks were being created and I witnessed two revolutions happening.
First was the rewriting of the regular banking stack as we know it via neo banks.
Second, I saw crypto as a payment method primitive. It just allows for cross-border money movement 24/7/365. In some corridors, it can be done cheaply compared to the traditional money rails. We saw the need to serve fintech entrepreneurs, who were not going to educate themselves on all the nitty gritties of fraud and compliance. They needed a product that would give them all of that in one API, so they could focus on their go-to market strategy. The same thing rings true with banks. They spend 30 percent of their workforce on compliance. We want to make banks more profitable by essentially automating most of it.
How has working in crypto shaped your view of what it takes to mitigate fraud?
Soups: Surviving in crypto is like growing up in a tough neighborhood - you learn a trick or two about mitigating fraud. Our first set of customers were various crypto exchanges or crypto platforms. Since then, we've expanded into other categories: online commerce, gift cards, NFTs, sponsor banks, bank platforms. Now crypto is the best thing you can buy if you have a stolen card or a stolen bank account because of three things: It's instant, transfers are final and have no dispute resolution and it's very liquid, so you can immediately sell it off and get fiat. It’s not recoverable so you can send it to a wallet that you control. Our thesis has always been that if you can solve for fraud in crypto, you can solve for it everywhere else.
You talk on social media about real world fraud schemes like pig butchering and money mules. What are some lesser-known fraud tactics people should know about?
Soups: Pig butchering isn’t very well known. It’s a scam where someone is befriending you via what initially appears to be a wrong text message. They just say hi, and then they try to strike a conversation with you, and then offer to make you money if you sign up for a bank account or an investment platform or a crypto exchange, except it's not a real exchange or a real brokerage. It's really a piece of software that shows that you're making money, except you're not.
As the world of money movement increasingly goes online, online financial literacy and how to keep yourself safe from crooks online has to keep pace with it. Pig butchering is just one way of losing money to scams. Investment advisor scams, romance scams, tech support scams – all of these are essentially people trying to social engineer you into parting ways with your money. Oftentimes these scams are being done over remote access tool (RAT) software and that is what we, Sardine, specialize in detecting. We've been able to detect RATs with 90 percent and above accuracy.
What is one thing you wish you knew when you started Sardine?
Soups: I wish I knew not to hire a sales leader until you have reached a certain revenue run rate because you are actually building the plane while you're flying it. They aren’t really able to sell something that hasn't been built, right? We realized that we as founders have to do the selling early on. And once we knew how to sell, that's when we hired our sales leader who's now taken what we learnt as founders and made it a repeatable go-to-market motion. If I were to start all over again, I would actually put it in as a cultural value that you can't rush into hiring someone. In the early days, making one bad hire could be really costly to the business.
How have you worked with Visa and how has Visa helped you grow?
Soups: We partnered with Visa in multiple ways. Visa is an investor in our last financing round and we're grateful for that partnership. We also recently announced Visa's participation in our consortium, SardineX, an initiative to get industry participants from diverse sectors to share data to prevent fraud. Right now if I have a stolen Chase account, I cannot walk into a Bank of America or Wells Fargo and move my money to those banks because they share data with each other. But I could potentially take money from a stolen Chase account and move it to a fintech, so we need to share data to understand who's committing fraud and close that visibility gap.
What is your idea of success?
Soups: We want to lower the cost of payments by lowering the cost of fraud.
What keeps you up at night these days?
Soups: I sleep well. [laughs]
Generative AI is something that’s going to be a big enabler for fraudsters and scammers. It's so easy to mimic someone's voice or their facial expressions and full aliveness checks or full voice authentication systems. I think we are going to be in a world where it's got to be impossible to trust who's who online. Hopefully, we can make a dent in that world via intrinsic behavior biometrics.
What excites you about the future of payments?
Soups: There are so many payment rails: card networks, traditional bank rails, ACH, crypto. We see a world where the world of payments is multi-rail. But someone needs to connect those rails from the point of view of fraud prevention, and that’s what Sardine is tackling.
Learn more about accelerating your growth with the Visa Fintech Fast Track Program.