Security across the payment systems has gained more attention in recent months following several data breaches at US retailers, including the high-profile breach at Target Corp. If security wasn’t already a priority for those operating in the payments space, it certainly is now as the risk of costly data breaches becomes more top of mind for many consumers.
A start-up called Rippleshot, which is part of the entrepreneur incubator in Chicago known as 1871, claims to have a solution that will reduce over 25% of fraud losses for issuers and merchants. It does so by uncovering merchant data breaches in near real time and alerting issuers and merchants as to the breach earlier in order to stop fraud from spreading further. In contrast, conventional methods of fraud detection only react once the loss reaches critical levels.
Rippleshot is a cloud-based big data visualization platform. Its algorithms monitor millions of POS terminals and billions of transactions for anomalies that indicate the early stage of a breach. From there, it traces those ripples to the point of origin to quickly identify the location and origin of the breach and then notifies Rippleshot’s affected clients. The concept could be likened to a fly fisherman that finds a fish by locating the ripple in the water to determine where the fish resides.
“The existing systems look at one transaction at a time and their response is the transaction is either approved or denied,” said Lucas Ward, co-founder and chief operating officer, in a recent interview with Euromonitor. “We’re looking at millions of transactions to profile the merchant over time to find the patterns that would indicate a breach of certain cards and how many people have had the same thing happen to them.”
Through its cloud-based platform, Rippleshot offers card issuers, merchants and payment processors a suite of tools that could be used to identify breaches, observe fraud spend patterns over time and design mitigation strategies. In the case of the card issuer, Rippleshot is able to report that a data breach happened at specific locations within specific chains during a specific timeframe so that the issuer can reissue affected cards before fraud ever occurs on other at-risk cards. For merchants, Rippleshot can detect a data breach down to a specific POS terminal in a specific store. Ward estimates that Rippleshot can pinpoint a breach two to eight weeks faster than existing competitors in the space.
Rippleshot is currently in beta and is working with an unnamed large US-based financial institution and several smaller regional banks. This gives Rippleshot access to card transactions so it can monitor the card payments system for fraud, but also gives these issuers an opportunity to trial Rippleshot’s platform. In addition, Rippleshot is in talks with several merchants about employing these services in store to pinpoint breaches at specific POS terminals and is even talking to payment processors regarding a potential add-on product that payment processors could in turn offer its client base as part of its standard services.
The card payment system of today is antiquated and was never designed for this age of the internet and even mobile payments. Any fraud-detection system that is more proactive and offers more efficient fraud-detection tools than what exists today in the market should be viewed as a step in the right direction. Ultimately, it’s an arms race with criminals and a platform such as this once could enable payment providers to stay one step ahead for now.