Last week we held our second Trust and Safety Meetup, this time in the South Bay, at the offices of Upwork. The event was a success, filled with pizza, a panel packed with experts and a great networking and information sharing opportunity for our group.
We were lucky to have a terrific panel of speakers talking about their experiences building their company’s Trust & Safety/Fraud organizations and how they see the fraud landscape evolving. The folks who joined us to share their experiences included:
- Dina Kwan, risk operations manager, Twitter
- Jim Gray, director, ad traffic and publisher quality, Google
- Kenny Shi, independent fraud consultant, Risk Zero
- Paul Rockwell, head of trust & safety, LinkedIn
- Shlomi Boshi, head of global fraud strategy & analytics, PayPal Credit
- Omkar Pendse, director of engineering – eBay Risk, Fraud and Seller Standards
A few core themes definitely emerged from the discussion. The first being that most, if not all, of our panelists have built or are still building fraud teams and policies from the ground up. I suppose that’s not surprising, given how fast fraudsters evolve, but with each new feature or function added to our sites and our lives, we are immediately in a race to secure it. It also reinforced the need for groups like this, to share information and try to learn from one another. Fraud is funny in that way, it’s one of the few industries where we are all, regardless of our individual companies, fighting against a common enemy.
The second is communication. A few of our panelists noted how many challenges could have been overcome more quickly if there was better communication between internal teams. For example, taking learnings from the teams in charge of spam detection and applying them to new fraudulent advertising challenges, etc. This is also true when doing something as simple (or as damaging) as pushing an update live. You could undo or complicate work done by other teams so it’s important to maintain a constant flow of communication.
The “build or buy” discussion is also still a constant challenge for many teams. It seems that for many aspects, such as IP Geolocation, are no brainers for outsourcing, but when it comes to other security challenges, the answer is not so simple. There are of course privacy issues to overcome, as well as less tangible qualifications such identifying subtleties or nuances in your data that you don’t think an outside vendor could understand. Many teams just don’t have the resources to go it alone and building it all just wouldn’t make sense.
Of course in order to build, you need the internal resources and hiring is always a challenge, particularly in our industry. One panelist pushed for evaluating talent over experience, which given the newness of our industry, is sound advice. Others echoed this sentiment, reinforcing the need for analytical skills that may have been derived from other disciplines, but are of great value to a trust and safety team.
Another key takeaway was how mobile is seen as both a challenge and an opportunity. The amount of data that can be gleaned from a mobile user gives us unprecedented insights as fraud fighters, but also creates another attack vector and avenue for deception. As our experiences become better and more frictionless as consumers, they become more complicated for us on the backend.
Overall, the room was full of lively discussion, advice, networking, debate, and further developing our unique community. Thank you again to Peggy at Upwork for hosting and to my employer, DataVisor, for providing the food. If you didn’t have a chance to attend, I hope you will join us next time. And speaking of next time, if there are any specific topics you’d like address, feel free to reach out and we’ll get them on the agenda.