People are always talking about how blockchain will change the world and disrupt industries. One of the industries that doesn’t get much attention in the TED talks and blog posts is e-commerce fraud prevention.
The core feature of blockchain is the distributed ledger. This ledger records transactions in a database that can only be altered with the agreement of everyone who holds a copy of the ledger .
What’s so great about this? Since blockchain is essentially a decentralized database identically replicated across many computers, the data entered in it can be trusted by everyone to be an accurate record.
The type of blockchains that most people get excited about is a public blockchain, like Bitcoin, Ethereum (for those unfamilar with Ethereum read this primer) or the company I work for, Orbs, where transactions can be verified and tracked by anyone. They can also be used as infrastructure to host cryptocurrencies as well.
So, how could we improve fraud prevention using blockchain?
The tools at our disposal
We have several tools to work with to build an industry-disrupting blockchain app:
- A blockchain platform that is public and has an immutable database.
- Our very own cryptocurrency – let’s call it the “Happy Customer Token” or HAPPY token for short.
- An open application accessible to anyone.
If tracking data is blockchain’s biggest strength, then it makes sense for us to tackle blockchain fraud prevention with a data application.
Since this application would be open to the public, the entire industry could take part, from fraud prevention platform vendors to merchants. Everyone could share data in order to make shopping online a safer, more enjoyable and a more profitable experience.
One of the biggest problems in e-commerce is false positives. Purchases incorrectly flagged as fraudulent cost the industry $9 billion per year. One way to use an open and decentralized platform such as blockchain, is to create a global, community-owned whitelist of trusted customers that will help reduce false positives.
We could make a blockchain-based blacklist of known fraudulent identities as well, but a blacklist is problematic since it would be hard to remove incorrect data about a person from a blockchain and false positives cost merchants much more than false negatives.
How would this global whitelist work?
Ideally, it would work like this:
- A legitimate customer adds items to a cart on an e-commerce site and then checks out.
- On checkout, the customer’s data (e.g. name, email address and shipping address) is turned into a hash function which serves as the customer’s profile on our whitelist.
- The hash value in the whitelist would then get a point added to it every time a merchant or platform reports a new approved order for the customer, which indicates increasing trustworthiness.
- When a fraud prevention platform or e-commerce merchant wants to use our whitelist to verify the trustworthiness of a customer or to augment their own fraud scores, they would create a hash value of their own customer’s data and check it against our whitelist’s hashes to see if there is a match.
- If there is a match, the platform or merchant would pay the app a HAPPY token to retrieve the trustworthiness score.
- The app would then distribute a percentage of the HAPPY token to each person/organization who has contributed data to the customer’s profile (you can send and receive fractions of a cryptocurrency token).
Why do we include tokens? Tokens add an incentive to participate since they serve as a monetary award for adding data to the whitelist. Tokens also work to prevent abuse since they add a cost to using the list.
The whitelist would be a shared resource for the entire industry where anti-fraud platforms and merchants can serve as both the data sources (and earn tokens) as well as the consumers of the whitelist data (and spend tokens).
The data is also decentralized since it’s on a blockchain. This means that no one can manipulate or control the data – making it a true community-owned resource.
Things to keep in mind
The point of this exercise is just to give a very simple example of how using a public blockchain can help solve complex and expensive problems.
Some of the issues that would still need to be dealt with would include legal advice regarding GDPR compliance, verifying trusted sources of data and trusted users of the data and ensuring fraudsters can’t replicate the customer data in the hash when making fraudulent checkouts. However, the potential exists for using blockchain to prevent fraud online.