EmailAge: Leveraging Email Addresses to Reduce Fraud
Accertify Partnership Shows Way Forward for Phoenix Company
By D.J. Murphy, Editor-in-Chief, CardNotPresent.com
Not quite two years ago, Rei Carvalho and several other founders—a group with deep experience in payments and fraud mitigation—sensed an opportunity in the space to attack card-not-present fraud using a data point that nearly every consumer has, but no company yet had leveraged: email. They developed a proprietary algorithm for evaluating an online identity based on the email address a consumer provides when making a purchase at an e-commerce site or filling out a loan application and used it to launch EmailAge. The company—entirely self-funded—decided to focus on analyzing email addresses because, in many cases, they are more closely tied to an individual than a phone number and no one else was doing it, according to EmailAge CEO Carvalho.
“There are lots of tools out there to validate a physical address, telephone and SSN numbers or device ID, but the one thing that’s common to everyone is an email address,” he says. “There wasn’t anything in the marketplace that did a good job of validating or verifying the credibility of that email address. Our customers are finding that analyzing email addresses is a very effective way of identifying potential fraud and are using our solution as an additional layer of security to help reduce their overall fraud risk .”
When an EmailAge client enters an email address into the platform, it initiates a search of hundreds of databases utilized by the company as well as its own internal databases of risky domains, countries, email addresses and many other fraud risk indicators, in addition to scouring the Internet to bring back hundreds of attributes about the address in question. How the address is connected to those attributes is analyzed by the patent-pending algorithm, which uses machine learning and artificial intelligence to generate the Email Fraud Risk Assessment and Score. The scores, which range from 0 to 1,000 (with 0 being the least likely to be fraudulent transactions), are separated into six categories from very low risk to very high risk.
“In addition to the score determined by the algorithm, we provide our customers with the main reason for the score,” Carvalho says. “If a score comes back at 900 it could be that the email address doesn’t exist anymore, it has a very limited history or it’s been identified as fraudulent or used in a fraudulent transaction previously. Our customers find it very valuable knowing the reason for the fraud score. We also provide customers with a recommendation of what to do with the transaction. If it’s a low score, there’s nothing else to do. If it’s a very high score you might want to run it in conjunction with some of your other tools to determine whether you want to accept this transaction.”
Partnership Provides Model for Growth
As Carvalho implies, EmailAge does not envision itself as a standalone service that can eliminate all fraud for an e-commerce merchant or financial institution, but rather as an important tool that fills an unaddressed gap in an overall, comprehensive fraud solution. Until recently, the company had worked mainly with end users like e-commerce retailers, merchants in verticals like travel and financial institutions, but Carvalho notes a recent agreement and what it indicates about the kind of companies EmailAge wants to align itself with moving forward.
EmailAge revealed to CardNotPresent.com that it has integrated with antifraud technology provider Accertify. Customers of the American Express subsidiary have access to the EmailAge solution through an API as an additional tool to evaluate transactions for potential fraud. Integrating with gateways, processors and more comprehensive antifraud platforms that don’t feature a way to assess the credibility of an email addresses may be a more efficient way for EmailAge to grow globally.
Carvalho acknowledges that EmailAge is in talks with “a number of companies similar to Accertify” in both North America and Europe. Until agreements are finalized, he cannot disclose the potential new partnerships. But the company hopes to build on the strategy in geographies where it already has footholds including North America, South America and even China, where Carvalho notes EmailAge is “starting to get some traction.”
Collective Action to Fight Fraud
As it manages growth at home and abroad, the company continues to refine the algorithm that constitutes the core of its solution. As its roster of partners grows, EmailAge is leveraging that growth to customize the algorithm for individual users. Clients now have the capability to fine tune the algorithm by geography or domain. If email searches have turned up repeated fraudulent transactions in certain countries or from certain email domains, the algorithm will adjust and take that into account when generating future fraud scores for that particular user.
Carvalho also touts a new feature where all EmailAge clients can benefit from the growing database of email searches performed on the platform.
“If they want to participate in more of a global or community fraud-database scenario, they can opt in to this service,” he explains. “When they flag an email as fraudulent, then all of our other customers that have opted into the global community can also see that email address has been flagged as fraud. And that user also has access to the flagged emails from others in the community.”
As it grows and as it enhances its offering, EmailAge continues to focus on the one data point most antifraud solutions have overlooked: the ubiquitous email address.