- Joined
- Nov 26, 2020
- Messages
- 716
Good day!
Today The technology Web beacons and see how the AF system Riskified refers to where the user came from.
A little bit about the company
Riskified - Company mediocre. He is engaged in account protection, risk analysis, protection against refunds and protection of payments.
Companies such as CanadaGoose, Prada, Gucci, Farfetch and others cooperate with this company.
What is a Web beacon
Web beacon (in the «web beacon» English version) - it is a small or transparent image that is embedded in the page, and is used to track user activities. It is also worth noting that web beacons generally work in conjunction with cookies.
This is the simplest technology for tracking user actions. For example, when a company registers a site with Google Analytics, it gives Google permission to insert a small piece of javascript called a web beacon into every page on the site. When a user visits this site, the beacon transmits various data to Google. This is mainly used for tracking statistics and for advertising purposes, but not only digital giants have web beacons, Riskified also has its own web beacons.
How and why Riskified uses its web beacons
Like analytics beacons, the Riskified web beacon collects data about a shopper's device and purchasing behavior. But instead of using this information to improve marketing efficiency or streamline the checkout process, Riskified uses it to differentiate between legitimate and fraudulent purchases.
Device identification
The company uses web beacons to collect data about the user's device, in order to compare with devices that are on the black list, as well as for the purpose of primary analysis - detecting spoofing. In addition to the basic data, the system also collects more complex ones - the number of installed plugins, the type of plugins, color depth, screen parameters, etc.
Social connections
In addition to technical data, the company also collects data on social activity - in which social networks the buyer is authorized, what mail is used.
A discrepancy between the email address and the address entered by the buyer when placing the order will raise suspicions. On the other hand, a Facebook name and an email name that match the name on a credit card is a very compelling sign of legitimacy (Yes, they reason weirdly, but what can you do).
Extensions
Riskified is also wary of certain combinations of extensions installed in browsers.
"There are a lot of real customers using these extensions for privacy reasons, so by no means do we recommend automatically rejecting customers using them - but these orders probably deserve a closer look."
Geolocation and Connection
Information The Riskified Web Beacon collects information about the physical location (based on the IP address), the languages installed on the device, and the time zone in which the device is installed. (a la Whoer) and, for example, a South Korean IP address, a Korean keyboard, and a time zone consistent with Korean local time would not raise suspicions.
"But a South Korean IP with a Russian keyboard and Moscow time zone is a mismatch, the buyer could be a Russian traveling in Korea or a scammer in Russia using a proxy IP address."
A web beacon can provide information about the nature of a buyer's internet connection. One aspect of this check is proxy detection. Riskified uses ping duration measurement to detect proxies. And according to their data, in 60% of cases, when a proxy is detected, the order will be rejected, in contrast to 3% of rejected orders of buyers who do not use a proxy.
Behavior
Like Google, the Riskified beacon collects information about which web pages users visit and how long they have been on them. Behavioral analytics Riskified found that certain pages were more indicative of an actual purchase.
"Scammers rarely bother to waste time on pages about return policies or shipping prices." (!)
Real customers tend to choose a product longer. They are more likely to navigate back and forth between product pages to compare prices. Real customers may leave the site to check the price of the same item with another seller, and may even visit your site a couple of times during the week before buying.
The beacon also collects reference data about pages, meaning we know which page was viewed before going to the seller's site. Sometimes this data can give out a fraudster. (The same url (http) referer which we will talk about below).
Url Referer or traffic source
Buyers came from the referring site is much safer than those who went on to direct the store URL.
In terms of direct referrals, 15-20% more buyers who come through a desktop using a direct link are scammers compared to those who use mobile devices. This is due to the fact that desktop users tend to browse products and the site, look for reviews and information on social media and other sites before ordering an item, so going directly to an e-commerce site is a bit unusual behavior for a real shopper. Whereas on mobile, where web browsing is less convenient, real shoppers are more likely to go straight to the store they want.
Not all traffic sources are useful
From an analytic point of view, it is very important which site the buyer came from. Given the staggering amount of time spent on social media, and the fact that it increases proportionally as a share of total internet use, it is interesting to note the difference in fraudulent traffic between various social sites:
Twitter clicks are more than twice as secure as Facebook and Instagram. And Pinterest is an even safer site than Twitter. There are many possible explanations for this - one is that Twitter and Pinterest feeds are more tailored to the user's tastes (content is almost entirely based on the user's interests, rather than their actual connections).
"But the safest shoppers visit your site by following links from email. This traffic is safer: only one in a thousand of these orders is fraudulent." (!)
Visits Verification
One of the most important methods that Riskified uses when considering the order is to check previous visits to this site or other sites that use web beacons Riskified.
Validation is pretty minor for first-time shoppers making purchases in a store if they came there via a referral page. However, when a customer comes to the store directly, the difference is obvious: Riskified is 41% more likely to miss an order if the user has already appeared on their sites.
Thanks for attention.
Good luck and profit to everyone!
Today The technology Web beacons and see how the AF system Riskified refers to where the user came from.
A little bit about the company
Riskified - Company mediocre. He is engaged in account protection, risk analysis, protection against refunds and protection of payments.
Companies such as CanadaGoose, Prada, Gucci, Farfetch and others cooperate with this company.
What is a Web beacon
Web beacon (in the «web beacon» English version) - it is a small or transparent image that is embedded in the page, and is used to track user activities. It is also worth noting that web beacons generally work in conjunction with cookies.
This is the simplest technology for tracking user actions. For example, when a company registers a site with Google Analytics, it gives Google permission to insert a small piece of javascript called a web beacon into every page on the site. When a user visits this site, the beacon transmits various data to Google. This is mainly used for tracking statistics and for advertising purposes, but not only digital giants have web beacons, Riskified also has its own web beacons.
How and why Riskified uses its web beacons
Like analytics beacons, the Riskified web beacon collects data about a shopper's device and purchasing behavior. But instead of using this information to improve marketing efficiency or streamline the checkout process, Riskified uses it to differentiate between legitimate and fraudulent purchases.
Device identification
The company uses web beacons to collect data about the user's device, in order to compare with devices that are on the black list, as well as for the purpose of primary analysis - detecting spoofing. In addition to the basic data, the system also collects more complex ones - the number of installed plugins, the type of plugins, color depth, screen parameters, etc.
Social connections
In addition to technical data, the company also collects data on social activity - in which social networks the buyer is authorized, what mail is used.
A discrepancy between the email address and the address entered by the buyer when placing the order will raise suspicions. On the other hand, a Facebook name and an email name that match the name on a credit card is a very compelling sign of legitimacy (Yes, they reason weirdly, but what can you do).
Extensions
Riskified is also wary of certain combinations of extensions installed in browsers.
"There are a lot of real customers using these extensions for privacy reasons, so by no means do we recommend automatically rejecting customers using them - but these orders probably deserve a closer look."
Geolocation and Connection
Information The Riskified Web Beacon collects information about the physical location (based on the IP address), the languages installed on the device, and the time zone in which the device is installed. (a la Whoer) and, for example, a South Korean IP address, a Korean keyboard, and a time zone consistent with Korean local time would not raise suspicions.
"But a South Korean IP with a Russian keyboard and Moscow time zone is a mismatch, the buyer could be a Russian traveling in Korea or a scammer in Russia using a proxy IP address."
A web beacon can provide information about the nature of a buyer's internet connection. One aspect of this check is proxy detection. Riskified uses ping duration measurement to detect proxies. And according to their data, in 60% of cases, when a proxy is detected, the order will be rejected, in contrast to 3% of rejected orders of buyers who do not use a proxy.
Behavior
Like Google, the Riskified beacon collects information about which web pages users visit and how long they have been on them. Behavioral analytics Riskified found that certain pages were more indicative of an actual purchase.
"Scammers rarely bother to waste time on pages about return policies or shipping prices." (!)
Real customers tend to choose a product longer. They are more likely to navigate back and forth between product pages to compare prices. Real customers may leave the site to check the price of the same item with another seller, and may even visit your site a couple of times during the week before buying.
The beacon also collects reference data about pages, meaning we know which page was viewed before going to the seller's site. Sometimes this data can give out a fraudster. (The same url (http) referer which we will talk about below).
Url Referer or traffic source
Buyers came from the referring site is much safer than those who went on to direct the store URL.
In terms of direct referrals, 15-20% more buyers who come through a desktop using a direct link are scammers compared to those who use mobile devices. This is due to the fact that desktop users tend to browse products and the site, look for reviews and information on social media and other sites before ordering an item, so going directly to an e-commerce site is a bit unusual behavior for a real shopper. Whereas on mobile, where web browsing is less convenient, real shoppers are more likely to go straight to the store they want.
Not all traffic sources are useful
From an analytic point of view, it is very important which site the buyer came from. Given the staggering amount of time spent on social media, and the fact that it increases proportionally as a share of total internet use, it is interesting to note the difference in fraudulent traffic between various social sites:
Twitter clicks are more than twice as secure as Facebook and Instagram. And Pinterest is an even safer site than Twitter. There are many possible explanations for this - one is that Twitter and Pinterest feeds are more tailored to the user's tastes (content is almost entirely based on the user's interests, rather than their actual connections).
"But the safest shoppers visit your site by following links from email. This traffic is safer: only one in a thousand of these orders is fraudulent." (!)
Visits Verification
One of the most important methods that Riskified uses when considering the order is to check previous visits to this site or other sites that use web beacons Riskified.
Validation is pretty minor for first-time shoppers making purchases in a store if they came there via a referral page. However, when a customer comes to the store directly, the difference is obvious: Riskified is 41% more likely to miss an order if the user has already appeared on their sites.
Thanks for attention.
Good luck and profit to everyone!