Last week, we organized a conversation with Arjun Ramakrishnan (Head of Risk at GoDaddy Payments) and Sébastien Theunissen (Staff Product Manager, Payments at Squarespace) to discuss best practices for managing embedded payments risk. If you missed the webinar, we’ve included a brief summary and access to the recording below.
Aligning payments with business objectives
As we’ve written about previously, software teams have 4 main options when deciding on an embedded payments model: referral payments, branded payments, leveraging a PayFac-as-a-Service solution, or becoming a PayFac.
What considerations should software companies keep in mind when making this decision? For GoDaddy and Squarespace, a seamless customer experience and strong unit economics were key:
- GoDaddy: While GoDaddy has been a market leader in the website builder category for years, the team introduced GoDaddy Payments - an omni-channel branded payments experience - just two years ago. Previously, the team leveraged a referral payments model, which created a disjointed payment experience for their customers. By introducing payments, the team was able to centralize GoDaddy Commerce capabilities under one roof.
- Squarespace: Squarespace launched its own branded payments product earlier this fall. Previously, the company used a referral payments model, and merchants would visit a 3rd party dashboard to manage their payment activity and interface with customer support. By bringing payments in-house, the team can deliver better value as a brand and create a more seamless* connection between payments, order fulfillment, checkout, website editing, and other functionalities.
Building early risk processes & tech stacks
What are some of the P0 processes and priorities software companies should make early on in their payments journey?
Arjun recommends software companies focus on 2 things early on:
- Avoid catastrophic losses: Set up an exposure tab and exposure limits to avoid low frequency, high dollar losses and keep your initial P&L manageable. Arjun suggests implementing a strong CRM system to monitor the portfolio for significant outliers. Many teams start off with spreadsheets, but these can become unruly and miss critical risks as a business scales.
- Set up basic KYB & KYC: A foundational KYB & KYC system keeps low effort levels of fraud at bay (think simple identity theft such as onboarding with a stolen ID). While these incur small losses, they can add up quickly, and can also harm a company’s reputation.
AI & other emerging fraud trends
Fraud is constantly evolving. Which trends are teams keeping an eye on?
The first trend panelists discussed is leveraging deep fake artificial intelligence to commit identity fraud. This technology allows users to create fake documents and impersonate others. Given the advancements in deep fakes, this type of fraud can go unchecked by many automated identity verification solutions. While it’s low exposure, it can stay under the radar for a long time and can thus add up quickly.
The second trend is established businesses using their business credentials to commit fraud. In this case, a merchant can pass KYB checks and get underwritten based on legitimate business credentials, and then use their good standing to commit fraud down the line. While uncommon for now, this fraud can go undetected for a longer period of time.
Risk & international expansion
Can risk management solutions be leveraged across different geographies? According to Sébastien, it depends on the type of risk:
- Transaction risk: Generally, transactional risk solutions can be implemented across geographies. Teams should partner with vendors that have analyzed significant payment volumes and have seen a large and complex number of fraudulent cases. Arjun largely agreed with this sentiment, and pointed out that teams should consider the risk tolerance of merchants and consumers in different geographies. Typically, a merchant’s risk tolerance can impact their ideal payment experience. For example, European merchants are comfortable with the additional layer of security that 3D Secure adds to their payment experience in exchange for reduced fraud. However, merchants in other markets may take issue with the additional friction it creates.
- Identity verification: It can be more difficult to find a truly global ID verification solution, as regulatory requirements and document types can differ across countries. If you’re looking for one provider that covers multiple geographies, be sure to diligence their coverage of country-specific documentation data.
Solutions like Coris’s MerchantProfiler make it easy to access SMB data across 46 countries, including information from local government databases.
Watch the full webinar recording