Data breaches and credit card fraud have created a perfect storm of opportunity for investors of late.
In the wake of major U.S. data breaches, credit card issuers, retailers and online merchants face growing fraud threats. Combine that with a move to more secure chip and PIN banking cards, as an October deadline looms to do away with vulnerable magnetic strip cards in the U.S., and technology startups are busy at work.
All told, investors have flocked to a pack of consumer-facing point-of-sale systems for retailers and a wave of security companies to address concerns. Others are, meanwhile, working behind the scenes to sort out rogue transactions from the good.
One is Toronto-based Ethoca, whose data network and software help card issuers and online merchants stamp out e-commerce fraud. Ethoca has raised $45 million in a funding round led by Spectrum Equity, the company told The Wall Street Journal.
Ethoca gives merchants such as airlines and retailers on-the-fly early warnings about fraud as soon as, for instance, cardholders dispute transactions with their card issuers. This enables merchants to halt the delivery of goods or services, gives them a window to refund customers while avoiding chargeback processing costs. It also reduces the burden of recovering fraud-related losses and reduces write-offs from fraud, a mounting issue of late.
To be sure, Ethoca operates in a competitive landscape of companies angling to protect merchants and consumers from a rash of high-profile data thefts that has exposed hundreds of millions of credit and debit cards to potential fraud.
Ethoca's competitors include Retail Decisions, a unit of ACI Worldwide Inc. and Verifi Inc., as well as from issuer-driven security checks like real-time verifications by phone call or text messages. "One of our main competitors is actually other internal priorities at banks," said CEO and co-founder Andre Edelbrock.
In March, Apple Inc. mobile-payment system was hit by a wave of fraudulent transactions using credit-card data stolen in recent breaches of big retailers including Home Depot Inc. and Target Corp., highlighting how compromised card data can be valuable to cybercriminals long after merchants secure holes in their payment systems, The Wall Street Journal reported.
Ethoca declined to provide customer information, but a person familiar with the matter said its 2,100 merchants include Amazon.com Inc., Facebook Inc. and Wal-Mart Inc., while its 30 card issuers include Bank of America Corp., Capital One and USAA.
The startup, which also declined to state its revenue, says it is on pace to double sales this year after more than tripling sales in 2014.
Ethoca plans to use the new funding to bring other products to market and help the company expand into new markets such as Central and South America, China and Southeast Asia, said Edelbrock. The company has so far entered Israel, France, South Africa and New Zealand.
"On any given day, Ethoca sees the majority of fraudulent card activity in the U.S., and increasingly, the rest of the world, on their network," said Spectrum Equity Managing Director Chris Mitchell.
One of Ethoca's services allows merchants to recognize legitimate orders and avoid rejecting transactions due to suspected fraud, something the company has dubbed as an "order rescue." Based on a pilot of certain Ethoca clients, data showed 42% of the transactions turned away by merchants were in fact orders that should have been fulfilled, and reversing that trend could lift merchant or retailer revenue by as much as 1.2%.
"We're increasing transaction flow and removing unnecessary barriers to consumer spending," said Mr. Edelbrock.
Ethoca has a feature that allows merchants to accept the maximum transactions possible. In that instance, merchants pledge to refund customers directly if it accepts bogus transactions, which reduces the need for banks or card issuers to record write-offs from so-called low-value transactions. This is most relevant to digital transactions such as online music, media and gaming, which generate high profit margins, he says.
Mr. Edelbrock says the company also aims to tackle "back of the wallet" syndrome, referring to the drop in spending on cards after a confirmed fraud incident, which he says hits the card issuer, as spending declines by 20% for up to six months. It also hits merchants, he says, as consumers form a negative association with the vendor where their card was compromised.
The company is pegging its growth, in part, against the expected rise in e-commerce sales. In the U.S. alone, e-commerce sales are expected to rise roughly 13% a year, jumping from $338 billion this year to $434 billion by 2017, according to research firm eMarketer.
Ethoca's growth is also hitched to the expected uptick in fraud from Internet commerce and other transactions in which bank cards aren't used in person. Such fraud, known as CNP based, or card not present, is estimated to rise from last years' $2.9 billion to $6.4 billion in losses by 2018, according to estimates from research firm Aite Group. CNP fraud represents 45% of total U.S. card fraud, according to Aite.
Home Depot said in September that 56 million cards may have been compromised in a five-month attack on its terminals, topping the 40 million cards affected
Article written by Gillian Tan, Venture Capital Dispatch