Slashdot Mirror


We're All Being Judged By a Secret 'Trustworthiness' Score (wsj.com)

schwit1 writes: Nearly everything we buy, how we buy, and where we're buying from is secretly fed into AI-powered verification services that help companies guard against credit-card and other forms of fraud, according to the Wall Street Journal.

More than 16,000 signals are analyzed by a service called Sift, which generates a "Sift score" ranging from 1 to 100. The score is used to flag devices, credit cards and accounts that a vendor may want to block based on a person or entity's overall "trustworthiness" score, according to a company spokeswoman.

From the Sift website: "Each time we get an event be it a page view or an API event we extract features related to those events and compute the Sift Score. These features are then weighed based on fraud we've seen both on your site and within our global network, and determine a user's Score. There are features that can negatively impact a Score as well as ones which have a positive impact."

The system is similar to a credit score except there's no way to find out your own Sift score.


Factors which contribute to one's Sift score (per the WSJ):
  • Is the account new?
  • Are there are a lot of digits at the end of an email address?
  • Is the transaction coming from an IP address that's unusual for your account?
  • Is the transaction coming from a region where there are a lot of hackers, such as China, Russia or Eastern Europe?
  • Is the transaction coming from an anonymization network?
  • Is the transaction happening at an odd time of day?
  • Has the credit card being used had chargebacks associated with it?
  • Is the browser different from what you typically use?
  • Is the device different from what you typically use?
  • Is the cadence of the way you typed out your password typical for you? (tracked by some advanced systems)

3 of 135 comments (clear)

  1. Ummm.... by brunes69 · · Score: 4, Insightful

    ... this looks like standard anti-fraud measures that banks and retail have been doing for years and years and years. It's not creating a profile of YOU, its creating a profile of YOUR CARD so it can detect if it's been compromised.

    IE - you definitely want this.

    Nothing to see here.

    1. Re:Ummm.... by Applehu+Akbar · · Score: 4, Insightful

      YOU DON'T WANT OR NEED THIS. Your bank is the one on the hook for fraud.

      Ultimately, every banking customer pays for fraud. Businesses don't 'absorb' ongoing costs; they always show up in the fees you pay for service.

  2. Time for a general Data equiv to the FCRA by Etcetera · · Score: 4, Insightful

    The "Big Data" companies of the day have all become heavily regulated in what they can store, how they can store, how long they can store, and have transparency laws about providing consumers access to their own data reports and challenging information in them.

    It's time for this to extend to all large-scale person-identification projects, and if the data brokers have to be torn apart to do so, so be it.