Scams, fraud, and abuse are an increasingly difficult problem for the payments industry. In this episode of Talking Banking Matters, David Excell, the founder of Featurespace, speaks with McKinsey partner and payments industry expert Grace Klopcic about how the company got its start in the gaming and sports betting world, and why it uses machine learning rather than a complex set of rules to understand consumer behavior and quickly identify improper transactions. The company was acquired by Visa in 2024. The following edited transcript shares highlights from their conversation. For more discussion of the banking issues that matter, follow Talking Banking Matters on your preferred podcast platform.
Grace Klopcic, McKinsey: Dave, thanks for joining us. Let’s start by having you describe how you view Featurespace’s position within the broader payments value chain. What’s your main source of differentiation?
David Excell, Featurespace: We didn’t start from the position of fraud and financial crime being a business opportunity in terms of where we wanted to go to market. It much more started from the idea of the technology and thinking about how we build machine-learning systems that can understand behavior and data and respond to those pieces of information in real time. And that ultimately goes back to the capability that we built to become universally available to different parts of the broader financial services ecosystem. I see our role as serving a number of different customers, including merchants, merchant acquiring platforms, and also potentially different networks, going across into core banking platforms, issuer-processors, and the issuers themselves.
We can be integrated into any part of the ecosystem that sees the transaction being processed, to understand what is genuine activity and what is not from the data that’s going through. We want to enable transactions to take place, but provide knowledge and insight to help in the decisioning that can stop fraudulent activity, while still allowing genuine activity to continue.
Grace Klopcic: Help us understand how the behavioral analytics you mentioned work. How is the real-time machine learning you use different from the traditional rules-based systems for identifying fraudulent activity?
David Excell: Let me first explain that Featurespace got its start in the gaming and sports betting sectors. One of our early customers was an organization that provided online computer gaming to general consumers. The challenge they faced was differentiating between genuine humans playing games versus robots that are potentially cheating or using unfair tactics. That required understanding the different actions of gamers and whether their behavior corresponded to that of humans, or seemed to be optimized in terms of their clicks and movements that might indicate robotic behavior.
Soon after that, I was introduced to Betfair, which at the time was the largest-growing online sporting exchange that enabled consumers to bet online. That environment is very fast-paced as compared to the normal e-commerce environment. You have different games and markets coming and going very quickly and a very different range of consumers and activity. You might have someone who’s just a recreational gambler who will spend $5 every week on his favorite Premier League football team. Or you’ll have very sophisticated traders making millions of dollars of trades on the outcome of a golfing tournament or a tennis match.
Those varied behaviors pushed us to have to learn who the genuine consumer is. What are their preferences? How do they behave? And then from that, how do we identify when there were changes in activity that may mean it’s no longer that customer or their activity that matches a particular pattern we have? The difference between what we do and the rule-based systems is that we’re encoding logic that looks at patterns and works to match them.
The reason we do it this way is fraudsters are always changing their behaviors; if they aren’t able to carry out their scam or fraud, they deviate and start to change their behavior. Ultimately, over time, the rules needed to identify this become increasingly complex, as we add more and more rules on top of existing rule sets, and that becomes difficult to maintain over time. So instead, we sought to use very rich descriptors of behavior to build models that continue to evolve over time and provide resilience to changes in how fraud is carried out.
Grace Klopcic: And how did you decide to pivot to the financial services industry?
David Excell: We saw there was an opportunity in terms of how fraud had historically been solved, which involved historical consortium models collected together. It could take months, if not years, to develop new profiles of fraud and deploy those back into the banking system, so we saw an opportunity to think about a more dynamic system that could evolve within the bank to give them a performant edge. And that’s where we were successful at being able to build our partnership with TSYS [the payment processor and merchant services provider], which is one of our biggest and strongest partnerships in terms of being able to deliver that capability to many of their customers.
Grace Klopcic: I would assume fraudsters are always evolving and are leveraging AI themselves to create phishing emails, synthetic identities, and other capabilities. What is Featurespace doing to stay ahead of them?
David Excell: The technology trend we’ve seen around AI has a lot of positives in terms of what it can enable, but it’s a double-edged sword in that it also gives additional capability to the criminals that use it to defraud people. We’ve all seen the headlines about deepfakes being used to cause people to make payments they wouldn’t normally make. That type of problem is complex, but what we do is help banks identify when they are seeing a consumer that’s under that type of duress and may be making a payment they should not be making. We can help provide financial institutions the evidence they need to speak to such a customer in a way that takes them out of the spell of the scam that’s taking place.
For example, if there’s a consumer who is going to make a big investment in cryptocurrency because they think it’s going to generate a huge return for them, we can pull evidence to show that the entity they’re about to invest with may be problematic. We can demonstrate to them, “The account that you’re transferring that $100,000 wire into has only been in existence for five days, so it’s unlikely to be a sophisticated investment account that could generate the return you’re expecting.”
Even newer fintech organizations or new banks that don’t have historical data on scams can struggle, and we can offer them a way to score behaviors and identify potentially fraudulent behavior even without historical data.
Grace Klopcic: What about gen AI? Does that offer any particular benefits?
David Excell: We think there’s a lot of capability in terms of making the operations of fraud [prevention] more efficient while assisting the fraud investigator in terms of looking at a wide range of data and being able to pinpoint whether fraud is taking place or whether we’re looking at genuine activity that happens to be slightly unusual. We actually built our own gen AI foundation model, similar to what OpenAI and Google have done with their foundation models, which focus on words, texts, images, audio, and video. We’ve been able to use a lot of transactional data to help build our foundation model in a way that understands how consumers make payments and the different sequences of their transactions.
Global payments in 2024: Simpler interfaces, complex reality
Grace Klopcic: What about fraud that involves noncard payments such as RTP [real-time payments], FedNow, or ACH transactions, checks, and wire transactions?
David Excell: When we’re thinking about an account or a customer in terms of how they’re transacting, it doesn’t really matter what rail they’re using. We’re looking at the behavior, regardless of the type of payment. So if we’re thinking about a demand deposit account, it can have many different types of money flows taking place—a debit card transaction, a check payment, wire, Zelle, ACH, et cetera. We’re thinking about these flows from a behavior perspective. For example, we’re looking at how the consumer behaves when they get paid: Do they make a wire transfer? Do they go to the ATM to deposit a check? Do they go into a bank branch? All of those types of things give us much richer information to be able to make a decision about whether a given transaction is likely to be fraudulent.
A lot of the fraud tools banks have to monitor those transactions are point solutions that aren’t looking at the larger picture. If you’re only looking at wire transactions or check transactions, you won’t have the context of what else has happened. For example, one of the credit unions we work with was able to use our platform to identify a sequence of accounts that had been set up to serve as “mule” accounts. Fraudsters with compromised checks were able to then deposit those checks into those mule accounts and start to monetize the fraud by taking the cash out at ATMs. Because we were able to spot that this activity was taking place across each of those different locations, we were able to identify the fraudsters in real time. The credit union was able to dispatch law enforcement, and that led to identifying over 30 suspects and making seven arrests of people involved in the criminal activity. So that’s where identifying the fraud very quickly lets you put people behind bars.
Grace Klopcic: One thing we see financial institutions struggle with often is integrating security solutions into their offerings and tech stack. How do you think about integrating your solutions with your customers’ systems?
David Excell: We’ve taken two different approaches to that. The first is to build partnerships with many of the existing technology providers to the banking world. So, as I mentioned, we built a very successful partnership with TSYS, which has enabled us to integrate our technology into their core processing systems and in turn support a range of different banks that way. That means those banks don’t have to do a separate integration. We’ve been able to do the same thing with Central 1 in Canada and Worldpay as well.
The second approach we’ve taken is that we focused on how we can maximize the value that we can provide with a minimum amount of data, to deliver value and success very early on but in a way that the investment isn’t a barrier. We don’t need to go and boil the ocean but rather demonstrate immediate results and then over time layer in additional types of data.
Over half of people who are victims of a scam consider switching to a different bank. And 30 percent of those actually did switch. So if we’re thinking about the reasons for banks to invest in better scam detection, it’s not just a matter of preventing monetary losses but also of keeping the customer’s trust so they continue to bank with them.
Grace Klopcic: You recently did a survey of US consumers to learn about the impact that payments fraud and scams have on them. What are some of the findings from it?
David Excell: One of the amazing stats from that was that three in ten consumers or households had lost money to scams over the last five years. That is a lot. Also surprising to me was that although the common perception is that it is the elderly or the retired who are most frequently targeted, the scams were spread across different demographics. In fact, scams are not necessarily overindexed into the elderly or the retired population. The fraudsters target a wider range of sophisticated consumers of financial products than we knew.
One of our other interesting findings was that over half of people who are victims of a scam consider switching to a different bank. And 30 percent of those actually did switch. So if we’re thinking about the reasons for banks to invest in better scam detection, it’s not just a matter of preventing monetary losses but also of keeping the customers’ trust so they continue to bank with them.
Another surprising statistic was that over half of the people who had been victims of scams said their mental health was affected by it, and this affects their behavior as a consumer. When you’ve been deceived by someone like that, you can develop a feeling of mistrust toward everyone, and we see that spill over to consumers’ banking habits. They start to distrust the regular marketing or other communications from their banks, because the customers are suddenly much more conscious of questioning whether the message they’ve received is in fact legitimate. And they start to bank differently. We saw that, for a lot of consumers, after being a victim of a scam, they turn to credit-card-based payment mechanisms for large transactions to get the extra consumer protections and ability to dispute a transaction.
Grace Klopcic: You talked a bit about how you started Featurespace, but we didn’t talk about the fact that you were a student at the University of Cambridge at the time. What was that like?
David Excell: It was a huge privilege to be able to study at Cambridge. It’s such an inspirational place. You walk the same corridors as Newton and Darwin and all of those famous people in history also walked, and you think, “I’m in the same place where they were, so there’s no reason why I can’t do something as amazing as what they were able to contribute to society.” Also, the way Cambridge is organized helps bring together students and fellows from a variety of different backgrounds, and it broadens your horizons. The town has a huge history of entrepreneurship, which also helped with the founding of our business. There is a range of other professionals there who are used to working with small technology start-ups and who support you when you’re starting out.
Grace Klopcic: How have you thought about leadership as you’ve grown the company?
David Excell: I always want to ensure that all of our team are enabled to make decisions for our customers and that they don’t need to ask permission to do what they know is right. When they’re in the moment, having that conversation, they should have the confidence and the knowledge to be able to ensure that they’re doing the right thing for the customer.
I also think it’s important for leaders to be involved with customers and hear their honest feedback so we can understand areas where we could improve in our service. One of the things I’m really proud of is the fact that a lot of the people we’ve worked with as customers have been promoted after selecting Featurespace. This means that our solutions have been successful and that what we have done for them has helped them deliver on their objectives and grow their careers as a result.
Grace Klopcic: The payments security space is evolving rapidly, and analytics techniques are getting more and more advanced. What does the future look like? What is the end game?
David Excell: Change is going to be constant, and fraudsters will always be creative. Not so long ago, credit card fraud was carried out by cloning the mag[netic] stripe on the physical card. Today, when we have contactless chips on cards, the rate of fraud that we see on physical card transactions is extremely low. We’re starting to see the same thing take place for online transactions with the evolution of passkeys and other encryption standards that enable more accurate decisions around determining when genuine activity is taking place or not.
But ultimately the fraudsters are still there. They will innovate too, so the fraud will move somewhere else in the payments landscape, and probably into areas we’re not necessarily expecting. For example, we’re seeing an increase in check fraud, because sometimes the payment rails we’re not investing in are the ones that are going to be most susceptible to losses in the long term. That means we have to stay inquisitive and make sure our platform and technology are agile enough to respond to the fraudsters’ innovations.
Grace Klopcic: Dave, thank you so much.
David Excell: And thank you.
