Member Spotlight: BodyBuilding.com
July 11, 2017
Q&A with Haly Harper
eCommerce Risk Manager at Vitalize
MRC Americas Advisory Board Member
How does BodyBuilding.com continue to innovate and evolve in this era of breaches, attacks and cyberterrorism?
To continue evolving and stay ahead of fraudsters, we are consistently using our data to improve internal tools that protect us from fraudsters and card testers. We also use our data to improve our rule sets, and are currently working on an internal whitelist that will help authenticate the user at the time of check-out to detect, and stop account takeover fraud. We also work with our engineering team to develop in-house tools that protect our site from card testers, and together we have been able to keep these bad actors from abusing our site and skewing our decline and auth-rates. We also utilize the MRC, and other resources to keep up on current industry trends, best practices and the latest news on breaches and attacks. The more information we have, the faster we can evolve and grow.
What is the most common type of fraud you see at BodyBuilding.com?
Bodybuilding.com sees a lot of different fraud trends on our site, but the most common type we are experiencing now is account takeover fraud. The fraudsters have been taking over good customer accounts to have a higher success rate of getting a fraudulent order through. To combat this, we have been building tools internally to validate the legitimacy of the user at the time of the order. We have also increased rules around our previous customers, to deter fraudsters and protect our customers. Historically, we saw a lot more triangulation fraud, but ATO fraudsters have been significantly more prominent in the last year and a half.
What processes do you have in place that protect against fraud, chargebacks, etc.?
We take the safety, and security of our site as well as our customers very seriously. It's one of our top priorities. To protect against fraud, we use a third-party solution provider for our fraud platform and have a highly skilled review team to assess the high-risk orders. Our review team is incredibly accurate, and has been able to deter fraudsters with minimal losses and false positives. We also monitor and analyze our chargeback data on a weekly basis to tighten up our rule set and see where our weaknesses and vulnerabilities lie. For chargebacks, we also utilize Accertify's platform and have been extremely successful in our recovery efforts.
What is one element about your company you would like others to know?
Bodybuilding.com isn't just a company, it's a close-knit family and community. We are colleagues, advocates and above all, friends. Because of this internal support system, we work exceptionally well together. We also offer top rate care to our customers and it is our sole mission to help people reach their health and fitness goals, no matter what they might be. We are very passionate about our customers and they are the reason behind everything we do.
Why are you passionate about fraud prevention?
Fraud is my life, and I love every aspect of it, which is what keeps my passion alive and growing. It's an endless puzzle to try and solve every day, and no two days are ever the same. Also, knowing that I am protecting my company, as well as innocent victims, is extremely rewarding and fulfilling. Over the years, I have heard many stories from cardholders and vulnerable customers who fraudsters have targeted in their scams, and some of them have brought tears to my eyes. Because of this I strive every day to do the best job I possibly can in order to prevent more of these stories from happening.
What do you believe the future of fraud prevention entails? Where is this industry headed?
Right now, I believe our industry is on the cusp of a new age when it comes to fraud prevention. With technology evolving at the speed of light, fraudsters have been able to use new devices and technologies against merchants, banks and companies around the world. The traditional tools that we have been using are no longer as effective as they once were, which has prompted a lot of vendors, and companies, to adopt machine learning and artificial intelligence into their fraud platforms. I don't believe there is one silver bullet to deter fraudsters, or that one solution is better than another, but we will start to see a shift to more account authenticators, even more accurate device finger printing and more platforms that utilize both rules and machine learning. With the adoption of more technology, I suspect that some merchants will be able to reduce the size of their review teams, and increase the accuracy of their reviews with access to more back-end user and device data. The increased popularity of IoT devices, and the risk they pose is also going to add a whole new factor into the fraud game when it comes to information hackers and fraudsters can access, as well as the ease of using these devices in malicious ways to attack companies and infiltrate consumers. With the abundance of compromised information on the black market, fraud isn't going anywhere and will continue to grow at an exponential rate. The industry is headed into a period of unknowns, but luckily with the help of organizations like the MRC, I believe we have the tools and resources to navigate this new era and the industry will stand together to thwart these new attacks.
As a speaker and attendee at MRC London 2017, what was the most valuable part of the conference for you? What was the most significant take away?
The most valuable part of the conference was getting to see the industry from a European perspective. It was the first European event I have attended, and it was truly a great experience. The greatest value came from the sessions, and I brought back a lot of great information and best practices to help our company mitigate fraud and increase our international auth rates on the payment side. As a speaker, the questions and comments were really intriguing because they offered different viewpoints from around the world and expanded the scope of the session. The Women in Payments and Fraud luncheon was very empowering and remarkable hearing the stories of extraordinary women. Besides the plethora of information from sessions, the greatest takeaway was meeting new people and adding to my network of professionals I can reach out to if I ever need guidance, or help with a new issue that may arise.
As a relatively young company, how has BodyBuilding.com evolved since its inception in 1999?
Since the first order was placed on our site in 1999, which funny enough was a fraudulent order, we have evolved from a one-man garage operation into one of the world's largest online supplement companies. We now offer over 13,000 products, have a seemingly endless supply of free content, workout plans, diet plans, forums and our very own social media platform, BodySpace. Most recently though, we have evolved from just one flagship brand into a family of fitness brands. In December of 2016, Vitalize LLC was created which is the parent company for Bodybuilding.com, WeMo, and Verity Brands. In April, Verity Brands went live, a health and wellness site for women, Nourish + Bloom. We are excited to see it grow and help new customers with their health and fitness journeys. We have learned a lot over the years and have experienced a lot of positive growth. I am excited for the plans our executive team has and am glad to be a part of this new endeavor.
Find more at BodyBuilding.com.