The Locations Card can be found on the review page in the Sift Science Console. It compiles all locations associated with a single user account to help the fraud analyst during fraud reviews. In 2017, after the Cardification project, we updated the design of the Locations card to better synthesize location data and accomodate other instances of fraud aside from payment abuse.
The locations card in context of the review page.
Why focus on locations?
Analyzing an account’s location is a core part of the fraud review process and can be key evidence in determining whether or not an account is committing fraud. From a survey sent out to our managed customer accounts (~150), we discovered that:
of surveyed customers put IP locations in the top 3 attributes they review
of surveyed customers said they refer to the locations card during review
The original cards
While the review page had a locations section, there were a couple issues with the original design:
• First off, locations were split up into 2 sections, where billing and shipping locations were on one map and IP locations were on another. Putting these locations on 2 separate maps made it difficult for the fraud analyst to see the distances between those locations.
• Secondly, we were only able to depict billing, shipping, and IP locations. That meant that we were unable to support Customers who sent us other location types like listing locations or locations of booked venues.
• Thirdly, there were many visual elements that we wanted to update. We found the location pins too difficult to differentiate from the map and we wanted to introduce more functionality to the map itself.
The original location section was split into 2 cards.
Before I even started to sketch out ideas, I, alongside my product manager, first took a step back to really define the purpose of this card. How do fraud analysts use locations during review? Why is it such an important part of the process?
We spoke with some of our customers and former analysts-turned-Sift-employees to help answer those questions. What we discovered was that fraud analysts are really trying to answer these 3 main questions while analyzing locations:
Is the user account who they say they are?
Is the user lying about their identity in some way? Do their shipping and billing names match?
Does the user account’s behavior make sense?
Is the user moving at a humanly possible pace? Are they in consistent locations?
Do the locations they associated with the user account make sense?
Are they shipping goods to a real home or a reshipper dock? Is the listing posted for an actual apartment?
Once we knew the questions we wanted to answer, I started conducting some light research to help determine the scope of this project. What kind of location types were we going to support moving forward? What use cases should we be focusing on?
We broke down every location into 4 major location types to make things more manageable:
Location of the payment method, like billing addresses or credit card issuing country.
Location of where the user needs to be to redeem the good or service, like shipping addresses or the venue of a concert booked.
Point of Access Locations
Location of where the user was seen at, namely IP locations or geo tags.
Location of the content the user has posted, like an apartment listing address.
DEFINING USE CASES
We created cards for each use case (and customer examples) to better understand how locations were used together.
Once we got a better understanding of each location type, we studied how they could be used by our existing customers. We were able to break it down into a couple main use cases:
Retail (Physical Goods)
These customers, whether a peer-to-peer market or direct to consumer, typically had billing, shipping, and ip locations. Knowing where the goods were being shipped (and who was footing the bill) was especially important.
Retail (Digital Goods)
Customers with digital goods don’t normally have any shipping locations, as the good is simply delivered digitally. That means that the fraud analyst normally just has the billing and IP locations to go off of.
Events, Travel, Experiences
Customers in this space that handle event venues or travel spots often see certain locations as signs of fraud. For peer to peer marketplaces, those event venues can be viewed as listing locations.
After getting a full understanding of how locations filters into our customer’s workflows and fraud review, I got started figuring out how to visualize all of this. We went through a lot of different iterations before selecting a final design. None of the designs below made the cut, but a couple customers got to give us direct feedback to help us narrow down our designs.
THE FINAL DESIGN
Location Pin Details
The location pins were all designed very deliberately. We selectively chose colors that avoided the “risk range” so that the locations wouldn’t inherently have a risk connotation to them.
We went with a customized, desaturated map because we wanted to draw attention more to the individual pins. Within the map itself, every pin can be clicked to reveal a street view hover. This feature can be particularly useful for fraud analysts to determine the legitimacy of a location. For example, does the address actually map to a home? Or to a reshipper’s lot?
To make sure the map never got too visually overwhelming, we introduced an opacity fade, where the newer locations stayed opaque while older locations became more faint. Typically, the older a location is, the less useful it becomes during a fraud review (since analysts tend to review recent activity).
All location details are presented in a table so that analysts can quickly scan across to find matches. We included a name associated with each location as fake names are often indicative of fraud. Each location also comes with a frequency count, to get a sense of how often a location is used.
The new cards are beautiful! And so much more useful than before.
The new orders card. I love them! Huge improvement.