08/22/2017 | Episode 4
Kevin Lee is a Trust & Safety Architect at Sift Science.
Paul Rockwell is the Head of Trust & Safety at LinkedIn.
Evan: Welcome to “Trust & Safety in Numbers,” presented by Sift Science. I’m your host, Evan Ramzipoor, here today with Kevin Lee, Trust and Safety Architect at Sift Science and Paul Rockwell, Head of Trust and Safety at LinkedIn. Thanks for joining us. Today is part two of a two-part episode about building your fraud and risk team.
But before we get to that, let’s warm up with a fast fraud fact. Did you know that the Nigerian prince scam in which a benevolent royal agrees to split a million dollars with you if you hand over your bank account info is older than Nigeria? One of the first recorded instances of it dates back to 1876. For more ways fraud hasn’t changed since the 19th century, check out the Sift Science blog. Now, onto the episode.
Cool. So, let’s talk about the practical, like, nuts and bolts of building your fraud team or your trust and safety team. What are the main attributes or characteristics that you look for that you see in individuals on your team? Let’s go to you first, Paul.
Paul: Great. See, I agree with a lot of the stuff that was just said. I think different companies take different approaches to building trust and safety teams. But the way that we’ve approached it here at LinkedIn, talent is the number one internal operating priority. Making sure we’re getting the right people is vital to us being successful as a company. But in the trust and safety space, we’re looking for people that have experience with different types of fraud and abuse because having a platform like we do, user generated content is a little bit of a Wild West.
You should expect to have just about any type of content material show up on the platform, many different types of abuse, many different types of attacks. And having well rounded, experienced people helps you respond in a more cool, calm, collected fashion, and enables us to at times get ahead of some of the issues that we believe are gonna come. So, it’s essential to look for folks that have experience in different areas of fraud and abuse while also trying to grow and develop people, different areas within the company.
So, we have a payments fraud team, we have a content enforcement team, and a series of different teams, investigations, intel, etc. And we’re continually trying to grow and develop folks across all the different lines so that we can have some strength and knowledge across the different things that may pop up. It’s been really effective for us in being able to grow the employees from one team to another and respond quickly to issues.
Kevin: I’d say in terms of the diversity of the team, I agree talent is crucial. No one really studies trust and safety or abuse in school. So it’s not like something you can study as a trade and then suddenly move into. I’ve never really looked at someone’s educational background as a decisive factor like, “Yes or no, we wanna move forward with this person.”
In terms of personality, characteristics or attributes, I’d say, one is being proactive and also another would be around inquisitive. And so our end users, not necessarily the customers that we’re serving, but our end to end users, as in the fraudsters that are actively trying to avoid our systems and the processes that we set up, they’re essentially trying to work around us everyday and avoid contact.
And because fraud and abuse tends to shift, because once we decide we have a rule or a model in place to solve one particular issue, fraudsters will respond and change their attack vectors and patterns as well. And so, it’s imperative that the team is proactive in terms of looking for kind of new abuse types and also inquisitive in terms of not taking things at face value. Those are two characteristics that have definitely been woven into the DNA of any operations person and PM that I’ve worked with.
And also having I’d say, almost an adversarial mindset when it comes to working with our end to end users out there, those fraudsters where if you come from a customer service background for example, it’s a very different mindset where you and your customer wanna work together to kind of get the most bang for your buck or whatever you’re trying to optimize for. Whereas the relationship that we have with our kind of end to end customers is really much more adversarial and that mindset can be hard to vet during an interview process. But it’s also kind of a key mindset that I look for in terms of experience for anybody that I work with.
Paul: And I think that’s…
Evan: I like that adversarial mindset. Go on, Paul. Sorry about that.
Paul: Yeah. I was just gonna say that those are great call outs and it is challenging to screen for some of these things. We’ve gotten to a point where we do panels asking…we will present a problem to a candidate and ask them how they think about solving the challenge, what are some of the questions, and what is the data that they would look for in trying to better understand the nature of the issue. And it’s a little bit of a test to just see how they approach different problems that we have here. Because you’re right, I mean, it requires a little bit of a special personality type.
And to that end I did a post a few months ago asking folks in the space how, like, “What’s one word that would describe you?” And, you know, “curious” came in at the top, “paranoid” was another good one, you know, “hunter,” because these guys have this innate nature of just trying to find the bad guys. And that, I think, goes to your comment to the adversarial relationship. It is adversarial. On the other hand, we’re trying to create a positive experience for the rest of the folks in the environment because of the adversarial relationship we have with the bad guys. So, it’s a very unique dynamic and being able to strike that balance is not easy.
Kevin: And Paul, I was curious, from an interview standpoint because it is difficult to vet for these kind of characteristics in a 30-minute interview or 45-minute interview, are there any questions that you look to or your go-to questions when you try and probe for this information?
Paul: Sure. And I think it depends on the role. But in some of the some of the teams that required the broadest mindset in terms of approaching problems and challenges right out the gate, you know, kind of an easy go to is what are the types of problems or abuse challenges that you think LinkedIn is dealing with. And it really requires them to have done some homework, but show their creativity and what are the different ways that LinkedIn could be abused. And, you know, we have a number of different segments where people try and chip away at defenses or go around. It’s really just trying to see where their head is at and how much they’re thinking about the different types of fraud and abuse.
Kevin: That was actually one of the types of questions I used to ask for when I worked on the Google Wallet side of things where anybody I would interview, I’d ask them…we’d essentially do a role play and say like, “Okay. Let’s say you have 1,000 stolen credit cards at your disposal and your objective is to get as much money or extract as much funds as possible from those cards, how would you do that using our platform?” And really it was always good to hear what they had to say in terms of… I would sometimes or oftentimes get some pretty, like, intuitive or really interesting approaches on how to funnel these funds out which was, like, great for me just as a person in the space to kind of learn about and think about.
Evan: I find this really interesting because I didn’t even necessarily know that a fraud analyst was a job title before I started working for Sift Science, which leads me to wonder, what’s a typical career path that a fraud analyst follows? How do people usually fall into that type of role? Paul, would you like to go first?
Paul: Sure. Kevin is right. There’s no formal training around trust and safety type of roles, at least so far as I’ve encountered. So, you know, oftentimes within a company can organically grow out of a customer service, customer operations type group where one person will start to see fraud and abuse, and they’ll be the one tasked with managing it, then it becomes three and five and then all the sudden you need a manager, and then they start…it spreads. You start to notice all the different types of abuse.
Kind of rewinding back in history, in 2005 I was at eBay and PayPal, and we saw a pretty substantial amount of, you know, attempts for abuse. But I think eBay and PayPal did a fantastic job in really blazing the way for trust and safety and overall risk management in the space because they help grow and develop people, pull people into a whole bunch of different careers to help tune towards this upcoming wave of cyber crime.
And so, nowadays, what we’re looking for is folks that have either dabbled with it at, you know, the beginning of their career or they’ve made a shift into a risk type role. And there are a number of different capacities. And at some point in time we’ve had folks in completely unrelated parts of the company that want to rotate in or want to do shadowing, and they don’t really have any day-to-day role that requires it, but this is the next step in their career.
They’ve made the decision, like, this is as interesting as it gets for, you know, fraud and cyber crime and they really want to start building their skills. So, we’ve had a little bit of a rotation program where we help educate and inform employees. And, you know, we also do brown bags, sit down, and educate folks around things that we deal with so that we also gain internal partnerships. So, even if they aren’t interested in moving into the trust and safety space, they are informed and know who to reach out to if something goes sideways.
Kevin: Yeah. Those are some really good kind of points. In my past experience terms of the evolution of where to find folks, customer service was definitely one of those stops where before a company even has a fraud team, I’d say it’s safe to say most companies don’t launch with the fraud team. It’s usually that they start noticing some anomalies or some sort of abuse on their platform, and they think to themselves like, “Oh, crap. I need to do something about this. Hey, Joe, on the customer support side can you spend 20% your time digging into this?” And then as they peel back kind of the layers of this onion and then you begin to expose how deep and pervasive this type of abuse is, then your team kind of grows from there whether it’s 40% time, 80% time, we need like, three full time people on this kind of thing.
The reason why customer support tends to be a good area to start with, one, I’d say, you still want to have that customer empathy built in and plus they should know the product quite well. And so, you have a leg up from that standpoint. You don’t necessarily need to ramp that person up on the company, and values, and the objectives. That personality and those traits are already there. But now, you to shift more towards a kind of abuse mindset and that transition tends to be easier in terms of a proof of concept. And also they already have rapport with folks across the company and so, that makes it easier to launch from there.
I’d say over the years, one thing that has changed in terms of the make up of the team and this is especially true when I was at Facebook where originally, we were focused a lot on customer by customer or user by user, and taking action that way. And as the company grew, we just couldn’t keep up with that type of scale. And so, as a result the team actually became more and more technical to be able to not only take action on one account, but thousands of accounts at a time.
And this is on the operation side like, eng could always always do that. But as the fires grew and became more pervasive and engineering was certainly helping out on the largest fires, but day-to-day if we’re only talking about a few thousand, and that’s like literally a few thousand is not that bad in terms of Facebook scale, we would need to be more tactical to basically be able to take action on these, like, large swaths of accounts.
Evan: So if you’re drawing from all of these different teams and all these different other careers basically to build your fraud team, does that make it challenging to work as a cohesive unit or does that make it easier or is it some combination of both?
Kevin: I’d say, it’s always important to have that diversity and so, even within an ops organization, you want the super creative thinkers, you want the folks that are the naysayers to some extent, and the contrarians. You want folks that are able to just crush the queues and kind of get through a lot of reviews, folks that are great at project management, some folks with their head in the clouds a little bit, like, you want that diversity that only strengthens your team. Now, it does take strong leadership in terms of communication is paramount. Ability to work well with others and basically, don’t be an asshole is also a crucial characteristic. But having that diversity ultimately is a good thing to make sure that your team is flexible enough to respond to different types of events.
But also when it comes to even internal growth and career growth, you don’t necessarily want everybody gunning for the same position. You wanna have that kind of spread out a little bit more so people can grow without having kind of the thought of like, “There’s only one position open. There’s five other people on my team and everybody wants it.” The fact that people have different interests and skill sets, you somewhat avoid that scenario, which can be easier from a managerial standpoint.
Evan: Is it the same in your experience, Paul?
Paul: Absolutely. And I think one of the things we’ve really honed in on is communication between the teams. I’ve been in organizations where the communication between that front line ops team and data science or engineering isn’t as tight as it could be and it’s caused a little of a rift between organizations. And thankfully we’ve taken a different approach here at LinkedIn where teams sit on the same floor in the same building and, you know, we can walk over, talk through some of the issues, make sure that we’ve got great exchanges of information. For our remote teams, you know, we have dial-ins so that everybody is able to share updates, and communicate what’s coming next. It’s made this a really great opportunity for us to ensure the right information is getting to the right person at the right time and, you know, it is seeing that interest in other teams within the broader anti-abuse umbrella.
Kevin: And I think that we’ve seen that as well. Even when I was at Facebook and Square, eng, ops, PM, we all sat together in the same area and so, we could have those ad hoc conversations as needed. From an ops career progression, we definitely had folks move from the operations org to like the PM org for example, all within this kind of anti-abuse organization which was great to see. And also the ability to have shadow time, and kind of have those conversations and interactions was pretty crucial.
I’d say that definitely became more of a challenge as soon as the company grew and we had offices in India or Dublin or other parts of the world, those communication lines became a bit more strained. And so, we had to be a bit more creative on how does the team get together, how do we communicate more effectively but also enable the distributed offices to have their own unique culture and independence to do what they thought was right.
Evan: That was Kevin Lee, Trust and Safety Architect at Sift Science and Paul Rockwell, Head of Trust and Safety at LinkedIn. Thanks for joining us on “Trust & Safety in Numbers.” Until next time, stay vigilant, fraud fighters.
Learn more about what sets Sift Science’s machine learning apart.
With billions of compromised credentials already in criminals’ hands, how do you protect your users’ accounts, your brand, and your bottom line?