Stripe acquires Bouncer, will integrate its card authentication into the Radar fraud detection tool

On the heels of a $600 million fundraise earlier this year, payments giant Stripe has been on an acquisition march to continue building out its business. In the latest development, the company has acquired Bouncer, a startup based in Oakland that has built a platform to automatically run card authentications and detect fraud in card-based online transactions. Its technology is tailored for mobile transactions and includes a flow to help users authenticate themselves if they are mistakenly flagged, to come back into an app legitimately (hence the name).

Terms of the deal are not being disclosed, but Stripe is acquiring both Bouncer’s technology and the team, which will be integrated into Stripe Radar. Started in 2018, Radar is Stripe’s AI-based anti-fraud technology toolset, and most of the tech — which is focused around preventing fraudulent transactions on the Stripe platform — has been built in-house up to now. Stripe says that Radar already prevents “hundreds of millions of dollars of fraud for businesses” each year.

“Bouncer is a great tool for modern internet businesses. It allows them to quickly identify stolen cards, while also ensuring legitimate customers can transact without being blocked,” said Simon Arscott, business lead for Stripe Radar, in a statement. “We’re thrilled to welcome the Bouncer team, and their years of experience building payment authentication software for businesses, to Stripe and to enable their technology for Radar users. With the addition of advanced card scanning capabilities, Stripe Radar will be able block more fraud and further increase revenue for millions of businesses around the world who rely on Stripe.”

The deal comes a couple of weeks after Stripe announced the acquisition of TaxJar to bring cloud-based sales tax calculating tools into its payments platform.

Like Stripe itself, Bouncer was incubated at Y Combinator, in its case as part of its Summer 2019 cohort. In addition to YC, it had raised funding from Commerce Ventures and the Pioneer Fund, but had never disclosed how much it had raised in total.

Not to be confused with the Polish marketing technology startup Bouncer, which provides bulk email verification, Oakland Bouncer was co-founded by Will Megson (CEO) and Sam King (chief scientist), who between them have an interesting pedigree when it comes to identity verification, from academia to working at fast-scaling companies in categories that have been some of the biggest adopters of verification technology.

Both previously worked for years at on-demand transportation service Lyft in fraud, identity and payment management. Before that, Megson was at Groupon; and King, in addition to holding a position as an associate professor of computer science at UC Davis, worked at Twitter on account security, founding the fake accounts team.

Groupon is among the customers that Bouncer currently works with, alongside OfferUp, ibotta and Dealerware. Bouncer will keep its current service and customers up post-deal.

Radar is currently sold in a number of tiers, ranging from free to 6p per screened transaction, depending on how it is being used (there is a more basic machine learning tier, and an enhanced tier for fraud teams, and the price varies also depending on whether customers are using Stripe’s standard pricing fees or something else). Stripe also offers a chargeback protection service priced at 0.4% per transaction, as well as analytics tools for Radar customers to get an overview of what is going on.

Stripe says that Radar has blocked more than $1 billion in fraudulent transactions since it was launched.

Bouncer is also currently priced at different tiers, ranging from free to $.15/scan for its basic solution, or a custom price for its more tailored services.

Integrating Bouncer’s card scanning and risk technology into the Radar stack will both sweeten the deal for people to buy those services from Stripe, but also make the tools more effective.

As Stripe describes it, when Radar flags a transaction, Bouncer’s card screening and verification technology will kick in as a “dynamic intervention” to confirm whether or not a customer had a legitimate card at the time of the transaction. This is done to help reduce false positives, which are more frequent in high-risk transactions (such as those for big-ticket items, or if a person has been making several transactions in quick succession, or other payment activity that just comes up as unusual in systems).

We’ve been in a wave of new authentication technology that includes things like biometrics and other innovations, but Bouncer takes an approach that is less high-tech at the point of ingestion — needing only a phone’s camera and the card that the customer is using. When a transaction is flagged up and sent to Bouncer for verification, Bouncer works by requesting a picture of the payment card (which can be based on any payment card type and can be a low-light picture).

It then runs that through its PCI- and GDPR-compliant system to see if it’s stolen or real. If it’s real, the transaction continues; stolen and the transaction is cancelled. The whole process can take less than a second (not including the time it takes you to take a picture, of course).

For Bouncer, the idea is that Stripe’s machine learning engine will in turn help Bouncer become more effective.

“I’m excited that we’ll be able to scale our advanced card-verification technology across the Stripe network to help businesses grow their revenue while further reducing fraud behind the scenes,” said Will Megson, CEO of Bouncer, in a statement. “The same signals that Radar learns from will make Bouncer more effective, and Bouncer will, in turn, make Radar more effective. We couldn’t be more excited to join the Radar team.”

Stripe has made a number of acquisitions over the years to bring in key pieces of technology, and in one case — when it acquired PayStack in Lagos (another YC alum) — to help Stripe enter and serve merchants in Africa and more emerging markets overall.

At least two of these have been made in aid of bringing on technologists and technology to build out its compliance and authentication tools. In 2016 Stripe quietly acquired Teapot, a Silicon Valley startup that had been working on APIs for identity verification, trust, credit and other tools needed in financial transactions. Its co-founders spent some years at the company before moving on to other things.

In 2019, Stripe acquired a startup out of Ireland called Touchtech to bring in technology to prepare for Strong Customer Authentication regulations in Europe.

The need for better, more sophisticated tools to ensure online transactions are legit is not going anywhere fast. Malicious hacking — and the consequences that has for obtaining personal data that can be used in consumer fraud — continues to be a persistent threat. And in the meantime, e-commerce continues to become an ever-more mainstream activity, widening the pool of consumers and the chances of things going wrong.