Too much power in the hands of too few

Explainers

Too Much Power in the Hands of Too Few

March 3rd, 2021

In the effort to protect our online transactions, have we ceded too much power to too few? Is Sift, whose algorithms protect corporate behemoths from McDonald’s to Twitter, merely a free-market version of China’s intrusive Sesame Score? What is the cost of safety?

Online shopping may be pervasive, but it isn’t without risks. Credit card fraud, for example, is on the rise each year, eclipsing $30 billion annually, with the majority of the fraud impacting United States consumers. The COVID pandemic has only made things worse: April 2020 saw attempted fraudulent transactions increase by 35 percent.

One company is positioning itself as the answer: Sift, a technology security company founded in 2011. Sift’s stated goal is to eliminate fraud on the Internet by utilizing machine learning to combat illegal and suspicious activity. Sift claims that the average business partner sees an approximate 50 percent reduction in payment fraud.

One of Sift’s most prominent assertions is that good users shouldn’t have to be penalized for the work of criminals. In other words, everyday users shouldn’t be forced to authenticate themselves to an extreme degree. Sift claims it’s able to separate the good users from the bad users in virtually every circumstance due to their website activity. On paper, it’s a great thing, and indeed, it may help to keep the Internet a safer place.

However, there are some significant privacy concerns at play. If Sift is able to interpret user activity to determine if someone is a regular user or a hacker, how much data is Sift really tracking about Internet users? Where is that data being stored? What happens if that data gets released?

The questions don’t end there. Because Sift is so pervasive and works with so many large retailers, it’s privy to a lot of information. Sift’s machine learning makes ample use of this data, constantly creating and evolving user profiles on the back end. It’s not dissimilar to China’s Sesame Score, which is essentially an all-encompassing rating that combines credit scores with social factors. That rating can then be used to exclude individuals from certain parts of society. Sift’s intentions don’t seem nefarious. But who’s to say Sift can’t decide one day to deem certain user types as fraudulent and ban them from making online transactions? Is that too much power for one company?

So far, Sift’s work has helped businesses to save billions. But the potential for a data organization like Sift to amass too much power is real. A catastrophic data breach or a malfunction of Sift’s machine learning to go haywire would lead to chaos in the world of online transactions.

. . .