Experience the ultimate flexibility with the Isolation API, allowing you to securely Quisque pellentesque id ultrices lacus ornare elit vitae ullamcorper. Learn More

What is a trust and safety team? What's their mission? How are trust and safety online investigators different from payment fraud and ATO? Learn it all here

In recent months (some sources suggest years, but it’s definitely picking up now), many companies have moved from referring to their efforts to minimize payment fraud and stopping account takeover (ATO) as “fraud prevention” to positioning it as a “trust and safety” function. So, is the new term just about putting a positive spin on the same old task, or is there something new about focusing on building a culture of trust, as opposed to chasing fraud? Is it just about fraud prevention? Let’s try to unpack it.

High quality and safe experience for all

It’s not just finance and digital commerce organizations that established trust and safety teams. Do an Indeed search for trust and safety jobs, and you will find a wide variety of companies looking for strategy and operations personnel to take on tasks that have to deal with the safety and integrity of their products and services.

  • Social media giants are focusing on controlling content abuse, user-targeted scams and marketplace stolen or counterfeit goods;
  • Food delivery apps need people to help assure personal and property safety of their customers and contractors;
  • Software companies are hiring engineers to design features for their platforms to safeguard the privacy of communications and transactions.

The common theme among the many diverse trust and safety teams is that they are all focused on identifying and resolving potentially harmful situations, mitigating risks, and establishing a foundation of trust between all parties interacting on their platform or using their services. Trust and safety is about building a culture of care, protection, respect for privacy, stability and a positive experience for all — customers, user communities and partners.

Learn more in this blog: What is trust and safety? >

An ounce of prevention

Much of a fraud team's activity occurs after the fact — an account has been breached, credit card numbers stolen and resold on the dark web, customer names hacked from a database, etc. The job of a fraud investigator is to follow the leads to try and figure out the identities and locations of perpetrators, find out how they got in, and what their intentions are. Again – all of this typically occurs in response to an incident that has already happened in an attempt to contain it as much as possible and minimize the damage that’s already been done.

Trust and safety, on the other hand, is designed to focus on preventing negative experiences through policies and process improvements and goes beyond a fraud-only view. It’s more about deterrence than risk mitigation; it’s putting in place systems to deter bad actors, rather than dealing with the fallout from incidents. But when incidents happen, trust and safety teams need the resources and tools to investigate and take action quickly.

Trust as a way to streamline a customer journey

American President Ronald Reagan learned the Russian proverb “trust but verify” and used it many times in meetings with his Russian counterpart Mikhail Gorbachev. The old adage is still very relevant today, in many aspects that require trust.

Gartner analyst Dr. Akif Khan addresses the convergence of trust and safety and customer experience functions:

“... Focus needs to shift to wherever the customer meets the brand (think of it as “the B2C perimeter”) – whether that’s on your infrastructure (your website, your app, your contact centre) or not (copycat domains, social media, marketplace sites selling counterfeits etc).”

Khan describes how trust can lessen the friction between a vendor and a customer and introduce special, personalized elements to the customer experience, like one-click checkout and bypassing two-factor authentication at login for clients who have reached a certain threshold of trust.

Knowing whom to trust

In some cases, determining whom you can trust (or not trust) is relatively easy. A new customer with a nonsensical email address who has made a large number of small purchases in a short time frame is automatically flagged. The customer can still try to process the latest purchase but would need to speak to a customer service representative to explain the situation first. Maybe it’s a legitimate situation, maybe it’s a case of fraud.

And while it may be easy to spot deception in some cases, many circumstances require the trust and safety teams to conduct deeper investigations in response to system flags. Researchers need to monitor online activity, keep an eye on marketplaces that are known to sell counterfeit goods or stolen information, and even observe what’s happening on dark web forums where criminals are known to congregate. Sometimes, it means engaging with bad actors directly, going undercover, to get to the bottom of what they are planning.

Trust and safety really boils down to the team’s ability to identify potentially harmful situations, respond to them in a timely manner, monitor user activity for actions that don’t meet security or acceptable use requirements, and setting up policies and safeguards for an environment of trust between all parties involved.

Learn more in our blog: Why trust and safety is a risky business >

About the Author

A8 Team
A8 Team
Contribution Team U.S.A.

Authentic8 Team is a group of cybersecurity enthusiasts, investigation sleuths, top-notch engineers, news junkies, policy wonks and all-around fervent writers hell-bent on bringing you the best darn blog in the industry. 

Related Resources

blog
blog

Go-to tools for trust and safety analysts

As the volume of trust and safety issues increases, analysts need the right tools to efficiently conduct successful investigations.

blog
blog

What is managed attribution, and how does it improve online investigation?

While many OSINT researchers recognize the need to avoid tipping off their targets, they're still fuzzy on the specifics of managed attribution.

White Paper
White Paper

Empowering trust and safety teams

Learn the risks trust and safety investigators encounter in online research and what's needed to counteract them.

Close
Close