ThreatMETRIX - Security for eCommerce Applications

Wednesday, August 20, 2008 , , , , , ,

Today we showcase an exciting and a successful venture co-founded by David Jones in 2005, ThreatMETRIX - Security for eCommerce Applications.

In a recent email based interview with David, he gave insights into his venture and how he is progressing with it. This is what he has to say:

• Please tell us about your venture/company?
We created ThreatMETRIX to deliver a new layer of security protection specifically for the explosive growth of eCommerce transactions. With growth of over 20% pa of on-line credit card transactions and web 2.0 application now monetizing, the fraudsters have taken advantage of their anonymity on the internet to steal credit cards, fraudulently purchase products and launder money. ThreatMETRIX delivers intelligence to eCommerce sites to detect both good customers and fraudsters using stolen identities.

• Who are the people behind this and how it started?
The founders and core team previously built security products for Surfcontrol (now WebSENSE) - we saw the use of botnets and compromised hosts were how on-line criminals were hiding their identities when committing fraud. The company started out as SpamMATTERS, a product we delivered to the Australian Federal Government (Australian Communications and Media Authority) to track phishing and spamming operations.

• How long it took before it was up and running?
We spent 2 years in research and development to build out the technology and intellectual property to solve on-line eCommerce transaction fraud. During that time we spoke with some of the largest eCommerce players on the internet and listened to their challenges and unsolved problems. Its true that there is no silver bullet for fraud but we think that by bringing our security expertise to a marketplace with a large unsolved problem - our products are the next generation in online commerce protection.

• What services it provides it for consumer or customers?
The ThreatMETRIX mission is to help eCommerce sites deliver increased revenues by sorting the good customers from the fraudsters whilst reducing the infrastructure costs to achieve this. In total our customers are impacting about 20% of US credit-card transactions.

• What type of customers you are targeting?
We have two products:
1. For small and SME merchants and eCommerce players, we provide a SaaS based fraud solution, by adding our technology with just a few lines of code, they can be up and running – reducing fraud and increasing revenues. All that is required is browser-based login
2. For larger merchants and payment gateways we deliver a Web Services API that can easily be added to existing payment and fraud systems. Again – integration is simple and fast.

• What sort of marketing you are using to spread the word?
Marketing to-date has been primarily direct prospecting, trade-show attendance/speaking and SEO/SEM, the companies has been growing the US-based executive team and no doubt that will change as we explore how to fast-track merchants through our SaaS signup service.

• How are you measuring the success of your venture? Are their any special mechanisms/tools in place to monitor the progress?
The best way to measure success is the value to our customers: if we deliver a % uplift in revenue or slice their fraud rates in half, these metrics are the main things that matter – from there revenues flow. Because of this our monetization model is primarily transaction-based but there are a number of models that can apply – I’d love to talk about them but then I would have to shoot you :)

• What are the main technologies used behind this venture?
The main technologies behind the ThreatMETRIX solutions is what is called Device Intelligence, this deliver the edge that merchants need to have more visibility in the transaction we combine this with a multi-tenant SaaS platform that uses a highly scaled rules engine. All this is implemented on open source platforms using C++ for core systems and perl for user interface. We’ve avoided trendy things like ruby and flex because ultimately we are solving business solutions rather than creating a web2.0 app.

• What’s your thought on being an entrepreneur? How tough it is to start a venture in Australia?
I think your questions on entrepreneurship in Australia are the most interesting.....
Yes, its tough to start a global company in Australia, there are challenges in VC funding availability, large enough market of customers to prove-out your technology and a deep enough pool of skills and experience. In our case, most customers who have scaled enough to have significant fraud problems are in the US, Asia or Europe, this means that we spend a lot of time in the US and in fact we shifted our HQ to Palo Alto in March.

• How often do you catch up with others trying similar things and where do you catch up? Do you have dedicated communities in your city?
Networking with others in the SF Bay area is where real value comes, whilst there is courageous and driven people in Sydney, the breadth of expertise and experience in the bay area dwarfs the opportunities available locally.

• What do you think the government (federal and state) should do to improve the culture of innovation and the IT industry?
I truly regret the Rudd governments decision to put on hold the Commercial Ready program, this is a powerful counter to the venture challenges that Australian Innovation has and I fear that the government thinks that putting computers in schoolrooms all that is required to be a “clever-country”. ThreatMETRIX, leverage some grant funding during our R&D phase and this enabled us to later attract VC funding approximately 10x the grant – this is valuable because the grant process is competitive I don’t believe it is a wasted government spend. On the contrary but pausing the grant program, I imagine several Australian innovations that would have created jobs have now “died on the vine”. Our country’s leadership needs to recognize that neither sheep nor mining will be a sustainable basis for a robust future economy and innovation needs to be supported otherwise our smart graduates will drain to the US, Asia or just get a job at the banks – and we know what innovators banks are – not!

• Do you have any advice for people who want to start their venture?
I would recommend any OZ entrepreneur to place themselves (a) where their target market is, (b) where the specialists to build the business are. For example if I was building a groupware or telecoms company then Boston makes sense, for Bio maybe San Diego but for internet and clean-tech the south bay area is an absolute must regardless of the cost. Likewise, access to mentors is best sought in the field that you specialize in.

Mr. Jones co-founded ThreatMETRIX in 2005 and has been the CEO since inception. He has more than 15 years experience in technical and management roles within the software industry. Prior to co-founding ThreatMETRIX Mr. Jones founded SpamMATTERS delivering products used by Federal Government enforcement agencies for tracking Phishing and Spamming operations.
At Surfcontrol, he was VP of Global Research, a leading internet content filtering company that has most recently been acquired by WebSENSE. Among his major achievements at SurfControl was the management of the Email Filtering and flagship anti-spam solutions generating over 30% of company revenues.
Mr. Jones arrived at his position at SurfControl when EmU Tech, another company he founded, was acquired by SurfControl in 2001. Mr. Jones holds a B.E. in Electrical Engineering from the University of Technology, Sydney. with offices in Palo Alto California and Sydney Australia.

Thanks David for sharing your thoughts with us. All the best for future.

For coverage on other Australian startups, innovation,
analysis, tech trends, check this out and our coverage on interviews can be found here Digg! My StumbleUpon Page

No comments: