Nanoleaf is an IoT technology company that specializes in spectacular LED lighting panels that give you full control over how to arrange millions of colors in your home or office space via integrated, touch-control sensors. With its philosophy of “Smarter by Design” it has transformed smart lighting to “meet your needs every moment of every day”.
Paul Austin-Menear, Nanoleaf’s Director of Digital Strategy, chatted with us about how the company goes about protecting its unique product against opportunistic fraudsters. Our wide-ranging discussion covers topics including eCommerce false declines, what it looks for when deciding which of the top eCommerce fraud protection solutions to use, advice for how to fight chargebacks, and more.
1. I had never heard of Nanoleaf, and then I went to your site to research for this interview and….wow this is a really cool and unique product. Can you start off by telling us a little bit about the inspiration for creating it? What is the coolest thing you’ve ever seen someone do with it?
Our first smart lighting panel was dreamt up on a redeye from Toronto to Hong Kong in 2015. At the time, we had an office here in Toronto, an office in Shenzhen (China) and a small sales office in Hong Kong. In the middle of the night and 30,000 feet over the Pacific, our CEO (Gimmy—pronounced ‘Jimmy’) saw the wisps of an aurora borealis on the horizon. He was half asleep, but that moment looking out the window stuck with him. He knew he wanted to create a light that could capture that beauty painted across the sky; something to recreate that natural light inside. Essentially, a piece of technology inspired by nature. When a passing flight attendant asked if she could get him anything, he pointed out the window at the wispy colours and said ‘I want that on my wall!’
She brought him black coffee.
The next day, he told our COO (Christian) and CTO (Tom) about the whole encounter, and they had a good laugh about it. Being close friends since their university days, someone else may have scratched their head – but the three understood each other like an old married couple.
The team in Shenzhen had been experimenting with some new hardware, and it dawned on them over the next few days that we could take our existing LED technology and smush it down into a triangular flat form factor instead of making another lightbulb. In consumer IoT, this had never been done before, so it got the entire team’s attention and we all hopped on the proverbial bus.
From there, we created prototypes to demo at the Consumer Electronics Show in Vegas, organized countless hours of product testing with customers and started to pivot our entire company towards this new technology (we like big bets, and this one paid off). We released a square version called the Canvas about six months ago, which features a new optical configuration and sensors that respond to touch. You can literally create a wall of light that turns on or off with a double tap as you walk by… it’s endlessly entertaining.
One of the things that I absolutely love about our community of customers is how creative they are, and how much they enjoy sharing their creations with the rest of the community. There are some great photos on our Instagram feed, but here are my top three:
Our friends at Muse meditation headbands partnered with a yoga studio to create a three dimensional light pyramid that syncs up with your brain activity, for an entirely new out-of-body meditation experience:
One of our customers created an absolutely amazing gaming and media setup that flows from wall to ceiling (we have Flex Linkers for corners) to accent a row of screens:
Another customer blended a tranquility flower design into her home decor, and shared a really adorable photo of her family (Corgi included) chilling underneath it:
2. Unfortunately, being a “cool, unique” product often also means attracting fraudsters. Can share a good story about the most creative fraud attempt you ever encountered?
One case that sticks out in my mind from mid-2016 isn’t what I’d call creative, but it sure was audacious. A buyer whose IP address pinged in South Africa attempted to order several thousand dollars worth of products. Our fraud assessment tools identified a number of high risk factors and algorithmically declined the payment, cancelling the order. Eventually they contacted us, demanding that we honour their order and ship the items they’d paid for immediately… because they were the “Adjunkt [sic] Senior Manager to Jean-Claude Juncker” who was very angry at the delay, and would file suit in Zurich if we didn’t comply.
I had a chuckle over that, it was the first time that I’d been threatened by the “staff” of the European Commission’s President. Compounding the entertainment value was the notion that an EU citizen (President Juncker) would have standing in a Swiss court (not an EU member state) to file a lawsuit against a Canadian corporation (not bound by EU law). The email also came from an account at a free webmail service, which doesn’t exactly scream legitimacy in my mind. Next.
3. So knowing you are dealing with these unique fraud attempts, what was your fraud review process in the early stages of growth? Any advice for merchants that sell unique products and are just starting out? What do you wish you had known at the beginning?
The launch of our smart light panel products was a game-changer for Nanoleaf—kind of like the difference in speed between downtown Manhattan at rush hour and an empty autobahn in Germany. Our growth rate literally quadrupled overnight, and we’ve been posting very healthy year over year gains ever since. That meant that our company was growing much faster than the ability of our existing systems to scale up with it, and a lot of things broke along the way. At the very beginning of this acceleration, our fraud review processes were non-existent.
The catalyst that caused us to move our fraud prevention stack from nothing to cutting-edge was a coordinated scam perpetrated by what smelled a lot like organized crime in Quebec. Over the course of a few months in 2015, our revenues spiked up significantly and Canadian order volumes grew at a nice clip. We learned later that these orders had been placed with stolen credit cards, and that all the fraudulent orders had been delivered to a handful of addresses in Montreal. We also learned that the payments for these orders were being clawed back, which meant that the products shipped were a total loss (luckily, this was before we launched our first light panel product and the carts were relatively low value).
Still, it was bad enough that our merchant gateway at the time froze our account, which crippled our eCommerce operations until we opened up a new merchant account with a different provider and set up a new gateway. We learned on the fly and got that done inside a week—lightning fast for the finance world, but an eternity for us. When you consider that none of us even knew what a ‘chargeback’ was at the time, this was a pretty big body blow. We filed a report with the RCMP’s fraud division, though nothing has come of it to date. That’s not a knock against them, they do great work—they’re just in the uncomfortable position of trying to cap off a firehose with a thimble.
4. Even experienced merchants find that fraud can “get in your head”. Did you find yourself taking fewer risks, or over-scrutinizing orders as you scaled? How did you strike the balance between protecting yourself against chargebacks and minimizing false declines?
Fraud definitely gets in your head when your team cares about its work and its customers. When this issue first slapped us in the face, it was emotionally devastating for everyone on the team who was involved in our eCommerce operations. We were over-cautious at first, but as we learned more about the chargeback process, merchant insurance, and fraud-mitigation technologies, charting a course through it became easier. We learned that the magical ‘zero-liability’ guarantee that consumer cardholders love ultimately means that we’re on the hook for fraud. Not the fraudsters. Not the cardholders. Not the issuing banks. Our little team of fifteen (at the time).
That awareness gave us great clarity, it kind of freed us from uncertainty in a way—we ultimately put in place strong processes that lean on data and minimize subjective opinion or gut feeling. The best decision that we made was to source an “all-in” cloud-based fraud mitigation service that provides both insurance on approved orders and rich behavioural data that we can reference back to if needed. In the case of false declines, we have a manual process in place (an automated email with a contact process to speak to a person here). For larger custom orders that were declined algorithmically, we require payment up front by a method other than credit card before we’ll ship the order. For folks who are unwilling or unable to oblige, we help them find the closest retailer that carries the product they want and do everything that we can to provide great service. A few times, we’ve even called up stores on another continent to ask them to reserve the items for the buyer.
5. What’s your zaniest “manual fraud review” story?
I recall one case in late 2016 with a buyer in Mexico who constructed a very believable alter-ego as an interior designer with a high-end clientele in Mexico City. The situation felt a bit fishy, but none of us could quite put our finger on why. We got on the phone with him to ask about some of the issues, and he was personable—charming even, and had logical sounding explanations for the data points in our analysis that were concerning. Ultimately, we greenlit a large order for him, and shipped the items from our warehouse in New York.
A month later, the chargeback notice dropped. That lesson cost us a few grand to learn, and today we no longer override an algorithmic ‘high-risk’ fraud assessment based just on our own personal feelings or input from the prospective buyer. We also require payment up front via wire transfer or certified cheque for large orders with new buyers who don’t have a history with us.
6. Do you currently use any third-party eCommerce fraud prevention solutions to try and mitigate some of these headaches? If yes, what are they and why did you choose it/them?
We’ve used a few third party solutions designed to mitigate eCommerce fraud, and it’s probably one of the smartest procurement decisions we’ve ever made. It took a couple of tries to find a vendor who we mesh really well with and who provides for all of our needs. The service that we’re using today is pretty solid—it’s cloud-based and integrates directly with our cart (Shopify). It includes a chargeback guarantee on approved orders and provides access to rich behavioural data on reviewed orders. All of this together equals a sophisticated system that shifts the resource burden for building and maintaining fraud review tools away from us. We’re in the business of designing great products that people love—anything that isn’t that is an unwanted distraction.
7. What objective benchmarks would you suggest merchants use to know when it’s time to stop keeping review exclusively in-house and go get help?
Well, if your merchant account gets shut down like ours did back in the day—go get some help, posthaste. If you haven’t been through that fresh hell (I really hope you haven’t), there are some metrics you can look at to make a more informed decision:
- Chargeback Rate. How many orders in a given period are charged back to you? That number divided by total number of orders gives you the chargeback rate. Different industries will have different benchmarks, but I’d consider over 10% a year abysmal (go get help). 3% is probably closer to normal, build it into your cost of doing business and go one way or the other. Under 1% is rockstar status, keep doing what you’re doing.
- Administrative Cost. Let’s say you pay the person handling chargebacks and order review $20 an hour. If filing a bank response to each chargeback takes 15 minutes, you’ve got a loaded cost of $5 per chargeback. Multiply that by the number of chargebacks you get in a year to get an estimate of the loaded cost for chargeback-related admin. Add in bank fees (usually $15-$30 per chargeback). This is a good exercise to go through, you might not be aware of how much chargebacks cost you outside of lost goods, in a lot of companies this is just hidden overhead.
- Cost of Lost Goods. What’s the landed cost (raw plus transport) of the goods you’ve lost to fraud over a given period? If the numbers you come up with for admin cost or cost of lost goods give you heartburn, start taking a look at reputable third party solutions. If you model out proposals and the decrease in chargeback rate you think you’ll get corresponds with a decrease in admin and lost goods cost that will pay for the third party system, it’s a no-brainer (it’s also a likely scenario unless the margins in your industry are razor-thin).
8. To start wrapping up, purchasing a unique product from Nanoleaf always gives consumers a little extra jolt of excitement. How do you maintain that initial sense of enthusiasm with customers when you receive a high-risk order that requires additional scrutiny? In other words, how do you keep a strong customer experience, while still protecting yourself?
Compartmentalize like a boss. Early on, I think that this issue did dampen the enthusiasm that we had for our customers a little bit. After we realized that receiving chargebacks didn’t make us bad people or mean that we’re a failure, it got easier to separate the fraud issue out in our minds and get back to loving our customers and what they create with our products. We’ve brought a lot of joy to our customers over the last few years and plan to bring a lot more for a long time to come.
Your strongest tool is a positive state of mind, so do whatever you can to foster it amongst the frontline folks who interact with customers every day. Empower your customer experience team to understand fraud, the processes for dealing with it, the data they have at their disposal, and where the red lines are in terms of what they can offer up to bring tough situations to a close while maximizing customer happiness.
9. Are you willing to share an example where fraud review detracted from your customer experience, and what lessons your learned/changes you made to make sure it never happened again?
Manual fraud review always detracts from the customer experience. When something is flagged high-risk, a human will get suspicious. That’s a natural instinct. We deal with this by automating our responses to high-risk orders and keeping our people away from manual review as much as possible. That helps us stay honest and true to the data, and to be objective. When a customer’s order is declined (automatically), the email that gets sent back is friendly and respectful, and offers up steps to take if they believe that the decline is unwarranted and they still want to place an order. From what I’ve seen, few fraudsters take it further than the algorithmic declines.
10. If you could give merchants currently preparing to scale up one piece of fraud prevention advice, what would it be?
For merchants starting the same journey, I’ll offer the following snippets of love from my past experiences:
It’s not personal. Fraudsters aren’t stealing from *you*, they’re just stealing.
Get insurance. Whether it’s ‘soft’ insurance through an integrated third party service that gives you a reimbursement on your bill, or ‘hard’ insurance that comes back as a cheque or EFT from your broker or bank, do it. Make sure you don’t eat 100% of the cost of losses due to fraud, spread the risk around.
Automate as much as possible so the negative is filtered away from your team. Servers don’t have feelings, they just hang out in their racks and handle their business. Dealing with fraud gets discouraging, so minimize the amount of effort it takes and your team’s morale will be higher. That’ll leave them better positioned to keep their eye on the ball and create customer happiness.
Trust the data, but have a process for recapturing revenue from false declines. If you’re contacted by someone after a decline, keep an open mind and employ the trust-but-verify doctrine.
If you would like to pick up a Nanoleaf smart lighting product for your home or office please visit the Nanoleaf Shop.
Paul Austin-Menear holds a liberal arts degree from Trent University, and has been working on the technology side of marketing and communications since 2007. He’s passionate about environmental sustainability, political and civic engagement, and other people’s kids and pets (swoop in for the cuteness, leave before the cleanup).