Ecommerce activity has surged since the COVID-19 pandemic and is projected to reach a market value of $8.1 trillion by 2026. An estimated 2.6 billion people made purchases online in 2023, and digital payments as a whole are projected to cross $10 trillion by 2026. However, as the world of digital payments grows, so does online payment fraud. Global ecommerce fraud led to losses worth $41 billion in 2022, with some forecasting losses from online payment to amount to over $340 billion between 2023 and 2027.

At the same time, consumers increasingly expect instant payment settlement. Real-time payments (RTP) in the US are projected to account for $8.9 billion in transaction volume by 2026. This means that traditional anti-fraud tactics, like analyzing past transactions to identify fraud patterns, are inadequate in addressing emerging threats such as account takeovers and synthetic identity fraud.

Since fraud can happen in real time and settle irreversibly, fraud detection needs to happen at the same speed. Cryptocurrency, which also involves irreversible and fungible transactions, is expected to be used by 318 million people globally in 2024. In 2023, 34% of fintech and big tech companies lost customers to fraud. In the same year, 15.5% of businesses said the cost of adopting new technologies to combat fraud was the top challenge they encountered. This has created demand for identity and payments fraud solutions that use newer technologies like machine learning and AI to combat evolving fraud mechanisms.

Sardine is a fraud prevention verification and compliance platform that uses behavioral analysis to detect fraud patterns. The company offers a platform that provides instant ACH payments solutions, case management, and risk-scoring models to cryptocurrency, neobanks, fintech companies, and retail companies. Sardine also offers know-your-customer (KYC), know-your-business (KYB), transaction monitoring, and anti-money laundering compliance products. As of March 2024, Sardine served more than 250 businesses in over 150 countries.

Sardine was founded in 2020 by Soups Ranjan (CEO), Aditya Goel (Head of Payment Products), and Zahid Shaikh (Head of Risk Products). The trio met while working together at Revolut, where they worked together on building in-house infrastructure for fraud protection.

Prior to Revolut, Ranjan received a PhD in Electrical and Computer Engineering in 2005 and worked in cybersecurity and machine learning before joining Coinbase in 2015 as Director of Data Science and Risk. This was his first encounter with the payment fraud space. While in this role, he founded Risk Salon, a network of industry professionals to regularly discuss risk management and prevention practices which grew to 4K members by 2018.

In his time at Coinbase, Ranjan realized that there was a unique aspect to the fraud fintech companies faced. Unlike ecommerce fraud, companies like Coinbase faced fraud from customers who had been verified, thereby rendering know your customer (KYC) and compliance checks alone to be unreliable solutions.

Ranjan decided to focus on behavioral and user-device data to scope potential fraud instead and build internal solutions to detect fraud risk. He joined UK-based Revolut in 2019 as Head of Fincrime Risk, where Goel worked as Head of Product and Operations for the US division, and Shaikh was the Senior Product Owner for the crypto product. Goel had previous experience in leading strategy and API products at Deutsche Börse, while Shaikh had worked as a product leader across both finance and tech industries.

Ranjan had seen the impact of fraud and money laundering on businesses and noticed that there was fragmentation in safety services for fintech companies. He also observed the entry of neobanks in the banking stack and saw crypto companies struggling with compliance and crime. This led to the idea that would become Sardine. Ranjan wrote that:

The three co-founders left Revolut in April 2020 to start Sardine. Sardine’s name originated as a play on Suspicious Activity Reports (SARs), which are reports that financial institutions use for filing cases of fraud and money laundering. Sardine’s initial positioning was crypto-focused, with early customers like FTX, Brex, Chipper Cash, Relay, and MoonPay. It has since expanded to serving banks, neobanks, payments companies, and other financial institutions.

Fintech and identity fraud can take multiple forms, from traditional text-support scams to more complex remote access scams, synthetic identity fraud, and account takeovers. In a remote access scam, scammers contact individuals, posing as tech support. They convince victims that their computer has issues and persuade them to grant remote access. Once access is given, the fraudsters can steal personal information, install malicious software, or demand payment for unnecessary services. The scam relies on exploiting trust and creating a sense of urgency.

Synthetic identity fraud involves creating a new identity, by using a combination of legitimate data like social security numbers and falsified data, including names, birth dates, and addresses. This makes synthetic identities hard to identify, which lets them cross regular KYC checks. Fraudsters can then “piggyback”, where they develop a credit history for the synthetic identity by making small transactions and building a credit history. After building a believable identity, the fraudster maxes out the credit attached to the synthetic identity and causes loss to the financial institution which is unable to track an actual person behind the crime.

Account Takeover happens when a fraudster gets into a real customer's account, be it email, social, subscriptions, bank, or credit card. Once in, fraudsters can do things like conduct unauthorized transactions, use loyalty points, grab customer data to sell, and even change the password to lock the customer out. Sardine offers products across fraud and compliance risk prevention, payments, and risk insights to combat fraud including remote access scams, synthetic identity fraud, and account takeover.

Sardine Platform

Source: Sardine

Sardine’s main product protects users against risk, which includes both fraud and compliance. Sardine’s fraud prevention and compliance products are available through a single dashboard that incorporates pre-made rulesets, a no-code rule builder, ML models trained to detect fraud, and analytics reporting. This dashboard allows risk operations teams to investigate and make decisions on flagged transactions and users.

Sardine’s fraud detection algorithm is powered by device intelligence, behavioral biometrics, machine learning, and integrations with high-quality fraud data providers. This goes beyond more mundane indicators and emphasizes behavior tracking and device intelligence. Sardine also runs supervised ML models on the data it gets from its network and data providers to zero in on fraud patterns, even as fraudsters evolve their practices. Here are a few examples of Sardine’s fraud detection capabilities:

• Raising a flag when a first name or last name is copied and pasted into a name field in a sign-up flow — legitimate users don’t usually copy/paste their own names, but fraudsters often do as they cycle through a list of names they have access to

• Raising a flag when a user is switching windows all the time — this is not normal for a legitimate user and could be indicative of a fraudster jumping between windows as they run through their fraud process

• Raising a flag when a user breezes through an onboarding flow — this could indicate that the user is a fraudster who is very familiar with these onboarding flows and is moving at a rapid pace as they attempt to create a fraudulent user account. This is in contrast to legitimate users who take their time to read through a page and fill it out.

In addition to the fraud prevention algorithm, Sardine’s no-code rule builder allows risk operations teams to use rules that work out of the box. Customers can also create their own custom rules based on attributes and data points that Sardine provides access to. Using card and ACH fraud models, Sardine analyzes user signals to reduce unauthorized ACH return rates and block fraudulent transactions. Sardine’s services help improve user conversions by using risk scoring models which handle risk decisioning and dispute management on the customer’s behalf, offering a chargeback guarantee.

Source: Sardine

Sardine Payments

Fintech companies, especially crypto companies, neobanks, and stock trading platforms are often the targets of concerted fraud attacks. Users can use ACH to deposit funds into such platforms, but this process takes time and the price of the assets exchanged may fluctuate during the settlement process. Credit cards, on the other hand, pose other challenges in funding such accounts because of the higher exchange fees, cash advance fees, and the possibility of scams that they introduce. As a result, companies sometimes introduce higher friction to their account creation and management process, to protect themselves from fraud.

Source: Sardine

Sardine offers an instant ACH payments solution and applied fraud algorithms to enable fintech platforms and exchanges to overcome ACH settlement windows, which allows for instant availability of funds. It does this by taking on the fraud risk itself, “fronting” the money needed to make funds instantly available for the end users and covering the platform for any losses that it might otherwise incur if the ACH deposit doesn’t settle.

Source: Sardine

Instant ACH is then used as an “on-ramp” solution for platforms like crypto exchanges, which allows users to purchase cryptocurrency using fiat money. This solution also involves KYC verification, AML monitoring, providing preferred payment methods in different jurisdictions, and fraud mitigation while maintaining high authorization rates. Another use case for Instant ACH payment products is providing an NFT Checkout service. Sardine allows users to buy NFTs on minting pages and marketplaces with low friction, using either traditional payment methods or cryptocurrency. By offering fraud prevention and a chargeback guarantee, Sardine’s service is able to offer an indemnified payments product which includes KYC and compliance.

Customer

Since the founders of Sardine had previous experience in crypto and fintech organizations, Sardine’s target market initially focused on neobanks and crypto companies. From February to September 2022, Sardine grew its client base from 50 to 135 clients, with customers including crypto exchanges like Blockchain.com and fintech companies like Wealthsimple and Digit. As of March 2024, Sardine serves 250+ businesses globally, including enterprises like Mattel, Brex, Moov, Airbase, and Ramp*.

Source: Sardine

With a focus on larger businesses, Sardine also has multiple Fortune 500 companies among its customers. In a January 2024 interview with Contrary Research, Ranjan described how the platform’s horizontal scalability allows Sardine to expand its customer base by helping compliance teams at businesses build in-house merchant acquiring. Sardine also signed with Stearns Bank as its first sponsored bank customer in March 2023.

Because of inadequate risk-scoring practices, financial service providers are often forced to introduce friction in the processing of transferring money, leading to customer conversion rates as low as 50%. Sardine can offer its on-ramp payments product to crypto companies like MoonPay, Wyre, and Transak, helping reduce fraud and friction for users.

Market Size

The digital payments market is expected to grow from $102 billion in 2023 to $510 billion in 2032 at a CAGR of 17.4%, fueled by greater penetration of internet accessibility and high-speed connectivity. An increase in digital payments and an upswing in ecommerce transactions will also bring forth challenges in payment fraud, including phishing, account takeover, and money laundering. Between 2023 and 2028, merchant losses from online payment fraud are expected to reach $362 billion. Users are also at risk of heightened identity fraud, with the identity theft prevention market projected to grow from $11.5 billion in 2022 to $33.3 billion in 2030.

Amongst other digital payment methods, RTP is projected to replace $18.9 trillion in ACH and check-based B2B payments by 2028 in the US. With a value of $17.5 billion in 2022, the RTP market is expected to grow at a CAGR of 35.5% between 2023 and 2030. As of 2022, US consumers lost $8.8 billion in authorized push payment scams, signaling a need to monitor and measure fraud behaviors. Cryptocurrency-related fraud however has seen a downtrend in fraud, with $1.8 billion lost in 2023, down from $3.7 billion in 2022, likely having to do with the downturn in the crypto market overall (and thus in trading volumes) during that period.

Socure: Socure is a digital identity verification and fraud protection platform. It uses explicit user input data, device data, and behavioral intelligence to predict fraud risk. Founded in 2012, its total funding was $744.4 million as of March 2024. It raised a $95 million debt financing round in March 2023 with KeyBanc Capital Markets, JPMorgan, and Silicon Valley Bank.

Prior to the credit facility, Socure raised a $450 million Series E in November 2021 at a valuation of $4.5 billion. The company has more than 2K customers as of March 2024, including SoFi, CapitalOne, Robinhood, Gusto, and Chime. In September 2023, Socure reported revenue growth of 376% between 2019 and 2022. Socure and Sardine compete in the identity verification space, but one differentiator for Sardine is its capabilities around instant ACH and card onramps to crypto services.

ThetaRay: Founded in 2013, ThetaRay is an Israel-based data analytics company. It provides AI-powered AML solutions, including transaction monitoring and screening. As of March 2024, the company has raised a total of $169.5 million in funding. It raised a $57 million Series D at an undisclosed valuation in September 2023 led by Portage Ventures. The company reported a 260% revenue growth in 2022 and a 10x increase in the number of clients between 2021 and 2023.

The company’s customer base is mainly banks, fintech companies, and other financial institutions, including Santander Bank, Travelex, Mashreq Bank, MFS Africa, and ClearBank. While both Sardine and ThetaRay address customers in the fintech industry, ThetaRay’s focus on correspondence banking can be a differentiator. Sardine has extended its fraud capabilities to enable Instant ACH transfers, which presents a bigger market by catering to e-commerce, neobanks, and retail companies.

SentiLink: SentiLink is an identity verification and fraud prevention company founded in 2017. The company offers solutions to handle synthetic identity fraud, ID theft, and first-party fraud. It raised a $70 million Series B in August 2021, led by Craft Ventures, at an undisclosed valuation. As of March 2024, it has raised a total funding of $84 million.

As of June 2023, the company had more than 300 customers, including Ramp*, Plaid, and seven of the 15 biggest banks in the US. To build its fraud scoring model initially, the company pulled credit reports on defaulted borrowers and started coding telltale patterns into the algorithm. Sardine and SentiLink both leverage machine learning to identify patterns of fraud and refine their models, but Sardine’s designed tailored solutions for crypto, such as instant on-ramps and NFT checkout.

Sift: Sift is a digital fraud management company offering services such as payment protection, dispute management, account defense, and content integrity. Founded in 2011, the company has raised a total of $156.5 million as of March 2024. Sift raised a $50 million Series E in April 2021 at a valuation of $1 billion led by Insight Partners. Sift works by offering fraud teams real-time ML scores, low-to-no-code applications, and case management tools. While differentiated on the ideal customer profile, Sift has a larger market share in the financial fraud detection sector and announced plans to use its 2021 fundraise to expand its product portfolio.

Unit 21: Founded in 2018, Unit 21 is a risk and compliance infrastructure company that helps businesses monitor fraudulent activities with its no-code software. Its core technology is a “flag-and-review” toolset designed to give non-technical operators and AML teams the ability to write complex statistical models and deploy customized workflows without having to involve their engineering teams.

As of March 2024, Unit 21 has raised $92 million in funding. It raised a $45 million Series C in June 2023 led by Tiger Global and South Park Commons. Similar to SardineX, Unit21 launched the Fintech Fraud DAO, which “enables fintechs to pool and share data to help identify fraud before it proliferates.” Unit 21 has customers across fintechs, banks, payment companies, and crypto companies including Gusto, Intuit, Flywire, Piermont bank, Crypto.com, and Wealthsimple. Both Sardine and Unit 21 offer a no-code rules engine, transaction monitoring, and SAR case management services to their customers, making them competitors across fraud risk, payments, and insights.

While Sardine has not publicly disclosed its pricing on its website, Ranjan confirmed in a January 2024 interview with Contrary Research that the company follows a typical “SaaS pricing model." Sardine charges a monthly recurring platform fee for access to a dashboard that includes a low-code builder, 700+ rules for fraud and AML typologies, and case management functionalities.

Monthly recurring charges are also levied for premium support, prepaid credit plans, and any third-party dashboard functionality offered to users. For its software development kit (SDK) product, Sardine charges customers per monthly active user instead of charging per API call, which is the norm in the industry. Clients are charged on a per-transaction basis for fraud protection services and a per-user basis for its AML solution.

As of January 2024, Sardine has 250+ enterprise customers including Mattel, Brex, Moov, and Ramp*. Its customers are mainly in sectors like banking, BaaS, crypto, gift card exchanges, and online marketplaces. As Ranjan told Contrary Research in a January 2024 interview, Sardine’s customer profile includes enterprise customers, and it has several Fortune 500 companies in its portfolio.

In April 2023, the company partnered with Fortress Trust (acquired by Ripple in September 2023) which provides regulatory and technology infrastructure for blockchain organizations, to provide AML and fraud solutions. Sardine launched SardineX in June 2023, an industrywide consortium to share fraud and compliance-related data, open to payment and other fintech organizations. Operating as an independent organization, companies will be able to get real-time fraud data and risk models. Member companies include Airbase, Novo, Blockchain.com, Spring, Alloy Labs, Chesapeake Bank, and iLEX.

In September 2022, Sardine announced a $51.5 million Series B at an undisclosed valuation, led by Andreessen Horowitz, which had also led the $19.5 million Series A for the company only seven months prior, in February 2022. Other investors in Sardine include XYZ Venture Capital, Visa, Activant Capital, and Nyca Partners, among others. As of March 2024, the company has raised a total of $75.6 million in funding.

Building Network Effects

Source: The Generalist

The strength of Sardine’s models depends on the quality and quantity of the data it can access. The more transactions and user reviews conducted on its platform, the more data Sardine will have to train its models. It’ll also be able to have a wider lens into repeat fraudsters and fraud rings. This is the power of fraud data network effects that Sardine can seek to leverage.

Sardine can develop this network effect by continuing to run the flywheel depicted above, growing its user base and transaction volume reviewed to grow its base of data. Sardine’s data-sharing consortium allows participating members to query the database with an email address, phone number, or device fingerprint to see if it belongs to a known fraudster. With RTP set to reach a market size of $116 billion by 2029, it becomes a viable opportunity for Sardine to expand its customer base and offer integrated services.

Expanding into New Verticals

Sardine’s first customers were cryptocurrency platforms and exchanges, leading to its initial designation as a “crypto fraud prevention” company. Buying cryptocurrency is favored by fraudsters because the transfers are instant and non-reversible. Knowing this, Ranjan believes that “if you can solve for fraud in crypto, you can solve for it everywhere else."

Given the company’s experience with crypto fraud, it can continue expanding into other high-risk categories. As of March 2024, Sardine’s clients include a cannabis payments processor and a gift card processor.

Among fintech products, neobanks are projected to grow from 146.2 million users in 2021 to 350 million users in 2026. Another market gaining traction in fintech is embedded finance, expected to generate a revenue of $776 billion by 2029. Companies in these sectors face tactics such as account takeover fraud, account opening fraud, identity theft, authorized push payment fraud, and money laundering. Sardine has neobank and embedded finance customers and can continue go-to-market diversification. The company is also looking to target online travel agencies and physical retail companies.

Crypto Market Volatility

Venture capital funding into cryptocurrency and blockchain startups declined by 68% from $33.3 billion in 2022 to $10.7 billion in 2023. Unfavorable conditions such as the collapse of FTX and increased regulatory scrutiny happened at the same time as a downturn in crypto asset prices, correlating to a downturn in VC crypto investments. To address the risk of future downturns like this, Sardine can diversify its product suite from being crypto-centric to offering solutions to other fintech verticals.

Crowded Competitive Landscape

The identity, fraud, and risk management space has a number of well-funded competitors, such as Socure and SentiLink. Many of these competitors could extend their existing offerings to encroach on Sardine’s niche. Socure reported eliminating almost 204K synthetic digital identities in 2023, launching its synthetic identity fraud detection and prevention product in November 2023. SentiLink announced a partnership with Scienaptic AI, a credit underwriting platform, targeted towards preventing synthetic identity fraud in the digital lending space.

Advancements in Real-Time Payments (RTP) Technology

Financial institutions have spent years developing their own solution to the ACH settlement time problem. A group of financial institutions have created a Real-Time Payments network which grew to over $45 billion in volume in Q3 2022. As this solution develops further and becomes more secure, inexpensive, and developer-friendly, it could reduce the need for Sardine’s instant payments product.

AI Fraud

Sardine’s CEO has talked about Generative AI as an enabler for fraudsters and scammers, making it easy to mimic sophisticated human interactions, and therefore harder to catch. Identity fraud prevention measures like “liveness check”, where the user is asked to upload a photo or video, and voice authentication, can also be circumvented with the use of audio and video deepfake tools. Sardine relies on behavioral biometrics, including device-based, voice, or kinesthetic, which when used in conjunction can help counter AI-powered fraud.

Fraud remains an ongoing concern for companies, including identity theft, payment, and ACH fraud. Synthetic identity fraud, which involves blending legitimate and false details, is challenging to identify and poses a risk to fintechs and financial institutions. Sardine offers a fraud detection, compliance, and risk management platform for fintechs and crypto companies. The product includes advanced fraud detection algorithms and decisioning interfaces, aiding risk operations teams in approving legitimate users and stopping fraudsters.

Sardine also uses its fraud solution for instant payments, helping crypto companies offer quick funding and bypass ACH settlement times and deposit risks. Sardine served more than 250 enterprise customers including Brex, Moov, and Ramp as of March 2024. The company benefits from having a foothold in the crypto customer base and will likely benefit by continuing its expansion into other verticals.

*Contrary is an investor in Ramp through one or more affiliates.