(in a previous life I worked in front office investment banking so had to undergo anti-fraud and anti-money laundering training as well as worked on general exposure risk issues)
The problem is that fraud/risk (like tech security) is it often involves black swan events. Everything seems fine right until the point where it's not and you're on the hook for millions of dollars (Stripe is probably in the position where you can afford to take a few black swan type events and survive; a lot of Paypal competitors weren't).
Given that Stripe don't do the "wallet" approach of Paypal and is primarily focused on API customers I'm guessing your risks in general are lower, but I'd recommend you be careful about becoming over-complacent.
> I'd recommend you be careful about becoming over-complacent.
Absolutely. Indeed, I'd characterize us as actively paranoid. My point was merely that we're already operating at a scale that needs pretty good fraud systems.
The problem is that fraud/risk (like tech security) is it often involves black swan events. Everything seems fine right until the point where it's not and you're on the hook for millions of dollars (Stripe is probably in the position where you can afford to take a few black swan type events and survive; a lot of Paypal competitors weren't).
Given that Stripe don't do the "wallet" approach of Paypal and is primarily focused on API customers I'm guessing your risks in general are lower, but I'd recommend you be careful about becoming over-complacent.