The optimal amount of fraud is non-zero (2022)

Anti-fraud departments have apparently not gotten the memo, and the whole situation has gotten obscene in the last few years.<p>I regularly travel for work and it&#x27;s impossible for me to make any purchases on major sites like Walmart, Best Buy, Target, Costco, etc. They all will accept an order, charge my card, and then randomly cancel the order some hours to days later, and refund me.<p>Similarly when traveling internationally, Schwab bank decided they didn&#x27;t like one of my debit charges and blocked the card. I called Schwab and they gave me some &quot;publicly sourced&quot; 3 question quiz about myself that I apparently failed and they locked my entire account until I can fly back to the states and come into a branch.<p>Luckily I have a 2nd bank account and was able to change my payroll. But it&#x27;s just insane to me that some random debit charge has resulted in my inability to access most of my money or my brokerage positions.<p>I hear similar issues and horror stories from all my coworkers and friends that travel.

Just like everything. The optimal amount of crime, unemployment, accidents, deaths, etc... is not zero.<p>For example, when building a road, there is a certain chance that an accident will happen, that some people will die, and that could have been prevented. For example, by installing a guard rail, enforcing speed limits, or by taking a different path.<p>But installing that guard rail for a one in a million chance that something bad happens is money better spent elsewhere, like improving safety where it matters more, and people tend to dislike the resulting taxes. Enforcing speed limits have a cost too, that can be recovered from the fines that result from it. But the goal is not to bankrupt your citizens with fines, and constant surveillance is not very popular. And the different path you are planning may go though people homes, relocating people is also expensive, and usually not very popular for the people in question.<p>So, we tolerate a few accidents and deaths over a dystopian society.

To summarize: there is a trade-off between amount of fraud and ease of doing business. Zero fraud means doing legitimate business becomes too cumbersome.<p>Seems like the same point we have with security in computer systems and ease of use.

&gt; This is counterintuitive and sounds like it is trying a bit too hard to be clever. You should believe it.<p>Yes, you&#x27;re<p>&gt; you should welcome greater than zero fraud. You can think of it as a necessary expense, just like rent or salary or advertising is.<p>You don&#x27;t WELCOME costs just because they&#x27;re necessary. Similarly, you wouldn&#x27;t welcome fraud just because it&#x27;s too costly to get rid of it.<p>And if you add a tiny bit of morality into the mix, your too clever &quot;fraud welcome!&quot; message becomes even more invisible<p>(also, it could very well be that some fraud types can be reduced to literal 0 without bringing the whole system down, but then the parts of the system that can make it happen aren&#x27;t incentivized to do so because they&#x27;ve passed all the costs to other parts of the system)

I understand this and it&#x27;s similar to what happens with, for example, theft or shoplifting: if we cracked down really hard on it, the honest user&#x27;s experience would be disproportionately impacted and our collective freedom could be restricted too (imagine policemen searching whoever exits a supermarket, or cameras spying and tracking virtually everyone everywhere). At the same time, it&#x27;s profoundly unfair that we need to let a certain class of people (fraudsters, scammers, thieves) to live at society&#x27;s expense and I would like something could be done about that. Who knows, maybe sample crackdowns with really heavy consequences.

Under the assumption that the only way to bring fraud to zero is to raise the bar high enough that legitimate customers will also be turned away, some fraud is acceptable and the author posits it is even a good thing: it means good customers are having an easy enough time being a customer, too.

I thought this article was going to be somehow less intuitive, but in reality, it simply says something most people inherently understand: that you have to grease the skids a bit to make things work. Dressing it up in academic sloganeering doesn&#x27;t make the insight all that much more powerful.<p>I think most people understand that a risk-free society is a poor society. Take driving: the safest way to drive is to not get in the car at all. Similarly, the best way to save yourself from credit card fraud is not to have a credit card. But does this justify driving like a maniac, or being careless with your personal information? Of course not.<p>In other words, the article simply points out that categorical thinking (1 or 0) is useless in this context (as it is in most contexts, to be honest). The meaningful question is <i>what degree</i> of fraud we should be willing to accept, and in what contexts.

Uhhh, it depends on the business? I know there are some businesses which suffer high chargeback rates (pay2cheat SaaS), and most of the chargebacks were happening by customers who said that their card has been stolen (as the merchant could easily disprove any other lie). The usual customer cycle was: buy the cheat, get banned in the game due to suspicious stats, reports or whatever, be mad about it, and then they would turn to their bank and say that their card was stolen -&gt; chargeback.<p>Eventually, they started forcing 3DS (which shifts liability from you to the card issuer, and apparently card issuers don’t like paying!). Revenue didn’t decline, but fraud rates did go indeed to zero.

Fyi... submitter put <i>&quot;not zero&quot;</i> instead of original title of <i>&quot;non-zero&quot;</i> which causes the &quot;past&quot; link&#x27;s search algorithm to not list this previous discussion: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32701913">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32701913</a>

A similar insight from economist Daniel Davies from 2005:<p>&gt;&gt; The optimal frequency of disasters is not zero. This graceful formulation is due to Prof. Richard Portes, who used to say it about emerging market financial crises. However, it’s a fundamental principle of risk management and one of entirely general application. Most dangers can be absolutely eliminated for all practical purposes, but only at unacceptable cost.<p><a href="https:&#x2F;&#x2F;blog.danieldavies.com&#x2F;2005&#x2F;07&#x2F;?m=1" rel="nofollow">https:&#x2F;&#x2F;blog.danieldavies.com&#x2F;2005&#x2F;07&#x2F;?m=1</a>

&gt; This is counterintuitive and sounds like it is trying a bit too hard to be clever.<p>Indeed.<p>You could make the same counterintuitive and clever point about any bad thing, pointing out that there are things one might do to reduce that thing, which have other costs, and aren&#x27;t worth it, but for many bad things that would not sound counterintuitive and clever, but deranged.<p>Consider the following statement:<p>&gt; The optimal amount of salt in food is non-zero.<p>That&#x27;s true, and it&#x27;s not clever at all, we need salt. It&#x27;s not that trying to remove all salt from food would be too expensive.<p>But consider also:<p>&gt; The optimal amount of radioactive material in food is non-zero.<p>We might defend this in a similar clever counter-intuitive sense. But it&#x27;s a completely different statement, and it&#x27;s wrong.<p>EDIT: The three replies making the same point about bananas are a great illustration of the desire (and failure) to be clever and counter-intuitive that&#x27;s also evident in the article. We don&#x27;t eat bananas for their radioactive material. We don&#x27;t need to eat radioactive material.

For the theoretical background, see Ronald Coase on Transaction Cost Economics.<p>The law can place liability anywhere. In a situation where transaction costs are zero, it doesn&#x27;t actually matter where liability is placed, because the participants will contract in the most economically efficient manner to share the burden.<p>That means liability choices can reduce to reducing transaction costs. For credit, the $50 is to avoid the adverse incentive of the cardholder permitting fraud, but otherwise the cost and mitigation is better shared among the big players at scale that reduces overhead. (Conversely, shifting liability via forced arbitration and legal disclaimers monetizes market power.)<p>As a policy matter, ask yourself: so why then do debit cards not come with the same limitation of fraud liability to $50, since the same economies of scale apply?

This reminds me of Matt Lakeman&#x27;s &quot;An Attempt at Explaining, Blaming, and Being Very Slightly Sympathetic Toward Enron&quot;<p><a href="https:&#x2F;&#x2F;mattlakeman.org&#x2F;2020&#x2F;04&#x2F;27&#x2F;explaining-blaming-and-being-very-slightly-sympathetic-toward-enron&#x2F;" rel="nofollow">https:&#x2F;&#x2F;mattlakeman.org&#x2F;2020&#x2F;04&#x2F;27&#x2F;explaining-blaming-and-be...</a><p>He makes the point that although Enron was clearly doing shady things, it&#x27;s possible for a legitimate business to do many of the same stuff (&quot;mark-to-market&quot; accounting, tricky SPEs, and so on). Try to categorically eliminate Enron-style fraud and you might take down the next Google in the crossfire.

Clickbaity, trying-too-hard title. The point being made is mundane: perfection is too expensive, so we settle for &quot;good enough&quot;. This is near-universally applicable and near-universally understood.<p>The author is trying to make it sound deep and meaningful with statements like &quot;you should welcome some fraud&quot;, as though fraud is actually required for the system to function (clever counterintuitive point made, cue huge dopamine spike). But no, we simply tolerate a certain amount of fraud because eliminating it isn&#x27;t worth it. Yawn.

If you liked the content of the article, I urge you to read the excellent book &quot;Lying for Money: How Legendary Frauds Reveal the Workings of Our World&quot; [1] by Dan Davies, which I believe is the main source of inspiration for this article (I&#x27;m just guessing here, I have no proof of that).<p>I discovered this book through another great post by Patrick McKenzie, &quot;The fraud supply chain&quot; [2] where he heartily recommend it, and I haven&#x27;t been disappointed. On top of being informative, the book is very entertaining to read.<p>[1] <a href="https:&#x2F;&#x2F;www.amazon.com&#x2F;Lying-Money-Legendary-Frauds-Workings-ebook&#x2F;dp&#x2F;B078WFT5JV" rel="nofollow">https:&#x2F;&#x2F;www.amazon.com&#x2F;Lying-Money-Legendary-Frauds-Workings...</a><p>[2] <a href="https:&#x2F;&#x2F;www.bitsaboutmoney.com&#x2F;archive&#x2F;the-fraud-supply-chain&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.bitsaboutmoney.com&#x2F;archive&#x2F;the-fraud-supply-chai...</a>

A lot of the confusion and anxiety will melt away if we distinguish the terms “optimal” and “desirable”.<p>The most desirable amount of fraud, corruption or tax evasion is zero.<p>In the real world we don’t get what we desire. The closest we can came is to the optimal amount, where the marginal cost has to equal the marginal benefit.

I think that fraud <i>prevention</i> is mostly the wrong approach. Instead they should let the frauds happen, then track the fraudster and send the police to arrest them. Normal prevention just means the criminal has to keep trying until it works. Tracking the money after means that criminals will never know if the next knock at their door will be the police.

Well basically if you spend more money to prevent fraud of monetary value that is less than amount spend to prevent it, you loosing money by preventing fraud.<p>But this logic is only applicable for things that on both ends measure in money.

&gt;The optimal amount of fraud is non-zero<p>As long as it&#x27;s in a competitor&#x27;s operation and not mine, I&#x27;ll do fine.

This article falls into the common pitfall of over rationalizing &quot;the market&quot;. It&#x27;s true that from first principles you don&#x27;t want to establish the bureaucratic apparatus it would take to effectively eliminate all forms of fraud, this is the intuition most people tap into when they say &quot;you can&#x27;t catch every crime&quot;. This is in fact not a surprising observation, most people just understand it as common sense. It&#x27;s also not the main motivating factor driving the enforcement of monetary fraud prevention.<p>The monetary system doesn&#x27;t care about fraud. Banks, credit card companies, and the rest of the financial sector make money from transactions, with no regard for who spends the money, who owns it, or if the transaction was legitimate. Bad actors need banking too, and their transactions are just as valuable as the ones your grandmother makes.<p>Here we find the sharp divide that fraud controls try to bridge. The social cost of fraud is extremely high. Yet the proportional value, defined in a capitalist sense, of fraud is close to 1. A transaction that happens to be fraud is almost if not as valuable as a transaction that happens to be legitimate. For a bank, the optimal amount of fraud is not just non-zero, it&#x27;s basically as much as possible.

Very true article and it&#x27;s a pretty shit model for innovation!<p>I want to launch a business which requires investing a lot of resources per customer. Think, the users pay 100$ and I spend 80$ in resources straight away, transform the resources in a peculiar way and provide it to the customer.<p>I have already tried this and failed due to occasional credit card fraud and sneaky chargebacks from users AFTER having used resources.<p>Now, being a small business (zero employees) I can&#x27;t afford to stomach losses for months, invest into marketing and then wait until 100x growth bring me some profits.<p>Just because of fraud being the problem of the seller and not of the cardholder, my choices are:<p>1. Go to parasitic VCs and convince them to give me money, in the hope I&#x27;ll be profitable in a few years<p>2. Sell 1 on 1 to trusted companies - which doesn&#x27;t work if you&#x27;re selling B2C, increase your sales cost and bar you from a typical SaaS paths with random customers<p>3. Accept only crypto-currency payments - but nobody will bother to convert money to purchase something when they are used to just use their credit card

I believe this is a trivial thing with a misleading title.<p>Of course the optimal amount of fraud for a business is zero. A world with zero fraud would be optimal for them.<p>And (also of course) given that combating fraud has costs, there is a level at which investing more money and effort into anti-fraud has diminishing returns.<p>Therefore it is not worth it to go all in into the fight against fraud, but accept that some amount of it happens.<p>Surely none of this is surprising.

A problem that a social credit system can mostly solve - just don&#x27;t do business with people with low social score :)