When a payment processing startup was hit by fraud, here's how it recovered

Trust is an essential element of any business. But what does a business do when bad actors threaten to erode the trust it has with its customers?

This was the issue faced by HoneyBook when it scaled up. Co-founder and CEO Oz Alon explains how getting hit by waves of fraud after scaling up served as a learning opportunity in the Q&A below.

Tell me what your company does.

HoneyBook is a leading business and financial management platform for small business owners and freelancers. By combining tools like invoices, contracts, brochures, and payment processing all in one platform, HoneyBook makes it easy for entrepreneurs to manage and grow their business efficiently. Founded in 2013, HoneyBook is based in San Francisco and funded by Citi Ventures, Norwest Venture Partners, and Aleph.

At what point did you scale up, and what did that growth look like?

There are two distinct moments at HoneyBook that signaled the growth of our business: when we implemented self-onboarding and when we built automatic transactions into the platform in 2016. Prior to establishing these new processes, we were doing everything manually. Our sales team would personally onboard every new member to HoneyBook and every transaction that came through the platform was manually sent to the member’s bank account. In fact, I processed the first 1,734 transactions myself. But there came a moment when the volume of new members and, subsequently, transactions was too much for our team to handle in this way and we had to scale up.

What went wrong when you scaled up?

Nowadays we expect to be able to start using new software by ourselves. But when that software is your creation, it’s a very nerve-wracking proposition to implement self-onboarding and let your members explore your product for the first time without your supervision. You worry they may not understand how to use it or grasp the value. But what went wrong instead was that we were hit with fraud within a week of rolling out self-onboarding.

How bad did things get?

Fraud is something that any company processing payments will have to cope with. Although we knew that, having it happen for the first time was a sobering experience. We were asking small business owners to move away from pen and paper, take their businesses online, and entrust us with their financial details. We knew that if we weren’t able to identify and stop a fraudster the moment they entered the system, all the hard work we’d done to establish trust with our members would be lost.

For our transactions process, it was less about what went wrong when we scaled and more about how bad things got before we did so. What began with one transaction a week quickly became 50-plus transactions a day, all of which had to be manually sent to the bank before 1 p.m. Trying to do all this, while also fulfilling my duties as CEO, was unsustainable. It was one day in the middle of a VC partners meeting while trying to process transactions during our breaks that it finally hit me: We needed to invest in building automatic transactions into the platform.

“You actually need to get in there and do the work to understand the true value of your business.”

How did you fix the issue?

For both instances — fraud detection and automatic transactions — the fix was simply investing in the resources. For fraud, we needed to identify what indicated a fraudulent transaction, build those signals into our system, and designate a team to monitor it. For transactions, we made it a priority to automate them and empowered our developers to make it happen.

Where did you get the idea for the fix?

The fixes for each were simple; it was more about recognizing the right moment to make the investment. For automatic transactions, the idea was to remove the opportunity for human error. For example, the first time we received a transaction, I accidentally sent the member a check by mail instead of sending the funds directly to their bank account. It was a simple human error -- I forgot to uncheck a checkbox. But here I was promising business owners that by using HoneyBook they could do away with paper checks and then I go and send a check to the first member to transact on the platform. Automatic transactions would enable us to promise our members that each transaction would seamlessly end up in their bank account without issue.

What do things look like now that you’ve corrected the problem?

Now, each process is essential to the value we offer small-business owners. We have a robust fraud protection program that supports small-business owners in the event they are the victims of fraudulent activity and automatic transactions are part of our core product that ensure members are paid effortlessly and efficiently.

What did you learn from this experience that other business leaders need to know?

Although processing each transaction manually myself wasn’t sustainable, it was an invaluable experience. I learned firsthand how important it was to scale that system and how valuable the outcome has been for our members. It also gave me a window into the health of our business and I consider that experience as one of the ones that best equip me to be CEO.

To that end, my advice to other business leaders is identify your core business offering, that thing that is central to your success as a business, and make sure you have experience doing it yourself. As Paul Graham famously said, do things that don’t scale. You actually need to get in there and do the work to understand the true value of your business offering and obviously validate the demand.

NIMBLE IS A REGULAR SERIES FROM INVERSE. Every executive talks about it. NiMBLE is how to be about it. Strategy guides, C-Suite interviews, digestible reports on the latest scientific research for high-performing businesses, and essential stories about enterprising leaders, from the editorial staff of Inverse.