Case Study
How Lemon Squeezy uses Realtime ML to Protect its Storefronts
Lemon Squeezy is an all-in-one platform for selling SaaS and other digital downloads. From their early days, they have partnered with Sumatra to build a comprehensive risk-management foundation, to safeguard their ecosystem and automate their processes for scale. By predicting user intents in real time, they are able to respond to threats instantly, ensuring a seamless and secure experience for sellers and buyers alike.
Case Study
How Lemon Squeezy uses Realtime ML to Protect its Storefronts
Lemon Squeezy is an all-in-one platform for selling SaaS and other digital downloads. From their early days, they have partnered with Sumatra to build a comprehensive risk-management foundation, to safeguard their ecosystem and automate their processes for scale. By predicting user intents in real time, they are able to respond to threats instantly, ensuring a seamless and secure experience for sellers and buyers alike.
Case Study
How Lemon Squeezy uses Realtime ML to Protect its Storefronts
Lemon Squeezy is an all-in-one platform for selling SaaS and other digital downloads. From their early days, they have partnered with Sumatra to build a comprehensive risk-management foundation, to safeguard their ecosystem and automate their processes for scale. By predicting user intents in real time, they are able to respond to threats instantly, ensuring a seamless and secure experience for sellers and buyers alike.
Problem
Innovative business models present unique risks
Lemon Squeezy recognized early on that unique risks are inherent to providing a low-friction selling experience to creators selling digital goods.
Solution
Predict user intent in real time
Using Sumatra, they added comprehensive behavioral signals to their payment fraud model and established intent-prediction points in the path of every opportunity for abuse.
Result
Sellers protected and money saved
Sumatra has blocked 126% more fraud than Stripe Radar alone. Multiple card-testing and account takeover attacks have been stopped. Dozens of fraudulent storefronts have been shut down.
Problem
Innovative business models present unique risks
Lemon Squeezy recognized early on that unique risks are inherent to providing a low-friction selling experience to creators selling digital goods.
Solution
Predict user intent in real time
Using Sumatra, they added comprehensive behavioral signals to their payment fraud model and established intent-prediction points in the path of every opportunity for abuse.
Result
Sellers protected and money saved
Sumatra has blocked 126% more fraud than Stripe Radar alone. Multiple card-testing and account takeover attacks have been stopped. Dozens of fraudulent storefronts have been shut down.
Problem
Innovative business models present unique risks
Lemon Squeezy recognized early on that unique risks are inherent to providing a low-friction selling experience to creators selling digital goods.
Solution
Predict user intent in real time
Using Sumatra, they added comprehensive behavioral signals to their payment fraud model and established intent-prediction points in the path of every opportunity for abuse.
Result
Sellers protected and money saved
Sumatra has blocked 126% more fraud than Stripe Radar alone. Multiple card-testing and account takeover attacks have been stopped. Dozens of fraudulent storefronts have been shut down.
"Sumatra's solution has been a key value proposition to sellers adopting our platform. Comprehensive and fully-automated protection means they can focus on growing their business."
"Sumatra's solution has been a key value proposition to sellers adopting our platform. Comprehensive and fully-automated protection means they can focus on growing their business."
JR Farr
CEO @ Lemon Squeezy
Problem
Innovative business models present unique risks
Innovative business models present unique risks
As the merchant of record to a large number of independent sellers, Lemon Squeezy has a more complex risk management challenge than traditional e-commerce. In addition to card testing, refund abuse, and vanilla stolen credit card fraud, a merchant of record is vulnerable to sophisticated threats, such as:
Royalty fraud. Fraudulent sellers purchase their own products with stolen credit cards.
Fake storefronts. Scammers set up fake storefronts to lure in unsuspecting good customers.
Account takeover. Attackers take over seller accounts to reroute payouts to their own bank accounts.
Unmitigated, these threats can lead to substantial financial loss and reputational damage. For that reason, it was crucial for Lemon Squeezy to establish their foundational fraud prevention measures to protect their business, customers, and brand against these risks.
Lemon Squeezy looked for a solution that would allow them to:
Reduce fraud loss (unauthorized charges, abusive refunds, abusive payouts)
Avoid reputational damage (seller ATOs, payment processor sanctions)
Minimize good customer friction (delayed fulfillment, delayed payouts)
Reduce operational overhead (manual review time)
As the merchant of record to a large number of independent sellers, Lemon Squeezy has a more complex risk management challenge than traditional e-commerce. In addition to card testing, refund abuse, and vanilla stolen credit card fraud, a merchant of record is vulnerable to sophisticated threats, such as:
Royalty fraud. Fraudulent sellers purchase their own products with stolen credit cards.
Fake storefronts. Scammers set up fake storefronts to lure in unsuspecting good customers.
Account takeover. Attackers take over seller accounts to reroute payouts to their own bank accounts.
Unmitigated, these threats can lead to substantial financial loss and reputational damage. For that reason, it was crucial for Lemon Squeezy to establish their foundational fraud prevention measures to protect their business, customers, and brand against these risks.
Lemon Squeezy looked for a solution that would allow them to:
Reduce fraud loss (unauthorized charges, abusive refunds, abusive payouts)
Avoid reputational damage (seller ATOs, payment processor sanctions)
Minimize good customer friction (delayed fulfillment, delayed payouts)
Reduce operational overhead (manual review time)
Solution
Predict user intent in real time
Predict user intent in real time
Leveraging Sumatra's capabilities to predict user intent from behavior, Lemon Squeezy was able to implement a highly dynamic approach:
Continuous Behavioral Analysis: Sumatra's platform continuously updates user profiles, analyzing actions up to the current moment to predict user intents.
Propensity Modeling: While more typically used in marketing for predicting customer conversions or churn, Sumatra's propensity modeling is equally applicable to identifying users with malicious intent. This approach recognizes potentially risky behaviors and enables immediate responses like blocking suspicious transactions.
Adaptive Decision Points: The integration of comprehensive behavioral signals into Sumatra's models allows for more nuanced decision-making at each touchpoint, ranging from user signup to purchase attempts.
Leveraging Sumatra's capabilities to predict user intent from behavior, Lemon Squeezy was able to implement a highly dynamic approach:
Continuous Behavioral Analysis: Sumatra's platform continuously updates user profiles, analyzing actions up to the current moment to predict user intents.
Propensity Modeling: While more typically used in marketing for predicting customer conversions or churn, Sumatra's propensity modeling is equally applicable to identifying users with malicious intent. This approach recognizes potentially risky behaviors and enables immediate responses like blocking suspicious transactions.
Adaptive Decision Points: The integration of comprehensive behavioral signals into Sumatra's models allows for more nuanced decision-making at each touchpoint, ranging from user signup to purchase attempts.
Decision Points
Purchase
Refund
Signup
Update Payout Method
Additional Events
Click Affiliate Link
Download
Login
Update Product
Sumatra aggregates data across all provided events to build comprehensive profiles of buyers, sellers, IPs, devices, and other relevant entities. Here are a few example features from Lemon Squeezy's logic, as they are defined in Sumatra's feature language:
Sumatra aggregates data across all provided events to build comprehensive profiles of buyers, sellers, IPs, devices, and other relevant entities. Here are a few example features from Lemon Squeezy's logic, as they are defined in Sumatra's feature language:
-- event signup
emails_by_domain_3d :=
CountUnique(seller_email by email_domain last 3 days)
-- event purchase
buyer_gibberish_score :=
GibberishNameScore(buyer_name)
avg_buyer_gibberish_2w :=
Average(buyer_gibberish_score by seller_id last 2 weeks)Finally, at each decision point, a combination of AI propensity models and rule-based logic determines a verdict of Allow, Block, or Review. This logic is continuously updated based on dispute data and analyst labels fed back into the system.
Finally, at each decision point, a combination of AI propensity models and rule-based logic determines a verdict of Allow, Block, or Review. This logic is continuously updated based on dispute data and analyst labels fed back into the system.
Result
Sellers protected and money saved
Sellers protected and money saved
By partnering with Sumatra, Lemon Squeezy has blocked 126% more fraud than would have been caught by Stripe Radar alone. Additionally, Sumatra's holistic solution has protected Lemon Squeezy from: refund abuse, money laundering, fake accounts, credential-stuffing attacks, and more.
The enhanced protection is evident from a card-testing attack that hit in May 2023:
By partnering with Sumatra, Lemon Squeezy has blocked 126% more fraud than would have been caught by Stripe Radar alone. Additionally, Sumatra's holistic solution has protected Lemon Squeezy from: refund abuse, money laundering, fake accounts, credential-stuffing attacks, and more.
The enhanced protection is evident from a card-testing attack that hit in May 2023:
Stripe Radar Alone
237 Allow
158 Review
0 Block
Blocked Attempts:
0%
With Sumatra
3 Allow
0 Review
392 Block
Blocked Attempts:
99.2%
Lemon Squeezy is continuing to partner with Sumatra to leverage the platform's streaming data and AI capabilities to protect their customers as they grow and expand their service offerings.
The next big project is protecting against click fraud for their affiliate program, so look out for more details on that soon.
Lemon Squeezy is continuing to partner with Sumatra to leverage the platform's streaming data and AI capabilities to protect their customers as they grow and expand their service offerings.
The next big project is protecting against click fraud for their affiliate program, so look out for more details on that soon.
Get started
Sign up now to lock in early adopter pricing
Get started
Sign up now to lock in early adopter pricing
Get started