Managing eBay's mininions

Patrick Gray speaks to eBay Australia's Director of Trust and Safety, Alastair MacGibbon, and learns how he keeps the site safe and secure.

With 212 million users worldwide, eBay has learned a thing or two about managing a large customer base. And with auction fraud making headlines globally, the online venture's battle to lock down its service is vital to its continued success.

eBay Australia's Director of Trust and Safety, Alastair MacGibbon, says the company has had to take a different approach to evaluating risk. Rather than collecting information about users' pasts, eBay spends more time monitoring user behaviour.

"If you know less about the individual person you spend a lot more time looking at what they do," he told SearchSecurity. "We've never relied on what a person told us about themselves."

A former Australian Federal Police officer, MacGibbon was the inaugural director of the Australian High Tech Crime Centre, a multi-jurisdictional body established to fight the scourge of online crime. After a year at the helm, MacGibbon left to join eBay in 2004, moving back to his hometown of Sydney.

Today, MacGibbon says eBay's approach to security and fraud detection has two things going for it. Firstly, because all activities are conducted online, they're easily monitored. Secondly, the auctioneer's large customer base acts as the world's biggest neighbourhood watch program.

"We can clearly identify patters of activity -- when you're on our site, we know what you're doing," he says. "If you know what you're looking for, then it can be a very rich environment for that type of enforcement activity."

By stripping away the "white noise" of normal activity, certain fraudulent patters stick out like a sore thumb, he says. By applying hundreds or even thousands of patterns, in real time, to eBay transactions, it's possible to catch a significant chunk of bad behaviour, MacGibbon says.

As for using the company's vast online user community -- a population 10 times larger than Australia's -- to spot fraud, MacGibbon says there's still a lot of work to be done. "There's a lot of blue sky there in terms of how we can leverage the mind of the masses," he says. "Most [eBay users] are passionate about stopping the wrong thing from happening. If you can leverage that... the world's largest neighbourhood watch system with a good backend, then that's a very powerful tool."

"I don't think offline business have ever mined the concept of the community helping them," MacGibbon adds.

However, the neighbourhood watch-based approach has been hampered in the past. eBay's feedback system, which allows users to rate the other members they've dealt with, has been subjected to a censorship of sorts.

Users who posted negative comments with feedback to other users accounts have often had the comments removed by the company. The reason: negative comments written by an eBay user and published by the auctioneer on its Web-site could be regarded libellous. "We will leave the negative but take away the comment sometimes," MacGibbon concedes. "It's a tricky one."

Still, MacGibbon says the company will continue on its path of engaging its users in the fraud prevention process. "I don't think we're there yet, there's a long way to go," he says.

Read more on Web application security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.