Online fraud is a huge problem for merchants and websites that are responsible for chargebacks when someone uses a stolen credit card to pay for something. In fact, Cybersource estimates companies lost a collective $3.5 billion to online fraud in 2012.

Payments startup WePay aims to put a big dent in that fraud number. On Tuesday, the company unveiled a more robust beta version of its API, called Veda, at the Finovate financial tech conference in San Jose, California. 

The company calls it a "risk engine." Basically the API can now collect and sift through hundreds of data signals for every online transaction a merchant processes to determine if the purchaser and the credit card being used are legit. 

WePay itself is kind of like Stripe, a super simple tool merchants can use to start accepting credit cards on their e-commerce websites. Like Stripe, WePay gets you set up quickly without having to endure signing up with a traditional payments processor, a tedious affair that usually involves forking over a wealth of information and waiting days before being able to actually process a transaction. However, unlike Stripe--which will process financial transactions for any website--WePay is geared for crowdfunding sites, marketplaces, and software as a service (SaaS) platforms, all of which contain a wealth of useful data.

How It Works

Mobile invoicing platform InvoiceASAP is a current WePay customer that processes 125,000 invoices per month from its merchants. InvoiceASAP lets those merchants collect payment via credit card. With the new version of the risk engine, WePay now can analyze customer data for those merchants--things like contact information, products and services rendered, and payment history--to better ascertain any financial risks in those credit card transactions. If a payer has been using the platform for years and done hundreds of thousands of dollars worth of transactions, the risk that there will be a chargeback is, obviously, much less.

Hundreds of Data Signals

WePay looks at hundreds of data signals--not just financial information. For example, social media can be used as a credential.

"If a merchant has a Facebook page and has had that Facebook account for seven years, let's say, and has hundreds of friends, well, that's a really important online credential," says John Canfield, VP of risk at WePay. "It's a credential just the same as a passport or a driver's license would be. [It's] something very hard for a fraudster to synthesize and scratch because that person has spent probably hundreds of hours posting things on Facebook and making connections a fraudster can't come in and duplicate that easily."

In addition to filtering through transaction data that comes through the WePay payments system and social media behavior, the risk engine also takes into account signals about the payer or payee including blogs, presentations, or articles they may have posted on the Web, company reviews, as well as other information from credit bureaus and large data aggregators.

The company charges 2.9 percent plus $0.30 for credit card transactions, and 1 percent and $0.30 for bank account payments.

WePay has raised $34.2 million in VC funding to date, according to Crunchbase, and has processed transactions for more than 250,000 customers.