Cash App's Approach to Detecting and Preventing Illegal Activities on Our Platform
Cash App has built a dynamic, cross-functional risk management framework designed to detect and prevent illicit activity, staying ahead of evolving threats and bad actors. Our approach continuously adapts to emerging risks, ensuring a secure and trusted experience for our customers.
Managing risks on Cash App requires a diverse range of mitigation strategies, and our cross-functional feedback loops help us do this effectively:
- Product controls set the parameters for how our features may be used
- Adverse actions remove bad actors and prevent them from returning
- Real-time machine learning models evaluate transactions and other activities to block or take additional adverse actions
- Post-transaction monitoring enables ongoing detections and investigations into potentially unwanted behavior
- Partnerships with third parties allow us to ingest and share information outside of Cash App to help prevent and detect unwanted activity both on Cash App and across the financial system and social platforms
We safeguard our customers through ongoing education, controls, and reporting tools to help protect their accounts and the Cash App platform. Designed to work together seamlessly, each tool plays a crucial role in our broader effort to maintain a trustworthy platform.
Product Controls
Risk management starts with our Product teams. They partner closely with Legal, Compliance, Risk and other stakeholders to continuously identify, document and implement controls throughout the product lifecycle. Our product controls are crafted to align our commitment to offering a diverse set of financial services to meet everyday banking needs. To help meet our customers’ needs, our Customer Research team conducts market research and customer surveys, gathering insights that shape our offerings.
Product teams partner closely with Data teams to analyze customer behavior, distinguishing normal usage from anomalies , and set appropriate parameters. For example, our peer-to-peer (P2P) feature allows customers to send money to friends, family and their community. We put limitations on the number of P2P transactions a customer may have over designated time periods in line with expected behavior and product design. Similarly, our Cash for Families feature allows teens to use Cash App with approval from a Sponsor (parent or guardian). This includes lower transaction limits and limited access to products, restrictions on where they may use their Cash App Card, increased privacy settings, as well as tools for the Sponsor to oversee their teen’s account.
We maintain platform-wide controls to ensure safety and integrity. For new customer onboarding, controls are designed to proactively detect whether a bad actor is attempting to return to the platform. If so, we will block the onboarding attempt and/or remove the account. While each of our products maintains robust controls to deter unwanted behavior, we recognize that bad actors continually adapt their tactics. To stay ahead, we leverage advanced technology and machine learning, enabling us to detect and prevent sophisticated threats effectively.
Advanced Technology and Machine Learning for Real-Time Detection
With advancements in technology such as generative artificial intelligence (Gen AI), we believe that managing risk on Cash App through machine learning is essential.
The use of machine learning manifests throughout the entire account lifecycle on Cash App. At onboarding, each customer receives an activation Customer Risk Rating (aCRR) followed by a continuous Customer Risk Rating (cCRR), which is powered by dedicated machine learning models. When customers go through identity verification (IDV), we combine data from industry-leading third party vendors with our own models, which can independently reject the attempt or require additional verification, even if our vendor is able to verify the customer’s identity. Similarly, all transactions are evaluated by these models and are designed to detect potential risks, such as suspected gambling, fraud, and Child Sexual Exploitation (CSE) for example. Our systems may block (in real-time) transactions suspected of prohibited activity, escalate the account for manual review, and/or may close the associated account(s) immediately based on our level of confidence.
These models utilize a multitude of signals based on activity patterns we observe to be associated with higher risk, and internal intelligence such as location signals and information about a customer’s device and counterparties. For example, when evaluating the authenticity of a customer’s account, we may compare information provided directly by the customer (i.e., ZIP code) with information derived from internal tools, such as IP address. Evaluating these signals together allows us to evaluate potential fraud or other unwanted behaviors, which may result in requiring more information from the customer, or in some cases account offboarding. Our teams continuously leverage the outcomes of these actions to refine and update our controls.
Post-Transaction Monitoring and Offline Evaluations
Our post-transaction monitoring and offline evaluations enhance our ability to detect potentially suspicious and unwanted activity at various points in a customer’s lifecycle. These models and heuristics are complementary to our real-time actions; these models may be more complex than those in real-time, leveraging larger scale network interactions and additional information about a customer that may not be available at the time of a transaction. They also allow us to take retroactive action on accounts, which may lead to a manual review to evaluate if bad activity has potentially occurred.
To support our internal, proprietary data, we gain intelligence from third-party vendors who have access to data outside of Block’s ecosystem. For Bitcoin, we have integrated with industry-leading vendors who allow us to understand the nature and risk associated with virtual currency wallets, which then informs action we may take, either in real-time or retroactively depending on information available at the time. For example, our blockchain analytics tools can identify when a receiving Bitcoin address has exposure to high-risk services or suspicious patterns of activity. This intelligence allows us to make risk-based decisions in real-time and continuously monitor for emerging threats that might affect our customers. Other anomalous activity may trigger rules in our Offline Risk Management (ORM) tool to suspend an account based on unusual location signals, device information, or interactions with other potentially suspicious accounts, requiring additional verification to continue using Cash App. These accounts (as well as their connected accounts) may get sent to compliance or risk experts to undergo a thorough review.
Third Party Partnerships
While technology is at the heart of our risk management strategy, we believe that solving these problems alongside key external stakeholders is far more effective than solving these problems alone. As such, we have developed strong relationships with third parties to help inform our processes. Bad actors often exploit a range of digital platforms, including social media and messaging apps to facilitate illegal activities before ultimately using payment platforms to conduct transactions. Cash App collaborates with financial institutions, law enforcement agencies, and industry peers to share intelligence and develop comprehensive strategies to combat illicit commerce. This collective effort enhances our ability to identify and disrupt illegal activities more effectively than we could alone.
Empowering Our Customers
To help stop illicit activity on our platform, we focus not only on building strong detection systems, but also on equipping our customers with the tools and knowledge to recognize and respond to bad actors. Cash App provides clear, accessible resources to help customers identify suspicious behavior and take action — whether that's reporting suspicious activity, blocking another user or adjusting privacy settings to better control their experience.
Our investments in real-time scam detection allow us to intervene directly in some cases, warning customers or blocking suspicious transactions involving both fiat and bitcoin. At the same time, we encourage customers to play an active role in protecting the integrity of the platform, empowering them to serve as a critical line of defense against misuse.
Continuous Improvement and Transparency
The landscape of digital threats is ever-evolving. Cash App is committed to the continuous enhancement of our security measures, regularly updating our technologies and protocols to address new challenges.
Cash App has built a dynamic, cross-functional risk management framework designed to detect and prevent illicit activity, staying ahead of evolving threats and bad actors. Our approach continuously adapts to emerging risks, ensuring a secure and trusted experience for our customers.
Managing risks on Cash App requires a diverse range of mitigation strategies, and our cross-functional feedback loops help us do this effectively:
- Product controls set the parameters for how our features may be used
- Adverse actions remove bad actors and prevent them from returning
- Real-time machine learning models evaluate transactions and other activities to block or take additional adverse actions
- Post-transaction monitoring enables ongoing detections and investigations into potentially unwanted behavior
- Partnerships with third parties allow us to ingest and share information outside of Cash App to help prevent and detect unwanted activity both on Cash App and across the financial system and social platforms
We safeguard our customers through ongoing education, controls, and reporting tools to help protect their accounts and the Cash App platform. Designed to work together seamlessly, each tool plays a crucial role in our broader effort to maintain a trustworthy platform.
Product Controls
Risk management starts with our Product teams. They partner closely with Legal, Compliance, Risk and other stakeholders to continuously identify, document and implement controls throughout the product lifecycle. Our product controls are crafted to align our commitment to offering a diverse set of financial services to meet everyday banking needs. To help meet our customers’ needs, our Customer Research team conducts market research and customer surveys, gathering insights that shape our offerings.
Product teams partner closely with Data teams to analyze customer behavior, distinguishing normal usage from anomalies , and set appropriate parameters. For example, our peer-to-peer (P2P) feature allows customers to send money to friends, family and their community. We put limitations on the number of P2P transactions a customer may have over designated time periods in line with expected behavior and product design. Similarly, our Cash for Families feature allows teens to use Cash App with approval from a Sponsor (parent or guardian). This includes lower transaction limits and limited access to products, restrictions on where they may use their Cash App Card, increased privacy settings, as well as tools for the Sponsor to oversee their teen’s account.
We maintain platform-wide controls to ensure safety and integrity. For new customer onboarding, controls are designed to proactively detect whether a bad actor is attempting to return to the platform. If so, we will block the onboarding attempt and/or remove the account. While each of our products maintains robust controls to deter unwanted behavior, we recognize that bad actors continually adapt their tactics. To stay ahead, we leverage advanced technology and machine learning, enabling us to detect and prevent sophisticated threats effectively.
Advanced Technology and Machine Learning for Real-Time Detection
With advancements in technology such as generative artificial intelligence (Gen AI), we believe that managing risk on Cash App through machine learning is essential.
The use of machine learning manifests throughout the entire account lifecycle on Cash App. At onboarding, each customer receives an activation Customer Risk Rating (aCRR) followed by a continuous Customer Risk Rating (cCRR), which is powered by dedicated machine learning models. When customers go through identity verification (IDV), we combine data from industry-leading third party vendors with our own models, which can independently reject the attempt or require additional verification, even if our vendor is able to verify the customer’s identity. Similarly, all transactions are evaluated by these models and are designed to detect potential risks, such as suspected gambling, fraud, and Child Sexual Exploitation (CSE) for example. Our systems may block (in real-time) transactions suspected of prohibited activity, escalate the account for manual review, and/or may close the associated account(s) immediately based on our level of confidence.
These models utilize a multitude of signals based on activity patterns we observe to be associated with higher risk, and internal intelligence such as location signals and information about a customer’s device and counterparties. For example, when evaluating the authenticity of a customer’s account, we may compare information provided directly by the customer (i.e., ZIP code) with information derived from internal tools, such as IP address. Evaluating these signals together allows us to evaluate potential fraud or other unwanted behaviors, which may result in requiring more information from the customer, or in some cases account offboarding. Our teams continuously leverage the outcomes of these actions to refine and update our controls.
Post-Transaction Monitoring and Offline Evaluations
Our post-transaction monitoring and offline evaluations enhance our ability to detect potentially suspicious and unwanted activity at various points in a customer’s lifecycle. These models and heuristics are complementary to our real-time actions; these models may be more complex than those in real-time, leveraging larger scale network interactions and additional information about a customer that may not be available at the time of a transaction. They also allow us to take retroactive action on accounts, which may lead to a manual review to evaluate if bad activity has potentially occurred.
To support our internal, proprietary data, we gain intelligence from third-party vendors who have access to data outside of Block’s ecosystem. For Bitcoin, we have integrated with industry-leading vendors who allow us to understand the nature and risk associated with virtual currency wallets, which then informs action we may take, either in real-time or retroactively depending on information available at the time. For example, our blockchain analytics tools can identify when a receiving Bitcoin address has exposure to high-risk services or suspicious patterns of activity. This intelligence allows us to make risk-based decisions in real-time and continuously monitor for emerging threats that might affect our customers. Other anomalous activity may trigger rules in our Offline Risk Management (ORM) tool to suspend an account based on unusual location signals, device information, or interactions with other potentially suspicious accounts, requiring additional verification to continue using Cash App. These accounts (as well as their connected accounts) may get sent to compliance or risk experts to undergo a thorough review.
Third Party Partnerships
While technology is at the heart of our risk management strategy, we believe that solving these problems alongside key external stakeholders is far more effective than solving these problems alone. As such, we have developed strong relationships with third parties to help inform our processes. Bad actors often exploit a range of digital platforms, including social media and messaging apps to facilitate illegal activities before ultimately using payment platforms to conduct transactions. Cash App collaborates with financial institutions, law enforcement agencies, and industry peers to share intelligence and develop comprehensive strategies to combat illicit commerce. This collective effort enhances our ability to identify and disrupt illegal activities more effectively than we could alone.
Empowering Our Customers
To help stop illicit activity on our platform, we focus not only on building strong detection systems, but also on equipping our customers with the tools and knowledge to recognize and respond to bad actors. Cash App provides clear, accessible resources to help customers identify suspicious behavior and take action — whether that's reporting suspicious activity, blocking another user or adjusting privacy settings to better control their experience.
Our investments in real-time scam detection allow us to intervene directly in some cases, warning customers or blocking suspicious transactions involving both fiat and bitcoin. At the same time, we encourage customers to play an active role in protecting the integrity of the platform, empowering them to serve as a critical line of defense against misuse.
Continuous Improvement and Transparency
The landscape of digital threats is ever-evolving. Cash App is committed to the continuous enhancement of our security measures, regularly updating our technologies and protocols to address new challenges.