Because someone wants your payment instructions – probably they are investing in a vehicle you control, making a distribution in connection with an investment that you made, or wish to pay an invoice to your organization.
DoubleCheck lets you share instructions securely.
Because hijacked payments are a huge problem. Here’s an example:
- You are expecting a payment, so you send an e-mail to your counterparty with your wire instructions.
- But then a scammer who has infiltrated the email chain sends another email, pretending to be you, with new wire instructions.
- Result: your counterparty pays the scammer.
Exchanging payment instructions through DoubleCheck ensures that the right person gets the right instructions.
DoubleCheck uses a variety of authentication techniques to make sure that you are dealing with the right person.
We collect information for the purposes of authentication only. We never use this information for any other purpose, and we never share it or sell it.
This gives us a record of who responded to a request. We believe that this is the best way to authenticate. Email can be spoofed, and video is more secure and less invasive than collecting social security numbers or driver’s licenses.
We don’t show the video to anyone, not even the person sending you the request. We’ll delete it after your payment is completed, or even earlier at your request.
You don’t need to sign up to respond to a request. If you want to use DoubleCheck to send out your own requests, you need to create an account.
Some parts of DoubleCheck’s verification process achieve similar goals, although the approach is different.
By getting into the email account of one of the participants.
The problem was $26 billion over the last few years, according to the FBI.
If you know them and recognize their voice, you can do that. But phone calls are cumbersome, surprisingly easy to do wrong, and subject to fakery.
That’s good! But no firewall can protect you from fraudulent e-mails from associates who were the victim of email takeover.
Even if your employees are phish-proof, it’s impossible to prevent your counterparties from being phished. Meanwhile, if your counterparties get compromised, you are at risk.
Sadly, no. Their policies only protect themselves. But it’s not their fault, because they can’t know who your counterparty is supposed to be. Only you know that.