Capital
Banking & fundraising tools for founders.
Overview
Capital (acquired 2023) evolved from Party Round. The company rebranded and expanded from a fundraising tool into business banking, enabling users to hold and spend funds right after their raise.
Capital features included balances, transaction enrichment, payments, debit cards, and team management with scope-based permissions.
My UX research role focused more on retention, data-driven product optimization, and strategic vendor process improvements.
Highlights
Ideated and led Design and Engineering initiatives to launch automated debit card status communications and improved KYB heuristics, mitigating fraudulent accounts by 78%
Initiated customer tiering and ticketing process, owning relationships as account manager for 800+ onboarded businesses ($20M+ value)
Defined and managed customer support processes and training support team to route, prioritize, and resolve tickets
Feburary — March 2023
Suspected fraud transaction handling
When we launched debit cards, we encountered a few strategic imperatives, specifically for risk mitigation.
Note: Due to NDAs, this study includes adapted content. Methods and processes reflect original work but user groups, certain feedback, and user data have been adapted.
Team
UX Researcher
Sarah Bai
Product Designer
Dimitri Knight, Lead Designer
Content Editor
Andrew Ettinger
Developers
Brian Armstrong, Head of Engineering
Alice Jin, Software Engineer
Problem
Early into the debit card launch, I managed a debit card beta test group for usability. We noticed a relatively high volume of debit transactions getting flagged for various reasons. The various suspected fraud reasons were for both valid fraudulent and non-fraudulent transactions.
The transaction could still automatically be passed through by Visa or declined, so there were many user states for this seemingly single user state that we had initially considered.
At the time of launch, we had not yet built communications, product notifications, or other handling processes for these states. Visa, our payment processor, directly notified impacted users by phone or email, however the success rate of the user properly responding without any nudge from Capital was very low.
These user states although uncommon, were not to be treated as edge cases. We needed to hold the same high standard of handling these states as the rest of our product for business compliance and financial security for our customers.
Goals
Deliver clear expectations and actionable items to enable customers to unblock their cards
Establish robust fraud prevention and detection mechanisms and provide customers with information on how to report fraudulent activities
Maintain compliance obligations and regulatory requirements to prevent bad actors and penalties
Value
Risk mitigation — identified and investigated potential fraud cases to minimize financial losses and reputational damage
Retention — fostered trust and commitment to the customer’s spending needs so they can remain assured by our services
Operational efficiency — automated specific user states to promptly address special cases and reduce manual intervention
Brand reputation — helping users overcome an inconvenient situation out of our control by optimizing communication and factors in our control
Process
Understanding the user's goal and frustrations — Since we had added banking and transactions, there were a few larger unanticipated or slight oversights out of scope that we had to prioritize, starting by asking the right questions. We needed to properly take the real suspected fraud cases at face value and scope all the other user states from a technical perspective.
From a UX perspective, we needed to understand what the user was currently experiencing overall, through Capital, Visa, our app, and other communications.
Scoping the external restrictions and user conditions — Since there are various implementation boundaries in financial technology, we needed to prioritize compliance for our business and reiterate security. This initiative included extensive research into Visa card transaction statuses, risk level ratings, and API docs with our banking partner.
Propose and implement solutions across teams — Establishing financial security measures requires a company wide collaboration. Financial regulation is also an area where referencing standard solutions is highly common. We understood this was not a project to reinvent the wheel, however we aimed to maintain high standards for the user experience.
Within handling standard Visa suspected fraud transaction states, we still needed to build a seamless multi-level handling so that users felt personally taken care of given the external experiences that we could not control.
Methods
To understand the user, we needed to speak to them and learn about the current experience, their expectations and the external Visa communications.
Designed our deep-dive user interview guide to scope out the current UX and pain points
Interviewed each initial suspected fraud transaction user (N > 9)
Synthesized the feedback and conducted debriefs with our Product and Engineering teams
An initial map of the suspected transaction user states. We referenced our banking partner's API docs in order to visualize what happened to a user's card under a certain risk level and any actions a user needed to take to unblock if possible.
We referenced API docs from our payment processor and finance partners to map the user states. We consulted our finance partners on Visa actions since Visa’s specific fraud risk detection model is classified.
I interviewed and worked with each of the impacted suspected fraud customer cases, to understand more about the Visa communications process ourselves and understand the spending preferences of our customers. We technically had several viable solutions such as cancelling the frozen card and issuing a new one or having the spends temporarily go on some other admin user’s card.
Sample Questions
What is the best way to reach you for urgent transactional updates? What method do you prefer?
If any action was required from you to unblock your state, what are the top three most important things for you to know?
What external communications, if any, did you receive from Visa and what was your impression of these communications?
Outcome
I proposed and collaborated with our fellow team members to implement the following:
1. Automated Notifications — We implemented push and email notifications for user states. In some user states we urged users to respond to an email from Visa. The official Visa email did not visually appear trustworthy and maybe itself even a bit phishy so our comms doubled down on the requirement and urgency to respond.
2. Account Outreach — Some cases warranted a call from our Customer Support team. Certain factors may be dictated by customer tier, urgency, level of risk rating, and user card state. We wrote and implemented a strict call script to verify the user’s identity and take necessary steps depending on the user’s state.
3. User interface — We mapped out suspected fraud user states so that we were able to customize handling reasons in app and enable users to self-fix any blockers.
As a result, we improved a significant high risk factor of one of our new features, and users that hit this state were much more empowered and secure while we could still monitor bad actors.
Users have significantly lower confidence in the product after X amount of time if the suspected fraud state details and unblocking action are not communicated properly. Testing comms timing with customers and moving along the Visa action window was important to plan.
Even if Visa poses frozen card issues or delays unblocking, customers are delighted to hear proactive responses from us. We decided to lean into the Account Outreach even if the risk level was lower.
This data also allowed us to gather more of an understanding on which types of accounts were more likely to get flagged or could be higher cost to us to support. We ultimately saw high success of customers addressing suspected fraud card states on their own with little to no intervention from us.
We also were able to catch a couple of valid fraudulent transactions and cancel cards or accounts accordingly, mitigating further risk. This project was followed closely by a new internal KYB review process that I collaborated on (details at bottom of page). Some performance metrics redacted, feel free to contact me for more info.
I drafted and mapped the initial email communications for different suspected card fraud states. I also drafted the account manager outreach script. Then I worked with Engineering, Design, and Marketing to finalize and implement these notifications.
Challenges and Learnings
Often times in financial technology or banking companies, there will be multiple payment partners and third party vendors. Capital provided and built the software, but the financial infrastructure that some of our vendor tools ran on were quite archaic.
Visa was one of those partners that we could not directly reach to investigate with but we had to push on the information given with the partner API. Customers would not always respond to Visa’s suspicious-looking outreach, so we had to reiterate our business sophistication and security to extend customer trust to external entities.
While our mission is to innovate the experience for users, we as the builders must navigate around the convoluted rules and integration products of sometimes legacy systems.
This was also a fairly difficult process to scope because we had not hit most of the user states we were building for because the states and risk ratings were not controlled by us.
Overall, it was a necessary update that had many solutions for the same outcome, but I learned that the best solutions optimize the inputs that the business can control, a reflection of how a business values its customers.