Skip to main content

Riskified

Active competitor

Revenue optimization with chargeback guarantee — absorbs fraud liability. Expanding into ticketing (device takeover attacks). No geolocation product.

riskified.commaxim.mosinVerified 1mo ago
Compare
USEUGlobalE-commerceLuxuryTravelTicketing (new)iGaming payments#new-verticals#chargeback-guarantee#ticketing-expansion#no-geo#compete-soft

Detection scorecard

How Riskified handles every spoofing technique we test for. Click any cell for findings.

Full matrix →
  • Detected
  • Partial
  • Missed
  • Not tested
CompetitorVPNProxyRemote accessFake GPS appGPS spooferEmulatorDevice farmJailbreak / RootResigned / tampered appSideload (PlayCover)Browser extensionMITM / replayTor

Strongest findings

Failed and partial test outcomes ranked for sales impact — what to lean on in a call.

No findings yet

Once tests land in updates/ with an outcome, they'll surface here.

All findings

Test results and intel tagged to Riskified.

Operator
Threat
No findings on file for this competitor yet.

Battle card

Talking points for a live sales call.

Riskified is a revenue-optimisation platform that uses proprietary AI to make approve/decline decisions on behalf of merchants — and absorbs the chargeback liability entirely. Their core differentiator is financial risk transfer: merchants outsource fraud liability rather than receiving a risk score. **Expanding into ticketing fraud (device takeover attacks)** as a new vertical growth area in 2025-2026. This creates a potential co-sell with GeoComply: Riskified covers the financial fraud liability; GeoComply covers geographic purchase restrictions (regional presales, local-only sales) and bot farms operating through geographically diverse proxies. **Critical competitive message: Riskified's guarantee covers fraud loss, NOT compliance liability.** A user who transacts from a sanctioned jurisdiction and gets approved by Riskified is still a regulatory problem for the operator.

Watch out for

  • Chargeback guarantee — merchants outsource fraud liability entirely. Strong commercial pitch.
  • Proprietary AI + cross-merchant network data for approve/decline decisioning.
  • Ticketing expansion (device takeover attacks) — new vertical growth area.
  • Pre-built plugins: Magento, Shopify, Salesforce Commerce Cloud.

How we win

  • No geolocation product — no location verification, no jurisdiction enforcement.
  • No GPS, Wi-Fi, or Bluetooth signals.
  • No AML.
  • No compliance audit log.
  • Chargeback guarantee does NOT cover regulatory liability — sanctioned-jurisdiction transactions still expose the operator.

Capability claims

What they say they do, grouped by category. Cross-check against the detection scorecard above — claims and tests don't always match.

Geolocation

How accurately and reliably the product determines a user's real location.

  • GPS / OS locationUses native device GPS or OS-level location services.
    Noverifiedstale
  • Wi-Fi triangulation
    Noverifiedstale
  • IP geolocation
    Partialverifiedstale

    Basic IP geolocation for anomaly detection only.

  • IP-change detectionContinuously monitors IP and re-runs geolocation on Wi-Fi ↔ cellular or VPN swap (GeoComply MyIP equivalent).
    Partialinferredstale
  • Boundary / state-lineHandles users moving across regulated boundaries during an active session.
    Noverifiedstale
  • Near-border accuracyMulti-point aggregation + buffer-zone handling near regulated borders; measured as pass rate at 250m.
    Noverifiedstale
  • Pre-login pre-check
    Partialverifiedstale

    Real-time approve/decline decisioning.

  • Multi-jurisdictionSingle integration handling operators in multiple regulated states (GeoComply Multipass / Dynamic Boundaries equivalent).
    Noverifiedstale
  • Desktop plugin (PLC-class)Native desktop client / plugin required by PA, NJ, MS and most US iGaming regulators.
    · Unknowninferredstale
  • On-property BLE geofenceBluetooth Low Energy precision geofencing for tribal / on-property venues (PinPoint-class).
    · Unknowninferredstale

Anti-spoofing detection

Detection coverage for the spoof vectors tested by the Competitive Intelligence team. Cell values reflect SDK-level detection of the listed vector at the most recently tested operator.

  • VPN exit nodesDetects commercial VPN exit nodes (NordVPN, ExpressVPN, Surfshark, etc.).
    Partialinferredstale
  • Proxy / residentialDetects datacenter and residential proxies — the harder class of IP obfuscation.
    Partialinferredstale
  • Tor exits
    · Unknownrumorstale
  • Remote desktop (RDP)Detects AnyDesk, TeamViewer, FaceTime, Assistant, HopToDesk, iPhone screen mirroring, RustDesk and similar remote-control sessions.
    · Unknownrumorstale
  • Fake-location appsDetects iAnyGo / Fake GPS / mock-location apps on iOS and Android.
    Noverifiedstale
  • Hardware GPS spooferDetects HackRF / BladeRF and GPS-simulator-device signal injection.
    Noverifiedstale
  • Emulator / VMDetects Xcode iOS Simulator, BlueStacks, Genymotion and similar virtual environments.
    Partialinferredstale
  • Device farm / VMOSDetects VMOS / virtualized Android device-farm environments used for multi-accounting.
    Yesverifiedstale

    Cross-merchant network shared fraud history.

  • Jailbreak / rootDetects jailbroken iOS, rooted Android (incl. Magisk hidden root), and Frida / runtime-hook tampering.
    · Unknowninferredstale
  • Resigned / tampered appDetects iOS apps that have been re-signed / Android apps that have been repackaged with injected code.
    · Unknowninferredstale
  • Sideload (PlayCover)Detects ARM-macOS iOS sideloading via PlayCover and equivalent hardware-abstraction loaders.
    · Unknowninferredstale
  • Browser extension spoofDetects Chrome / browser extensions that spoof location (Location Guard, Hola, etc.).
    · Unknowninferredstale
  • Session terminationTerminates session when location services are disabled mid-game or device leaves the jurisdiction.
    Yesverifiedstale
  • MITM / replay attackResists network-level interception, request tampering, and replay attacks against the SDK ↔ backend channel.
    · Unknowninferredstale

Identity & KYC

Document verification, biometric liveness, sanctions screening.

  • Document scan / OCR
    Noverifiedstale
  • Biometric liveness
    Noverifiedstale
  • Sanctions / PEP
    Noverifiedstale
  • AML / responsible gaming
    Noverifiedstale
  • Reusable identity
    · Unknowninferredstale

Platform coverage

Which surfaces the SDK / product runs on.

  • iOS native
    · Unknowninferredstale
  • Android native
    · Unknowninferredstale
  • Web / browser
    Yesverifiedstale
  • React Native
    · Unknowninferredstale
  • Flutter
    · Unknowninferredstale
  • Unity
    · Unknowninferredstale
  • .NET / desktop
    · Unknowninferredstale
  • Server-side API
    Yesverifiedstale

    REST API + Magento/Shopify/Salesforce plugins.

Compliance & certification

Regulatory coverage and certifications.

  • US state-licensed (iGaming/sportsbook)
    · Unknowninferredstale
  • US tribal / on-property
    · Unknowninferredstale
  • Canadian provincial
    · Unknowninferredstale
  • European (MGA/UKGC)
    · Unknowninferredstale
  • LatAm (Brazil SPA)
    · Unknowninferredstale
  • SOC 2 Type II
    · Unknowninferredstale
  • ISO 27001
    · Unknowninferredstale
  • GLI-certified
    · Unknowninferredstale

Fraud & device intelligence

Device fingerprinting, IP intelligence, behavioral signals, account-takeover detection.

  • Device fingerprint
    Yesverifiedstale
  • IP intelligence DBMaintained DB of VPN / TOR / proxy / hijacked-residential IPs with documented refresh cadence (GeoGuard equivalent).
    Partialverifiedstale
  • Behavioral signals
    Yesverifiedstale
  • Velocity / impossible travel
    Yesverifiedstale
  • Bot detection
    · Unknowninferredstale
  • Account takeover
    Yesverifiedstale
  • Chargeback mgmt
    Yesverifiedstale

    Core product — chargeback guarantee with financial liability absorption.

Ops & integration

How easy the product is to integrate, observe, and operate.

  • Self-serve onboarding
    · Unknowninferredstale
  • Case management UI
    Yesverifiedstale

    Chargeback dispute management workflow.

  • Webhook delivery
    · Unknowninferredstale
  • Real-time API
    Yesverifiedstale
  • Analytics dashboard
    Yesverifiedstale
  • Audit log export
    · Unknowninferredstale
  • Encrypted responseDetection flag names hidden from the end user (GeoComply uses encrypted XML; most challengers expose JSON flag names).
    · Unknowninferredstale
  • SDK hardeningSDK is signed, obfuscated, and license-bound — not findable / patchable to inject coordinates client-side.
    · Unknowninferredstale

Commercial

Pricing model and go-to-market shape.

  • Usage-based pricing
    Yesverifiedstale
  • Flat license / enterprise
    · Unknowninferredstale
  • Free tier / trial
    · Unknowninferredstale
  • Publicly listed pricing
    · Unknowninferredstale
  • Bundled with platformGeo is bundled inside a broader platform deal (OpenBet, GeoLocs/Mkodo, Playtech).
    Yesverifiedstale

Talking points

  1. Riskified covers fraud loss, NOT compliance liability. The chargeback guarantee absorbs financial loss on approved transactions — it does not constitute jurisdictional authorisation. If a user transacts from a sanctioned jurisdiction, the operator still owns the regulatory exposure.
  2. Co-sell in ticketing. Riskified for device-takeover fraud + financial liability; GeoComply for regional presales / local-only sales / bot farms through diverse proxies. Non-overlapping fraud surfaces in the same vertical.
  3. No geo product, no AML — easy positioning conversation in any deal where compliance-grade location is a requirement.