Security Experts:

Connect with us

Hi, what are you looking for?



Microsoft, PayPal Invest in Anti-Fraud Startup Arkose Labs

Arkose Labs Raises $22 Million in Series B Funding

Arkose Labs Raises $22 Million in Series B Funding

San Francisco, Calif-based Arkose Labs has raised $22 million in a Series B funding round led by the Microsoft venture fund, M12. Existing investors PayPal and USVP participated, bringing the total raised so far to $36.5 million. Arkose Labs provides a fraud detection and prevention platform.

The firm was founded in Brisbane, Australia by Kevin Gosschalk (CEO) and Matthew Ford (VP of product and science) in 2015. When it launched commercially in 2017, it moved its headquarters to San Francisco. The system is designed to protect any consumer action from abuse and fraud, such as account takeover, fake account abuse, scraping, spam, gift card abuse and other activities.

Gosschalk has previous expertise in interactive machine vision technology, while Ford has experience in video gaming technology. The two brought their experience together to develop a new and unique approach to authenticating attempted online transactions — a solution that in their own terminology is designed to bankrupt the fraudsters. 

The Arkose Labs platform comprises two components: Arkose Detect and Arkose Enforce. Arkose Detect learns behavioral patterns across devices and networks. It triages traffic and uses a risk score to determine between genuine users and fraudsters. If confident that the user is valid, the user is authenticated.

However, if there is any doubt, traffic is passed to the Arkose Enforce application. Users are now presented with a visual puzzle that must be solved. If satisfactorily solved, the user will be authenticated. But if not successful, the user (now considered to be a fraudster, either in person or a bot) is not simply blocked. Further visual puzzles are presented to engage the attacker’s resources in a useless cycle of effort. The intent, said Arkose in a statement, is “to bankrupt the business of online fraud and abuse… by making cybercriminals expend massive effort to conduct their attacks, which eliminates the ROI and profitability of fraud.” The purpose, added Gosschalk, is “to eliminate fraud, rather than contain it.”

This process reverses the accepted belief in authentication — it increases rather than decreases user friction, but only for suspected fraudsters. Using the founders’ background in interactive visuals and gaming, the additional authentication possibly required for genuine transactions can be treated as a bit of fun by real people, but is impossible to solve by automated means. The overall result is to decrease user friction for genuine transactions but increase it for fraudsters, while maintaining a very high level of accuracy in its determinations.

The new funding is expected to be used for further product development, new hires and expansion into the EMEA market. Arkose Labs expects to build partner-led market strategies for Latin America and the Asia-Pacific region. It achieved a 400% revenue growth while doubling its customer base in 2019. Those customers include Microsoft itself, GitHub, Electronic Arts,, Singapore Airlines, Roblox and Twilio among many Fortune 50 companies.

“Microsoft is committed to providing a safe experience to our customers,” said Alex Weinert, director of identity security at Microsoft. “Arkose Labs’ technology is an important component of our multi-pronged approach to minimize fraud without negatively impacting legitimate customers.”

Related: Fraud Prevention Firm Sift Science Raises $53 Million 

Related: Mobile Payment Fraud on the Rise 

Related: eCommerce Fraud Prevention Firm Riskified Raises $165 Million 

Related: Fighting Fraud With Threat Intelligence: Debunking Common Misconceptions

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.