Platform-Inside-Platform
Platform-Inside-Platform involves a merchant presenting themselves as a generic SaaS platform (e.g., "Online Course Creator" or "Community Forum"), while the actual high-risk commerce happens inside the gated member area.
📝 Short Summary
- Scenario: A site selling "Premium Trading Community Access" (Low Risk Education). Inside, it is a marketplace for high-risk "Crypto Signals" or "Pump and Dump" schemes.
- Business Motivation: To categorize as "Education" (MCC 8299) or "Membership Org" (MCC 8699) instead of "Investment Advice" or "Digital Goods".
- Key Deception: The "Platform" is just a paywall; the real value is the high-risk activity inside.
🏗 Technical Architecture
Frontend Behavior (Customer View)
- Public Site: "Learn to trade like a pro. Join our discord/community."
- Checkout: Monthly subscription ($99/mo).
- Post-Login: Immediate redirection to a Telegram group or a private dashboard selling unregulated financial advice.
Backend Behavior (PSP View)
- MCC: 8299 (Schools/Educational Services).
- Recurring Billing: High retention (looks healthy).
- Content: Public pages show video thumbnails and "curriculum" (which may be dummy content).
🕵️♂️ Detection Challenges
- Gated Content: The risk officer cannot see the "inside" without buying a subscription.
- Plausible Deniability: The merchant claims they sell "Education/Analysis", and users are just "discussing" trades (avoiding financial regulation).
- Low Chargebacks: If the users are complicit (getting rich quick), they don't complain... until the scheme collapses.
🏦 PSP Detection Probability
| Provider | Probability | Detection Analysis |
|---|---|---|
| Stripe | 60% | Medium. Hard to detect without "Mystery Shopping". Relies on external reports or sudden volume spikes. |
| Adyen | 70% | Medium/Strong. Uses advanced web crawling that attempts to find login portals and deeply nested links. |
| PayPal | 80% | Strong. Strict policies on "Get Rich Quick" schemes. Frequently freezes funds for "Financial Services" review. |
| ClickBank/HotMart | 90% | Very Strong. As specialized digital goods processors, they have heavy compliance on "BizOpp" (Business Opportunity) offers. |
| Worldpay | 50% | Medium. Corporate accounts may overlook this as "Digital Services" until a regulator complains. |
🛡️ Recommended Detection Strategies
1. "Empty Shell" Analytics
If the merchant claims to be an "Education Platform", analyze user telemetry (if available via SDKs).
- Signal: Users login but spend 0 minutes watching videos.
- Signal: 100% of users click an external link (e.g.,
t.me/joinchat) immediately after payment.
2. Keyword Correlation in Marketing
Scan the merchant's external marketing (Twitter, Instagram, TikTok).
- Signal: Site says "Education", but Twitter bio says "1000x Gains Guaranteed".
3. Defensive Pseudocode (SQL Monitoring)
sql
-- Example: Detect "Education" merchants with suspicious chargeback codes
-- "Education" usually gets "Service Not Received" (13.1)
-- "Scams" get "Fraud" (10.4) or "Credit Not Processed" (13.2)
SELECT
merchant_id,
merchant_name,
COUNT(*) as total_disputes,
SUM(CASE WHEN reason_code IN ('10.4', 'fraud') THEN 1 ELSE 0 END) as fraud_disputes,
(SUM(CASE WHEN reason_code IN ('10.4', 'fraud') THEN 1 ELSE 0 END) * 100.0 / COUNT(*)) as fraud_ratio
FROM disputes
WHERE mcc = '8299' -- Education
GROUP BY merchant_id, merchant_name
HAVING total_disputes > 20 AND fraud_ratio > 15;
-- A real school rarely has >15% 'Fraud' disputes; parents usually argue about refunds, not fraud.