Want more insights?
Sign up to join our mailing list.
IRL was an app that promised to connect young people and help them discover real time events together – putting the social back in social media. And it would, it said, give Generation Z, who never related to established sites like Facebook, their own platform.
But now it has been abruptly shut down and hundreds of millions of dollars of investors’ money has been lost as a result.
Users attempting to log on to IRL.com – the name comes from a long-standing internet acronym for ‘in real life’ – now just see a picture of Squidward, a sad-faced character from the SpongeBob SquarePants cartoons which were popular with Gen Z’ers when they were kids, along with the message: “IRL has shut down. We thank you for hosting your community chats with us, and we wish your community great conversations on other platforms moving forward.”
It was a startling crash for a start-up that had seemed to have so much going for it – and which had been a darling for investors: it had that terrifically memorable domain name, had secured over $200 million in funding and had rapidly grown a global user audience from nothing to 20 million.
Until recently the company had even appeared to have overcome the challenges of launching an event-discovery app during the early days of the COVID-19 pandemic when everyone was stuck inside. And as the world unlocked again, IRL looked set to boom.
Well, in a perfectly neat case of irony, it turned out that almost all of those supposed 20 million unique users of IRL.com didn’t actually exist in real life. An inventory discovered that as many as 95% of those on the platform were fake accounts, bots and the like.
There had already been dawning concerns about IRL in the spring when its founder and CEO was suspended, and a new team brought in. It was their investigation that discovered the terrible truth – and when that became public, investors couldn’t pull out fast enough which meant the final collapse was inevitable.
Of course, IRL isn’t the first app to be haunted by fake users. Twitter has long been plagued by the same – which became a negotiation point when Elon Musk was trying to buy it. And earlier this year JP Morgan sued the founder of Frank, an app it required for $175 million, for allegedly misleading it over the start-up’s user numbers to increase the sale price.
But IRL must be the app that’s been most spectacularly brought down by bots.
There are a number of lessons that can be learned from this – about due diligence, investor gullibility and so on – but for me its most pertinent take-home is that it reinforces the critical importance of knowing your customers.
It used to be that online enterprises faced a stark choice between cumbersome and time-consuming registration procedures that meant they could be confident about who was on their platform – and a speedier service that just required an email address and password to join. The latter had the benefit that it wouldn’t put off those casual potential customers from signing up speculatively – but that convenience came at the cost to the host that they then didn’t know who they were letting in.
And that in turn could have damaging longer-term consequences for the integrity of the entire brand, whether that meant critically undermining investor confidence, as with IRL, or allowing fraudulent criminals to prey on bona fide users of your platform – with ruinous reputational repercussions.
The steady refinement of on boarding procedures more recently has meant that that invidious choice between security and speed need no longer exist. These new methods, trail-blazed by the fin-techs and now becoming more prevalent, allow real-time almost instant access without sacrificing robust security protocols.
They do this by digitally scrutinizing the basic sign up detail supplied by the applicant and cross-comparing them against trusted account and other global databases. Primarily this revolves around their telephone number which can provide insight into their identity – as well as showing circumstances and history that can either corroborate that what and who they are presenting as is genuine, or provide a red flag if it isn’t.
All this can be done within microseconds so there’s no off-putting delay or request for screeds of personal information or uploading of supportive documentation.
These kinds of checks are our bread and butter at TMT Analysis – and are increasingly becoming accepted as industry standard.
Had IRL focused more on the basics like this from the outset rather than indiscriminately accepting new registrations they might still be trading rather than having become the punchline of their own joke.
Sign up to join our mailing list.
Take a look at our latest white paper, Tackling Mobile Identity Fraud in Financial Services. Our our product experts are always on hand to answer any questions!