Why We Invested in Sign3

Transcript

SPEAKER_00 0:00

You know, usually when we sit down for a deep dive, we are looking at something pretty polished, like a finished product. Maybe it's a uh a best selling book or a finalized research paper, a slick news article. We're usually looking at the surface of things.

SPEAKER_01 0:15

Right. We usually see the result, not the messy process that actually got us there.

SPEAKER_00 0:20

Exactly. But today, today is a little different. Today we are looking under the hood. We managed to get our hands on an internal investment memo from Cedar Hill Capital, and it is dated just this month, February 2026.

SPEAKER_01 0:34

Fresh off the press.

SPEAKER_00 0:35

Yeah, literally. And it details exactly why they decided to pour millions of dollars into a company called Sign 3.

SPEAKER_01 0:41

And honestly, reading this memo, it doesn't read like a dry financial document at all. It reads more like an intelligence briefing on a war zone.

SPEAKER_00 0:48

A war zone. I mean, that is a pretty heavy description for a tech investment.

SPEAKER_01 0:51

It feels appropriate, though. There is an invisible war happening literally every single second inside the global financial system. It is the war between the banks or the fintechs and the fraudsters. And if you read between the lines of this memo, the big takeaway is uh it's pretty scary. The bad guys are winning, or at least they have leveled up significantly and the good guys are just scrambling to catch up.

SPEAKER_00 1:15

Yeah, that is the core premise we are exploring today. We are going to unpack this memo to figure out two things for you listening. One, how has fraud evolved from, you know, stolen credit cards to something that requires advanced AI to fight? And two, what specifically did Cedar Hill Capital see in this company sign three that made them think, yeah, okay, this is the weapon that finally wins the war?

SPEAKER_01 1:37

It's a classic arms race. But before we get to the solution and why Cedar Hill thinks this is the solution, we really have to understand the battlefield. The memo kicks off by setting the stage with a section called The Changing Face of Fraud.

SPEAKER_00 1:48

They use a specific phrase that I actually circled in red ink. They say fraud has become smarter, faster, and more fragmented. So let's break that down. Smarter I get, technology gets better. But fragmented, what does that mean in this specific context?

SPEAKER_01 2:04

So think about the old days. If I wanted to rob a bank, I walked in with a mask and a note. If I wanted to commit credit card fraud, maybe I stole your physical wallet or skimmed your card at a gas station. It was one person, one act, one victim.

SPEAKER_00 2:19

Right.

SPEAKER_01 2:19

Fragmented means the attack is now split across thousands of devices, identities, and accounts.

SPEAKER_00 2:24

Give me a specific example of how that actually works.

SPEAKER_01 2:26

Okay, take mule networks, which the memo highlights is a major growing threat. In the past, a money launderer might try to move a million dollars through one shady account. That's a huge red flag, right? The bank freezes it immediately.

SPEAKER_00 2:38

Right, because it's way too big to hide.

SPEAKER_01 2:40

Exactly.

SPEAKER_00 2:41

Right.

SPEAKER_01 2:41

Today they use a mule network. They break that million dollars into 10,000 tiny transactions. They recruit often unknowingly regular people to receive the money and forward it. Maybe they think they are working a work-from-home job processing payments.

SPEAKER_00 2:54

Wow. So the fraud is fragmented across thousands of completely legitimate looking accounts.

SPEAKER_01 2:59

Precisely. To a traditional bank system, it just looks like people paying each other $100 here, $50 there. You can't see the spider web, you only see the individual strands. That is fragmentation.

SPEAKER_00 3:10

Yeah.

SPEAKER_01 3:10

And it is incredibly difficult to stop because no single transaction looks illegal on its own.

SPEAKER_00 3:15

That is incredibly difficult to stop. And the memo lists other threats that sound like they are straight out a cyberpunk novel, honestly. Synthetic identities. That one really stuck with me.

SPEAKER_01 3:24

Yeah. That is the smarter part of the equation. And it is arguably the most insidious.

SPEAKER_00 3:30

It sounds like cloning.

SPEAKER_01 3:31

In the digital sense, it kind of but it's distinct from traditional identity theft. If I steal your identity, the victim is you. I use your credit score, I ruin your reputation. But in a synthetic identity, I create a person who just doesn't exist.

SPEAKER_00 3:46

Right.

SPEAKER_01 3:46

I take a real social security number, maybe from a child or someone deceased, or someone who was incarcerated and they're just not using their credit. And I combine it with a fake name, a fake address, and a drop phone number.

SPEAKER_00 3:57

And then what? You just apply for a massive loan.

SPEAKER_01 3:59

No, no, that's the scary part. You play the long game. You apply for a small credit card or storecard. You pay it off. You build a credit score for this ghost. You nurture this fake person for years. The algorithm looks at it and thinks John Doe is a model citizen. Wow. And then once the credit limit is high enough, boom, you bust out. That's the industry term. You max out the loans, take the cash, and vanish. Because the person never existed in the first place.

SPEAKER_00 4:25

So the bank is sitting there looking for a victim to complain, like, hey, I didn't spend this, but there is no victim.

SPEAKER_01 4:31

Exactly. It creates massive losses that are often just written off as bad debt because the bank doesn't even realize it was fraud. And the memo points out that because digital adoption is accelerating so fast, everyone expects instant onboarding, instant loans. The banks are under immense pressure to say yes quickly. They don't have time to hire a private investigator to see if John Doe is actually a ghost.

SPEAKER_00 4:52

Which perfectly leads us to the legacy systems part of the memo. Cedar Hill is pretty harsh here. They basically say the current tools banks are using are bringing a knife to a gunfight.

SPEAKER_01 5:02

It's worse than a knife. It's like bringing a clipboard to a gunfight. The memo calls them legacy rule engines.

SPEAKER_00 5:09

A rule engine. Explain that to me like I'm five.

SPEAKER_01 5:11

Okay. Imagine a bouncer at a club, a rule engine bouncer has a clipboard. The boss says, Don't let anyone in wearing sneakers. So the bouncer looks at your feet. Sneakers, denied. Shoes, allowed. That is a rule.

SPEAKER_00 5:25

Simple, logical, really easy to program.

SPEAKER_01 5:28

Sure, but what if the bad guy wears dress shoes but carries a concealed weapon? The bouncer lets him right in. What if a VIP, someone who spends thousands of dollars at the club, is wearing limited edition sneakers? The bouncer kicks him out.

SPEAKER_00 5:40

So it's dumb. It doesn't understand any context.

SPEAKER_01 5:42

Aaron Powell Precisely. The memo calls this reliance on static threshold and isolated signals. The system checks, is the password right? Yes. Is the device location okay? Yes. Is the IP address not on a blacklist? Yes. Okay, let them in. It doesn't see that even though the password is right, the way the person type it was totally different from how the real user types.

SPEAKER_00 6:03

And the memo lists the consequences of this. It's not just that fraud gets through, it's the false positives.

SPEAKER_01 6:09

This is huge for the business side. If you are too strict with your rules, if the bouncer kicks out everyone who looks even slightly suspicious, you end up blocking legitimate customers.

SPEAKER_00 6:19

Oh, I have lived this. I travel, I try to buy a coffee in a new city, and my card gets locked. I have to call the bank, wait on hold. It's infuriating.

SPEAKER_01 6:26

And for a bank or a fintech, that isn't just annoying for you, it's expensive for them. The memo talks about manual review overload. Every time the system isn't sure, it flags the transaction for a human to look at. Humans are slow. Humans are expensive. And while the human is staring at your coffee purchase trying to decide if you are a criminal, the AI-driven bot we talked about earlier is draining an account in milliseconds.

SPEAKER_00 6:50

So we have a fast AI-driven enemy and a slow rule-based defense. That is a recipe for absolute disaster. This is the gap Cedar Hill Capital identified. This is why they wrote the check to sign three.

SPEAKER_01 7:01

Enter the AI native solution.

SPEAKER_00 7:03

Now I have to be skeptical for just a second. Every pitch deck in 2026 says AI native. It's the buzzword of the century right now. How does the memo justify that this isn't just marketing fluff?

SPEAKER_01 7:14

They make a very crucial technical distinction here. They differentiate between a wrapper and a foundation. A lot of companies just take their old rule engine, the bouncer, with the clipboard, and slab an AI chat interface on top of it. Or they use AI just to tweak the rules slightly. Underneath it's still checking for sneakers.

SPEAKER_00 7:30

Okay, so it's lipstick on a pig.

SPEAKER_01 7:32

Exactly. Sign three, according to the memo, is built as a predictive layer from the ground up. It fuses three things that usually just don't talk to each other: device intelligence, behavioral biometrics, and alternative data.

SPEAKER_00 7:45

Let's double-click on behavioral biometrics. You mentioned typing speed earlier. Is it really that granular?

SPEAKER_01 7:50

It is incredibly granular. It's not just face ID or a fingerprint, it's how you interact with your phone, the angle you hold it at, the speed of your swipe, the flight time of your thumb between the T and the H keys on the keyboard.

SPEAKER_00 8:04

Wait, really? The flight time of my thumb.

SPEAKER_01 8:05

Yes. These are unconscious motor skills. You can steal a password, you can even steal a phone, but you cannot steal the muscle memory of how a person types. If a bot takes over your account, it types instantly. Way too fast for a human. If a fraudster in a different country logs in, they might navigate the app differently than you normally do. They might hesitate on screens, you usually just breeze right through. Sign three looks at that pattern, not just the password.

SPEAKER_00 8:30

So going back to our bouncer analogy.

SPEAKER_01 8:31

The sign three bouncer isn't looking at your shoes. He's looking at your body language. He notices you're sweating. He notices you're checking the security cameras. He notices you're walking with a limp you didn't have yesterday. He's looking at the behavior, not just the credentials.

SPEAKER_00 8:46

And the memo says this leads to preemptive mitigation, which is really just a fancy way of saying stopping the car crash before it actually happens.

SPEAKER_01 8:54

Right. Instead of reacting after the money is gone, which is what most systems do do, you detect the intent. You see the synthetic identity being built before they even ask for the loan. You spot the mule network setting up before the money moves.

SPEAKER_00 9:10

That's the technology. And obviously it's super impressive. But Cedar Hill isn't a science fair judge. They are an investment firm. They want a return. The memo outlines an investment thesis with five pillars.

SPEAKER_01 9:21

I want to walk through these because they show us why this is a good business, not just a cool tool.

SPEAKER_00 9:26

It's a great framework for how investors think. It effectively answers the question why give them the money? So pillar one is the pain point. We've covered this a bit. Fraud hurts profitability and compliance. If you facilitate money laundering, the regulators will just shut you down. That's an existential threat.

SPEAKER_01 9:42

Exactly. It's not an IT problem anymore. It's a staying in business problem.

SPEAKER_00 9:45

Yeah.

SPEAKER_01 9:46

If your fraud rates are too high, Visa and MasterCard can actually just cut you off. You literally cannot process payments.

SPEAKER_00 9:53

Extremely high stakes. Pillar two is the differentiated foundation, which is the AI native tech we just discussed. But pillar three is where I think the rubber really meets the road. Market validation.

SPEAKER_01 10:04

This is the prove it pillar. You can have the best AI in the world, but if banks don't trust you, you're dead. Financial institutions are notoriously conservative. They hate changing systems. It's super risky for them.

SPEAKER_00 10:15

So what gave Cedar Hill the confidence to invest?

SPEAKER_01 10:18

The memo notes that before this investment, Science 3 already had 20 plus active clients, and not just small startups testing the waters. They list fintechs, NBFCs, which are non-banking financial companies, and major marketplaces.

SPEAKER_00 10:32

And there's a key phrase here: repeat multi-use case deployments. That sounds like investor jargon, but I feel like it's really important.

SPEAKER_01 10:40

It's investor gold. It means a client bought sign three, for one thing, maybe just checking logins, and it works so well they came back and said, Hey, can you handle our payments too? Can you handle our loan onboarding? That is called land and expand. It proves the product actually works in the wild and delivers real value.

SPEAKER_00 10:58

Which connects directly to pillar five is scalability. The memo talks about covering the entire life cycle.

SPEAKER_01 11:04

This is crucial. Remember the fragmentation we talked about, how banks have different tools for different problems. A bank might have one tool for checking IDs during sign-up, another completely different tool for monitoring transactions, and a third tool for lending risk. None of them talk to each other.

SPEAKER_00 11:20

The silo problem.

SPEAKER_01 11:21

Right. Sign three is offering a unified risk view. They're saying throw out those three disconnected tools. We can watch the user from the exact moment they download the app through their first loan to their thousandth transaction.

SPEAKER_00 11:33

So they become the central nervous system for risk.

SPEAKER_01 11:36

Exactly. And once you are the central nervous system, you are very, very hard to replace. That creates stickiness, which investors absolutely love. You don't just rip out the central nervous system because you found a cheaper option somewhere else.

SPEAKER_00 11:48

And we skipped one. Pillar four was the market opportunity. They throw out a really big number. The global fraud detection market is over $30 billion.

SPEAKER_01 11:58

And growing fast. As long as money moves online, that number goes up. Even a tiny slice of a $30 billion pie is a massive company.

SPEAKER_00 12:06

So we have a massive market, a sticky product, and unique tech. But there is one variable left: the jockey. The actual people running the company.

SPEAKER_01 12:16

The team behind the tech.

SPEAKER_00 12:18

The memo highlights the founders Arvindersingla and Amet Chahal, and they emphasize their background heavily. Two decades of experience at the intersection of risk and financial services.

SPEAKER_01 12:29

That domain expertise is just non-negotiable here. You cannot just grab two brilliant coders out of college and tell them to fix bank fraud. They don't understand the regulatory burden. They don't understand how a bank's backend actually processes a ledger. You need people who speak the language of the banks.

SPEAKER_00 12:44

The companies they worked for previously are heavy hitters too. Microsoft, Flipkart, IQ VIA, Make My Trip.

SPEAKER_01 12:51

Look at Flipkart and Make My Trip, especially. Those are Indian giants, high volume, consumer-facing, massive scale.

SPEAKER_00 12:59

And massive fraud targets, I assume.

SPEAKER_01 13:01

The absolute biggest. If you are running risk for Flipkart during the big billion day sale, you are seeing millions of transactions per second. You are seeing highly coordinated attacks. You are seeing things that a standard bank might not see for 10 years.

SPEAKER_00 13:15

So they have real battle scars.

SPEAKER_01 13:17

Exactly. The expert in me looks at that pedigree and sees execution discipline. These guys know what happens when a system goes down for five minutes during a massive sale. They know that 99% uptime just isn't good enough. That gives investors confidence that the team can actually handle enterprise scale.

SPEAKER_00 13:33

It really paints a complete picture. You have a team that has lived through the wars building a weapon that is designed for the modern battlefield.

SPEAKER_01 13:40

And the battlefield is shifting to India and global markets. The memo mentions they are excited to partner with the team as they scale across India and global markets.

SPEAKER_00 13:47

So clearly this is a global play.

SPEAKER_01 13:49

Yes, fraud is a global problem.

SPEAKER_00 13:51

Okay.

SPEAKER_01 13:51

And frankly, if you solve it in a high-volume complex market like India, which has some of the most advanced digital payment infrastructure in the world with UPI, you can solve it anywhere.

SPEAKER_00 14:02

So what does this all mean for you listening? We started by saying we are looking under the hood today.

SPEAKER_01 14:07

If we summarize the narrative arc here, the financial world moved online. That was chapter one. Chapter two was the fraudsters using AI and fragmentation to catch up and exploit the gaps in that online world.

SPEAKER_00 14:20

And we are currently in chapter three, where institutions are realizing their old shields. Those legacy clipboard rule engines are basically made of paper.

SPEAKER_01 14:29

Right. And companies like Sign 3 represent the new shield. Unified intelligence platforms is not just about blocking a bad transaction anymore, it is about understanding the identity behind the transaction in real time.

SPEAKER_00 14:41

It's fascinating how it always just comes back to data. The bad guys leverage the fact that data is siloed and fragmented. The good guys win by fusing the data back together.

SPEAKER_01 14:50

That is the core conflict. Fragmentation versus unification. Sign three is betting heavily on unification.

SPEAKER_00 14:57

But here's the thought that keeps nagging me looking at the future. We are moving toward a world of unified intelligence. The bad guys are using AI to find cracks. The good guys, like sign three, are using AI to seal those cracks in real time.

SPEAKER_01 15:11

It's an escalating loop.

SPEAKER_00 15:12

Right. The memo says fraud is becoming increasingly AI driven. If sign three is successful, the fraudsters won't just give up and go home. They will build better AI.

SPEAKER_01 15:21

Of course. They are probably doing it right now as we speak.

SPEAKER_00 15:25

So are we entering a phase where the manual review we talked about earlier, the human looking at the transaction just becomes totally obsolete?

SPEAKER_01 15:31

I think that is the inevitable conclusion of this memo.

SPEAKER_00 15:34

Explain that.

SPEAKER_01 15:34

If the attack happens in milliseconds and the defense must react in milliseconds, a human literally cannot be in the loop. We are too slow. The biological latency of seeing a screen, processing the data, and clicking a mouse is just too long.

SPEAKER_00 15:48

That is slightly terrifying, honestly.

SPEAKER_01 15:50

It implies that the entire financial security system is becoming a machine-to-machine interaction. AI fighting AI. We are just the spectators waiting to see whose bank balance survives the battle.

SPEAKER_00 16:03

It changes the definition of trust entirely. We used to trust the bank manager. Now we are trusting the predictive layer and the behavioral biometrics algorithm.

SPEAKER_01 16:11

And we are trusting that our AI shield is smarter and faster than their AI sword.

SPEAKER_00 16:17

Well, on that slightly dystopian note, it certainly makes you appreciate what is happening in the background every single time you tap pay on your phone.

SPEAKER_01 16:24

It really does. Sign three's job is basically to keep that war invisible so you can just get your coffee.

SPEAKER_00 16:29

Keep the war invisible. I like that. It's been a fascinating look under the hood of Cedar Hill Capital's decision today. It's not just about money, it's about betting on the future of how we protect value itself.

SPEAKER_01 16:41

Absolutely. A very smart bet based on this memo.

SPEAKER_00 16:44

Thank you for diving deep with us today.

SPEAKER_01 16:46

Always a pleasure.

SPEAKER_00 16:47

And to you listening, thanks for being part of the conversation. Next time you log into your bank app and it scans your face, just remember there is a lot more going on than just a password check. Keep questioning, stay curious, and we will catch you on the next deep dive.