Prevent fraud

Fraud Management Essentials is a powerful fraud prevention solution for small and medium sized businesses. It uses the same data and machine learning platform as Decision Manager.

You can determine whether Fraud Management Essentials is enabled by logging in to the Business Center. If the Fraud Management Essentials link appears in the left navigation panel, it is enabled.

When Fraud Management Essentials is enabled for your merchant ID, the default rules and settings are immediately active.

How Fraud Management Essentials works

Fraud Management Essentials processes orders based on the rules that you set up. The possible decisions are:

Accept: The order is processed normally.
Review: The order is paused until you either accept or reject it.
Reject: The order is rejected.
Monitor: No action. Use this decision to understand the outcome of a rule.

For example, you might set the AVS mismatch rule to Reject. In that case, if the billing address given by the customer does not match the billing address on file at the customer's bank, the order is rejected.

You can see rules on the Rule Configuration page. For a brief description of a rule, click the I icon next to the rule.

How to set up Fraud Management Essentials

Fraud Management Essentials is set up for you with pre-configured rules and settings.

To see your rules, navigate to Fraud Management > Rule Configuration. If the rules correspond with your fraud strategy, you do not need to take any action.

Default rules

Rule	Default decision	Description
Risk Score between 95 and 99	Reject	Higher risk score indicates riskier transaction and hence is rejected. For more information on risk score, read here.
AVS Mismatch	Reject	The billing address submitted by the customer does not match the billing address on file at the customer's bank.
CVV Mismatch	Reject	The CVV Number (the three digits on the back of the card) submitted by the customer is not correct.
More than 10 orders from the same email address in 1 hour	Reject	This rule helps prevent a large number of orders from the same email address in a short period of time, which can indicate card testing behavior.
More than 10 orders from the same IP address in 1 hour	Reject	This rule helps prevent a large number of orders from the same IP address in a short period of time, which can indicate card testing behavior.
More than 100 orders in 15 minutes	Reject	This rule helps prevent a large number of orders in a short period of time, which can indicate card testing behavior.

If you are satisfied with these rules, you do not need to make any changes. If you do not want to use a rule, you can disable it.

How to manage rules

You can update your rules at any time. When you update a rule, the change becomes effective immediately.

If you do not want to use a rule, set it to Disabled or Monitor.
If you want to reset all of your rules to the default state, choose Reset Rules to Default in the top right-hand corner of the Rule Configuration page.
If you do not want Fraud Management Essentials to take any action at all on your orders, you must set each rule to Disabled or Monitor.

When you set a rule to Monitor, you can watch how it performs without affecting your transactions.

Risk score

The risk score is a number from 0 to 99. It indicates the riskiness of an order. The higher the score, the riskier the transaction. By default, Fraud Management Essentials rejects any order with a score of 95 or higher.

You can configure Fraud Management Essentials to handle orders of various risk scores; the options are accept, reject, review, or monitor.

You also can choose to disable any rules based on the risk score.

How to test a scenario in Fraud Management Essentials

You can experiment with Fraud Management Essentials in the test environment. Rules and settings that you configure in the test environment are not applied to the production environment.

To test a Reject scenario, follow the steps given below:

In the test environment set your Max Order Amount rule to reject transactions over 500 USD.
Use the Virtual Terminal to create a new order with an amount of 550 USD. Notice that the transaction is rejected.
Go to the Fraud Dashboard and find the All Orders in Last 30 Days tab. Find the order that you just created.
Click on the request ID to open the Order Detail page.
On the Order Detail page, look at the Decision Manager Results panel, and observe the rule that was applied to your order.

Note

Modifying your rules and settings in the test environment does not affect the production environment. When you are ready, go to production and set up the rules that you want to use.