The basic skeleton for building an internal fraud prevention system

Building an internal system sounds daunting, I know. The specific details of building an internal system heavily depend on your company and the expertise you have at hand. In addition, the specific type of fraud should directs the approach. For this series, we focus on payment fraud in e-commerce.

E-commerce payment fraud prevention follows a basic flow.

  1. A system scans new orders to see if they are suspicious
    • Internal rules dictate what is suspicious
      • Internal rules are created by chargeback/data analysts who look at chargebacks to isolate identifiable trends between chargebacks. These trends, or order characteristics, indicate that a user is more likely to file a chargeback. These turn into rules that stipulate an order to be suspicious.
      • Example case: User places several orders, all <$20. Internal system reviews the order metadata as part of that transaction and matches characteristics against Yes/No rules.
        • User account created within last 30 minutes (yes), billing address >500 miles from IP (yes), IP address in China (yes), AOL email address (yes).
        • Because these rules return a YES, the order is considered to be suspicious.
  2. System has a response action against orders that qualify as suspicious
    • Automatically reject orders that have X characteristic
      • Example: If new user account is connected (via device ID, etc) to a previously banned account due to fraudulent chargebacks, reject immediately.
    • Place orders in a manual review queue if they have any of the suspicious characteristics XYZ
      • Example: If new user account with no previous activity, order is high value, and shipping address is a reshipment warehouse, hold order for manual review.
    • Automatically process orders that do not do not hit 1 or 2
  3. Orders that go to manual review queue are manually reviewed by a team
    1. manual review agent says: yup, that’s fraud > reject
    2. manual review agent says: looks like a good user > process
    3. manual review agent says: hmm this is weird, I don’t know > extra identity verification required
      • One thing you can do is call these ‘grey area users’ and/or use services like Whitepages Pro to further validate that the user is who they say they are.
  4. Chargeback team periodically reviews false positives from new chargebacks. This creates the new internal rules flagging suspicious orders

This basically explains what an internal system does, but the details depend on your company. Use this to understand the different pieces you need to start thinking about. Remember, your system does not need to be built 100% internally. You can integrate various services at any of these steps, or outsource the entire process to companies like Riskified.

If you would like to use this flow, but not build out the tech platform internally, there are some great products out there. Sift Science allows you to manage your high-level rules, process and manual order review, while they provide the platform. I’ve seen both entirely internal systems, as well as systems that integrate with Sift Science for a blended process. The ‘Best Practice’ really depends on where your team is at, what type of bandwidth you have, and what type of expertise you have available. For further reading on how to actually build a manual review queue, check out my article ‘Building a Fraud Prevention Manual Review Queue.’

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s