To protect your business in today’s rapidly evolving fraud landscape, it’s critical to incorporate the use of both rules and machine learning. Machine learning can quickly detect new and emerging fraud patterns, and output a risk score to indicate the probability of fraud for a particular event. Rules can then use that risk score to automate decisions, enabling you to control the level of risk that’s right for a particular scenario. So how do you write an effective rule set – selecting just the right amount of risk to minimize fraud as well as false positives?
While it may be tempting to set a singular risk threshold for your entire business, this “one size fits all” approach can result in significant fraud loss or unnecessary friction for good users. Instead, we recommend dividing your business into meaningful segments, and setting custom risk thresholds for each segment. This technique is known as scenario segmentation and it can be a powerful tool to help you optimize decision accuracy and increase profits.
Select segments that share a common risk level
Segments can be large or small, and the number of segments may vary depending on the size and diversity of your business. However, what is most important is that the events within each segment all share a common level of risk.
These segments may slice on attributes such as product type, payment method type, or country and region. In Dynamics 365 Fraud Protection, you can use Virtual Fraud Analyst to help identify slices, which have above- or below-average fraud rates.
For example, if you sell both physical and digital goods, you may observe that the two have very different fraud rates, indicating that these would make appropriate segments. However, upon further inspection, you observe that within the digital segment, fraud rates still vary considerably. Some digital products, such as gift cards, may be heavily targeted by fraudsters and account for a disproportionate amount of all digital fraud. In contrast, other digital products, such as some low-risk subscriptions may have consistently low fraud rates, indicating that they are rarely targeted. Therefore, these two product groups can each be placed in their own segment.
Balance segmentation needs with operational efficiency
While more segments allow for more granular control, it’s important to remember that each additional segment will require additional effort to maintain. While you could create unique segments for every product in your catalog, each with their own individualized score cutoff, this would quickly become unreasonable to manage. Therefore, it’s important to be mindful of available resources and ensure that the operational load does not exceed a reasonable capacity.
Configure risk-based thresholds for each segment
After your segments have been defined, the next step is to choose appropriate score cutoffs for each segment. Generally higher-risk segments (such as gift cards) will have low cutoffs, minimizing fraud loss, while lower-risk segments (such as subscriptions) will have high cutoffs, decreasing false positives and reducing customer friction. It is important to consider factors such as profit margin, fraud rate, rejection rate, and false positive rate when setting this cutoff.
After you determine your segments and their corresponding score cutoffs, the final step is to implement your segmentation strategy using real-time rules. The rule engine in Dynamics 365 Fraud Protection provides you with the flexibility to easily segment your traffic and set custom score cutoffs for each segment.
As in the example above, given their differing fraud rates, you may want to set a lower score threshold for gift cards, and a higher threshold for subscriptions. You can accomplish this with the following rules:
RETURN Reject() WHEN @"productList.category" == "Subscription" and @"riskScore" > 700
RETURN Reject() WHEN @"productList.category" == "Gift Card" and @"riskScore" > 400
These rules are written in the custom rules language included in Dynamics 365 Fraud Protection. For more information, check out the Language guide for Fraud Protection rules.
Next steps
Segmenting your traffic and writing effective rules is a crucial step in protecting your business from fraud. Dynamics 365 Fraud Protection offers several tools to make segmentation easy and effective. Take advantage of the virtual fraud analyst to help select appropriate segments and cutoffs, and learn how to use Dynamics 365 Fraud Protection’s rule engine to create and manage rules, allowing you to automate decisions for each segment.
If you are not currently using Dynamics 365 Fraud Protection, check out the documentation to learn more and start a free trial today.