Note that in some verticals it is much more common for good shoppers to have a diverse country footprint - this is particularly common in the travel industry. Consider your business model and configure this rule accordingly.
Fraudsters often use randomized proxies to commit fraud. As such, their fraud profile often spans multiple regions in a short period of time. Further, fraudsters tend to use cards not associated with the country they are in at time of transaction, further increasing their country diversity footprint. This check is aimed at identifying users whose geographic diversity fits the profile of a fraudster.
Countries are recorded based on both the issuing country of their payment method, as well as the IP address at time of transaction.
- You can establish a threshold for both the number of countries and the timeframe allowed. The default is 2 times over 30 days.
- The risk fires on the transaction after the set threshold. So, if you set a threshold of 2 in 30 days, it fires on the 3rd country recorded in that 30 days.