A core practice for most fraudsters is to try many attempts at payments. Many refusals in a row can indicate a fraud attack that is being detected by RevenueProtect, but not blocked by the merchant. This check is aimed at identifying users whose rate of refusals fits the profile of a fraudster. This check uses data from RevenueProtect, but not from the issuer. To include issuer data as well as Adyen's RevenueProtect data in a check, see Shopper Consecutive Refusals.
Merchants can establish a threshold for both the number of refused transactions and the timeframe allowed. The default is 3 times over 7 days.
The risk check fired on the refused transactions after the set threshold (assuming that all the refusals occur consecutively with no authorizations breaking the chain). So, if a merchant sets a threshold of 3 in 7 days, it fires on the 4th consecutive refusal recorded in that 7-day period.