This risk check initiates when the number of payment authorisations a shopper has used in the configured timeframe exceeds the specified threshold.
A core practice for most fraudsters is to try many attempts at payments. While rules around refusal velocity are a stronger signal of fraud, it can also be useful to track users who are successfully authorising payments in high velocity. This can indicate a fraud attack that is being undetected by the Issuing banks. This check helps identify users whose velocity fits the profile of a fraudster.
It is important to note that there is a wide diversity of expected authorisations per merchants, based on their business model and vertical. For example, airlines can expect significantly less velocity than businesses based on micro-transactions.
Merchants can establish a threshold for both the number of authorized transactions and the timeframe allowed. The default is 3 times over 7 days.
The risk check fires on the authorized transactions after the set threshold. So, if a merchant sets a threshold of 3 in 7 days, it fires on the 4th authorization recorded in that 30-day period.