Identify fraudulent behavior, stop suspicious payouts, and flag unusual account holder activities with Adyen's Score, a feature that you can now use with your Adyen for Platforms integration. To enable Score for your platform, contact your Adyen Account Manager.
How Score works
Adyen analyzes the account holder's verification data and their transactions to highlight unusual behavior. These are behaviors that indicate potential malicious and fraudulent activities. We call these indicators risk signals . For example, a risk signal can be a high number of transactions made by the same shopper, or the billing address is in a different country than their bank account.
We use risk signals to:
- Detect possible fraud networks.
- Calculate an account holder's risk score, a number representing the degree of unusualness of their activities. The value can range from 0 to 100, with 100 as the highest risk score.
Adyen flags the risk signals so that you can investigate unusual behavior.
Aside from detecting unusual behavior, Adyen also uses the data to identify linked accounts. Linking accounts can provide insight into returning malicious users, and fraud attacks at scale. We call these linked accounts identities .
By default, Adyen does not disable payouts or processing. You are responsible for reviewing the cases and taking action, whether by manually reviewing the account or setting up automated actions on your end.
Depending on the outcome of your review, you can take actions such as:
- Disable payouts.
- Suspend account holders.
- Refund payments.
- Flag risk signals as false positive.
You can find the risk scores for your account holders, review cases, and take action from your Customer Area. You can access this data from:
- The Case management dashboard. To access this, go to Platform > Score.
- The Score tab in the account holder details. To access this, go to Platform > Sub-merchant, then select an account holder.
Risk score calculation
The risk score represents Adyen's conclusion on the unusualness of the activity of an account holder.
The value can range from 0 to 100, with 100 as the highest risk score. A risk score of 100 does not mean confirmed malicious or fraudulent behavior. You have to investigate and review the account holder to decide if they display true malicious behavior or if the risk signals indicate a false positive.
Risk scores are based on risk signals. Each risk signal has a weight that is based on the severity of the impact if the scenario occurs. Because of this, some risk signals contribute more to the risk score. An example of a risk signal that strongly increases the the risk score is an account holder using the same bank account as a previously suspended account. You can change the weights or add your own risk signals to influence the risk score.
We analyze the KYC data of all the account holders in your platform to detect account holders that have the same characteristics. We group these account holders into an identity. Risk signals raised for an account holder are automatically applied to the whole identity, giving the same risk score to all account holders in that identity.
Take the following scenario for example.
- Account holder A has bank account ABZ003. Their risk score is 20.
- Account holder B signs up to your platform. They also have bank account ABZ003.
- Adyen groups the two account holders in Identity_1.
- Adyen sets the risk score of account holder B to 100. The whole identity gets a risk score of 100.
Because account holder A is part of Identity_1, their risk score increases to 100.
Risk signals are indicators that we use to spot unusual account holder activity. Aside from risk signals that Adyen defines, you can also add your own risk signals.
Defined by Adyen
- KYC data: Risk signals related to KYC information, such as if the account holder has the same bank account as another account holder. KYC data is updated and evaluated in real time.
- Transaction signals: Risk signals related to transactions. For example, having an unusual number of refusals where issuers indicated fraud. Transaction signals are updated on a daily basis.
Defined by your platform
- Custom risk signals: General KYC values or transaction patterns that you define. For example, if you think that account holders with a bank account from a specific bank must always flag a risk signal, add the bank in the custom risk list. Custom risk signals are evaluated in real time.
- High risk lists signals: More granular KYC values that you define. You can use this to add KYC values from confirmed fraudulent account holders, so you will receive a risk signal if they come back to your platform. High risk lists signals are evaluated in real time.