Adyen-for-platform icon

Identify and mitigate account holder risk

Spot potential malicious activities from account holders in your platform.

Identify fraudulent behavior, stop suspicious payouts, and flag unusual account holder activities with Adyen's Score, a feature that you can now use with your Adyen for Platforms integration. To enable Score for your platform, contact your Adyen Account Manager.

How Score works

Adyen analyzes the account holder's verification data and their transactions to highlight unusual behavior. These are behaviors that indicate potential malicious and fraudulent activities. We call these indicators risk signals. For example, a risk signal can be a high number of transactions made by the same shopper, or the billing address is in a different country/region than their bank account.

We use risk signals to:

  • Detect possible fraud networks.
  • Calculate an account holder's risk score, a number representing the degree of unusualness of their activities. The value can range from 0 to 100, with 100 as the highest risk score.

Adyen flags the risk signals so that you can investigate unusual behavior.

Aside from detecting unusual behavior, Adyen also uses the data to identify linked accounts. Linking accounts can provide insight into returning malicious users, and fraud attacks at scale. We call these linked accounts identities.

By default, Adyen does not disable payouts or processing. You are responsible for reviewing the cases and taking action, whether by manually reviewing the account or setting up automated actions on your end.

Depending on the outcome of your review, you can take actions such as:

  • Disable payouts.
  • Suspend account holders.
  • Flag risk signals as false positive.

You can find the risk scores for your account holders, review cases, and take action from your Balance Platform Customer Area. You can access this data from:

  • The Case management dashboard. To access the dashboard, go to Score > Case Management.
  • The Score tab in the account holder details. To access this tab, go to Accounts & Balances > Account Holders, then select an account holder.
  • Risk score calculation

    The risk score represents Adyen's conclusion on the unusualness of the activity of an account holder.

    The value can range from 0 to 100, where 100 is the highest possible risk score. A risk score of 100 does not mean confirmed malicious or fraudulent behavior. You have to investigate and review the account holder to decide if they display true malicious behavior or if the risk signals indicate a false positive.

    Risk scores are based on risk signals. Each risk signal has a weight that is based on the severity of the impact if the scenario occurs. Because of this, some risk signals contribute more to the risk score. An example of a risk signal that strongly increases the risk score is an account holder using the same bank account as a previously suspended account. You can change the weight of a risk signal or add your own to influence the risk score.

    Identities

    We analyze the KYC data of all the account holders in your platform to detect account holders that have the same characteristics. We group these account holders into an identity. Risk signals raised for an account holder are automatically applied to the whole identity, giving the same risk score to all account holders in that identity.

    Take the following scenario for example.

    1. Account holder A has bank account ABZ003. Their risk score is 20.
    2. Account holder B signs up to your platform. They also have a bank account ABZ003.
    3. Adyen groups the two account holders in Identity_1.
    4. Adyen sets the risk score of account holder B to 100. The whole identity gets a risk score of 100.

    Because account holder A is part of Identity_1, their risk score increases to 100.

    Risk signals

    Risk signals are indicators that we use to spot unusual account holder activity. Besides the default risk signals defined by Adyen, you can also add your own.

    • Defined by Adyen

      • KYC data: Risk signals related to KYC information, such as if the account holder has the same bank account as another account holder. KYC data is updated and evaluated in real time.
      • Transaction signals: Risk signals related to transactions. For example, having an unusual number of refusals where issuers indicated fraud. Transaction signals are updated on a daily basis.
    • Defined by you

      • Custom risk signals: General KYC values that you define. For example, if you think that account holders with a bank account from a specific bank must always flag a risk signal, add the bank in the custom risk list. Custom risk signals are evaluated in real time.
      • High risk lists signals: More granular KYC values that you define. You can use this to add KYC values from confirmed fraudulent account holders, so you will receive a risk signal if they come back to your platform. High risk lists signals are evaluated in real time.

    Next steps