The content on this page applies to the classic risk engine. When you have transitioned to the latest risk engine, or if you are just starting to use risk, refer to Configure your risk profile. See the risk management overview for the differences.
When you use classic risk, RevenueProtect compares transactions to risk rules that you define, and increases the risk score if a transaction breaks these rules.
When you configure a risk rule, each rule has a risk score that you can configure:
- When the rule triggers, the score is added to the total transaction score.
- When the total risk score reaches 100, the transaction is blocked.
You can configure several risk rule types.
For each risk profile, you can configure a set of risk rules. You can configure risk rules in different ways for different risk profiles.
Risk rules trigger based on information that is included in a payment request. RevenueProtect can make better decisions if you include more fields in the payment request, and some risk rules require specific fields to work.
Turn on and configure risk rules
- Log in to your Customer Area.
- Go to Revenue & risk > Risk profiles.
- Select a risk profile.
- Select the Risk rules tab.
On this page, you see tabs with different types of risk rules. Select a tab to see which risk rules are available for the selected risk profile.
Risk rule types and availability
When you select a risk rule, you can enable the rule and see the options to configure rule-specific settings. Most risk rules let you specify a time frame and an amount to increase the risk score by, as well as other settings specific to the check.
Which type of risk rules you can enable and configure depends on whether you use our basic RevenueProtect solution, or if you have enabled RevenueProtect premium.
Select a RevenueProtect solution to see the options:
Extra risk management features
In addition to configuring risk rules, we also offer extra risk features. For example, if you want to have more control over which transactions are processed with 3D Secure, you can set up rules for Dynamic 3D Secure.
When you have enabled RevenueProtect premium, you can use case management, and let risk rules be a trigger to send a payment to manual review.
Test a risk rule
After you have turned on and configured a risk rule, you can test if the risk rule triggers.
- Make a payment request providing the fields that trigger the rule.
For example, if you have set up a referral list containing shopper references, and you want to add 10 to the total risk score for shopper reference1234567890
, include thatshopperReference
in your payment request:
{
"amount":{
"currency":"USD",
"value":1000
},
"reference":"YOUR_PAYMENT_REFERENCE",
"shopperReference":"1234567890",
"paymentMethod":{
"type":"scheme",
"encryptedCardNumber":"test_4111111111111111",
"encryptedExpiryMonth":"test_03",
"encryptedExpiryYear":"test_2030",
"encryptedSecurityCode":"test_737"
},
"returnUrl":"https://your-company.com/...",
"merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}
- Take note of the
pspReference
in the payment response. - Log in to your Customer Area, and select the merchant account you used to make the payment.
- Go to Transactions > Payments. Do one of the following:
- Find the test payment on the overview page, and select the number in the Risk score column.
- In the Search field, search for the
pspReference
of your test payment. Select the payment, and then select the number listed under Fraud scoring.
The Risk results page will open with a breakdown of which fraud checks triggered. You can check if your risk rule triggered, and see an overview of any other risk checks that triggered for this payment.
You can optionally include the fraud results in the API response or in webhooks.