--- title: "Configure your risk profile" description: "Learn how to set up your risk profile, get insights into risk performance, and how machine learning helps detect and prevent fraud." url: "https://docs.adyen.com/risk-management/configure-your-risk-profile" source_url: "https://docs.adyen.com/risk-management/configure-your-risk-profile.md" canonical: "https://docs.adyen.com/risk-management/configure-your-risk-profile" last_modified: "2022-05-19T16:02:00+02:00" language: "en" --- # Configure your risk profile Learn how to set up your risk profile, get insights into risk performance, and how machine learning helps detect and prevent fraud. [View source](/risk-management/configure-your-risk-profile.md) Risk profiles let you manage which risk rules you apply to payments made on a merchant account. When you use Protect, Adyen's risk management tool, and you have created and assigned at least one [risk profile](/risk-management/create-a-risk-profile), you can configure [risk rules](#new-profile-risk-rules) to [fine-tune your profile](#new-profile-fine-tune). ## Risk rules Each risk profile contains a set of risk rules that you can use to [fine-tune your profile](#new-profile-fine-tune). Which risk rules you can use or configure depends on whether you use Protect basic, or if you have enabled premium features: | Basic | Premium | | ------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | | Adyen-provided **risk lists** | Adyen-provided **risk lists** and **custom lists** | | **Machine learning rule**: bot attack risk | **Machine learning rule**: bot attack risk | | | **Machine learning rule**: fraud risk and [risk-based authentication](/risk-management/dynamic-3d-secure#risk-based-authentication) | | Adyen-provided **post-authorization** rules | Adyen-provided **post-authorization** rules | | | Create, backtest, and label **custom rules** | | | Dynamic 3D Secure in combination with **custom rules** | Risk rules can trigger before or after authorization: * **Pre-authorization**: the risk rule conditions are assessed before the payment is authorized. This saves issuer and scheme fees compared to blocking after authorization. * **Post-authorization**: the risk rule conditions are assessed after the payment is authorized. In post-authorization rules, the risk evaluation can take extra signals into account that are only available after authorization. For example authentication results, CVC/CVV codes, or AVS responses. A risk rule triggers when a transaction matches the conditions of the rule. When the risk rule triggers, Protect takes one of the following actions: * **Allow**: the transaction is allowed. * **Block**: the transaction is blocked. * **Review** (premium): the transaction is sent to [case management](/risk-management/case-management). * **Check for 3DS** (premium): when you link a custom rule to [Dynamic 3D Secure](/risk-management/dynamic-3d-secure/), you can request a specific 3D Secure flow for a transaction that matches the custom rule. **Allow** rules have the highest priority within a risk profile. This means that when an **Allow** rule is triggered, it will override any **Block** or **Review** rules. In the same way, post-authorization rules have priority over pre-authorization rules. This means that a decision made before authorization can still be overridden when a post-authorization risk rule triggers. The only exception is when a transaction is blocked before it is authorized. In that case, the transaction will not trigger any post-authorization risk rules. Risk rules trigger based on information that is included in a payment request. Protect can make better decisions if you include more [fields](/risk-management/configure-your-risk-profile/risk-field-reference) in the payment request, and some risk lists require specific fields to work. ## Fine-tune your risk profile You can configure risk rules to fine-tune your risk profile: * [Risk lists](/risk-management/configure-your-risk-profile/risk-lists): Block or allow a transaction based on Adyen's data, your own data, or lists provided by third parties. * [Post-authorization rules](/risk-management/configure-your-risk-profile/post-auth-rules): Influence the risk evaluation with signals that are available after authorization. * [Machine learning rules](/risk-management/configure-your-risk-profile/machine-learning-rules): Evaluate the fraud risk of transactions based on global transaction data or suspicious patterns. * [Custom rules](/risk-management/configure-your-risk-profile/custom-rules) (premium): Complement the risk evaluation by the machine learning rules, or address risks specific to your business. When you configure a rule in your risk profile, you configure which action should be taken when a transaction matches that rule: **Allow**, **Block**, **Review** (premium), or **Check for 3DS** (premium). ## View risk results You can see the risk decisions on the **Risk results** page. To open the **Risk results** page in your [live Customer Area](https://ca-live.adyen.com/): 1. Switch to a merchant account. 2. Go to **Transactions** > **Payments**. 3. Select the **Risk score** for a payment from the payments overview to open the **Risk results** page. You can see the decision outcome at the top of the page. Apart from the overall risk result, you can also see which [rules](#new-profile-fine-tune) were triggered, if they triggered before or after authorization, and which actions were taken. ## View risk profile analytics When you enable premium features, you can get insights into how each risk rule performs and monitor overall performance of a risk profile. Statistics and authorization, refusal, and chargeback rates are available for both risk rules and the risk profile. On top of backtesting, this data can help you pinpoint underperforming risk profiles or rules, and analyze and monitor the impact of changes. To view profile analytics, in your [live Customer Area](https://ca-live.adyen.com/): 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select a premium profile. 3. To view the analytics data of the profile, in the **Profile overview**, review the **Performance metrics** > **Overall** section. To view risk rule performance, in your [live Customer Area](https://ca-live.adyen.com/): 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select a premium profile. 3. Select **Risk rules**. 4. Select **Allow**, **Block**, or **Review** and select the rule you want to evaluate. 5. Select **Transactions matched** > **View all transactions that matched the rule’s criteria** to see more details. To view risk-based authentication performance, in your [live Customer Area](https://ca-live.adyen.com/): 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select a premium profile. 3. To see the uplift resulting from this optimization, in the **Profile overview**, review the **Performance metrics** > **Risk-based authentication** section. ## Next steps [Risk lists](/risk-management/configure-your-risk-profile/risk-lists) [Configure risk lists to block or allow transactions.](/risk-management/configure-your-risk-profile/risk-lists) [Custom rules](/risk-management/configure-your-risk-profile/custom-rules) [Configure custom risk rules around the unique fraud risks faced by your business. Requires Protect premium.](/risk-management/configure-your-risk-profile/custom-rules) [Machine learning rules](/risk-management/configure-your-risk-profile/machine-learning-rules) [Benefit from machine learning rules to evaluate the risk of transactions.](/risk-management/configure-your-risk-profile/machine-learning-rules) [Post-authorization rules](/risk-management/configure-your-risk-profile/post-auth-rules) [Optionally use post-authorization signals in risk rules to block or allow a transaction.](/risk-management/configure-your-risk-profile/post-auth-rules)