--- title: "Custom rules" description: "Build your own custom risk rules around the unique fraud risks faced by your business." url: "https://docs.adyen.com/risk-management/configure-your-risk-profile/custom-rules" source_url: "https://docs.adyen.com/risk-management/configure-your-risk-profile/custom-rules.md" canonical: "https://docs.adyen.com/risk-management/configure-your-risk-profile/custom-rules" last_modified: "2020-04-01T11:43:00+02:00" language: "en" --- # Custom rules Build your own custom risk rules around the unique fraud risks faced by your business. [View source](/risk-management/configure-your-risk-profile/custom-rules.md) Custom rules let you fine-tune your risk profile. You can use them to address risks specific to your business or to complement the risk evaluation by the **Machine learning: fraud risk** rule. ## Requirements Before you begin, take into account the following requirements and limitations. | Requirement | Description | | ---------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Integration type** | Make sure that you have built an [online payments integration](/online-payments/build-your-integration/), that [risk management is enabled](/risk-management/configure-risk-settings/), and that you have enabled [premium features](/risk-management/configure-risk-settings/#risk-general). | | **[Customer Area roles](/account/user-roles/#risk)** | Make sure that you have one of the following role(s):- **Merchant change risk settings** - **Risk admin** | | **Limitations** | You can only use custom rules when you use Protect premium. | ## How it works You can add custom rules to complement the fraud risk evaluation. When you configure a rule in your risk profile, you configure which action should be taken when a transaction matches that rule. For each rule, you configure if the rule should run before or after authorization, and what to do if a transaction matches the rule: **Allow**, **Block**, **Review**, or **Check for 3DS**. You can also label your rules for easy classification, and to further personalize your risk profile setup. ## Create a custom rule To create a new rule in your [Customer Area](https://ca-test.adyen.com/): 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select a risk profile. 3. Select **Risk rules**. 4. Select **+ Create new custom rule**, and then select **Pre-authorization** or **Post-authorization**. 5. Enter a rule name. 6. In the **Action** section, select **Allow**, **Block**, **Review**, or **Check for 3DS** to define the action you want to take when the rule triggers. * **Allow**: do not block the transaction if the transaction matches this rule. * **Block**: block the transaction if the transaction matches this rule. * **Review**: send the transaction to case management if the transaction matches this rule. * **Check for 3DS**: do not make a risk decision if the transaction matches this rule.\ When you create a pre-authorization rule with the **Check for 3DS** action, you can use it to influence the authentication engine. Because no risk decision is made to block or allow the transaction, you can select the custom rule as a trigger for [Dynamic 3D Secure rules](/risk-management/dynamic-3d-secure#configuring-dynamic-3d-secure-rules). 7. In the **Label** section, select one of the following labels for the rule: * **Business**: for rules specifically related to your business. * **Legal**: for rules based on regulations or laws. * **Fraud**: for rules to prevent specific fraud risks for your business. * **Block list**: for rules to add payment properties to predefined block lists. * **Trust list**: for rules to add payment properties to predefined trust lists. 8. Enter conditions. You can add conditions to the rule by selecting **AND** or **OR**. For each condition, select: * **Field Name**: choose a field to use as a risk variable. * **Operator**: how to compare the Field Name and the Field Value. The type of the fields you are comparing defines which [operators](#operators) you can use. For example, you can use **greater than (>)** for numbers, or **starts with** for strings. * **Field Value**: value that triggers your rule. 9. Select **Create new rule**. ### Operators When you build your custom risk rule, you can use operators to define the rule conditions. You can use **AND** and **OR** to add conditions to the custom risk rule.\ The data type of the field you are building your rule around determines if you can use a specific operator, which and how many values you can enter, and how the fields will be compared. | Operator | When to use | Example | Data type | Multiple values | | --------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------- | ------------------------- | ------------------------------------------------------------------------------------------- | | equals (==) | Compare the field against another field, against a single field value, or verify that the field value is true or false. | `quantity` equals (==) **2** | String, Number or Boolean | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | does not equal (!=) | Compare the field against another field, against a single field value, or verify that the field value is true or false. | `quantity` does not equal (!=) **2** | String, Number or Boolean | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | is one of | Compare the field against multiple field values of a list. | `currency` is one of **EUR, USD, AUD** | String or Number | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | | is not one of | Compare the field against multiple field values of a list. | `currency` is not one of **EUR, USD, AUD** | String or Number | ![-white\_check\_mark-](/user/data/smileys/emoji/white_check_mark.png "-white_check_mark-") | | is in list | Compare the field against a custom or Adyen-provided risk list. Using this operator, you can create custom list comparisons, or create a condition to compare a field against an Adyen-provided risk list. | `productTitle` is in **YOUR\_CUSTOM\_LIST** | List | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | is not in list | Compare the field against a custom or Adyen-provided risk list. Using this operator, you can create custom list comparisons, or create a condition to compare a field against an Adyen-provided risk list. | `productTitle` is not in **YOUR\_CUSTOM\_LIST** | List | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | contains string | Compare the field value to a specific string. | `emailDomain` contains **example.com** | String or Number | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | starts with | Compare the start of the string in the field value to a specific string. | `emailName` starts with **test** | String | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | ends with | Compare the end of the string in the field value to a specific string. | `emailName` ends with **test** | String | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | greater than (>) | Compare the field value against a specific value. | `amount` greater than (>) **1000** | Number | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | greater than or equals (>=) | Compare the field value against a specific value. | `amount` greater than or equals (>=) **1000** | Number | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | less than (<) | Compare the field value against a specific value. | `amount` less than (<) **1000** | Number | ![-x-](/user/data/smileys/emoji/x.png "-x-") | | less than or equals (<=) | Compare the field value against a specific value. | `amount` less than or equals (<=) **1000** | Number | ![-x-](/user/data/smileys/emoji/x.png "-x-") | ## Backtest a rule You can backtest the impact before you activate a new rule, or change the settings of an existing rule. You can run the rule on your historical data to build more confidence in the effect of the rule before you turn it on. Or, after you identify a rule that is not performing well, you can test the effect of any changes to the rule before you make them. Backtesting can give you helpful insights in your risk profile performance, and reduces the time you have to spend on manually monitoring risk rule performance over time. To backtest a rule in your [Customer Area](https://ca-test.adyen.com/): 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select a risk profile. 3. Select **Risk rules**. 4. Select a pre-authorization rule from the **Allow**, **Block** or **Review** tab, and then select **Backtest**. ## Copy a rule To copy a custom rule to another risk profile: 1. Go to **Revenue & risk** > **Risk profiles**. 2. Select the risk profile that contains the rule you want to copy. 3. Select **Risk rules**. 4. Select the custom rule you want to copy and then select **Copy to another profile**. 5. Select the risk profile to copy the rule to, select a rule label and action, then optionally edit the rule name or conditions. 6. Select **Copy**. ## See also * [Risk lists](/risk-management/configure-your-risk-profile/risk-lists) * [Machine learning rules](/risk-management/configure-your-risk-profile/machine-learning-rules) * [Post-authorization rules](/risk-management/configure-your-risk-profile/post-auth-rules) * [Data quality and risk field reference](/risk-management/configure-your-risk-profile/risk-field-reference)