In order to leverage the minFraud web services for automation, many users take action based on certain thresholds for the risk score or scores, in conjunction with various risk data outputs. In the most basic automation, you might wish to automatically accept transactions with a relatively low risk score (e.g., 5.00 or lower), automatically reject transactions with a relatively high risk score (e.g., 50.00 and higher), and manually review all other transactions.
Continue reading to learn more about how risk scores are distributed across transactions, which may help you with setting thresholds:
- Understanding risk scores and thresholds
- Overall risk score distribution across minFraud users
- IP risk score distribution across minFraud users
Understanding risk scores and thresholds
The risk score is a signal as to whether an online transaction is risky for your business. Learn more about the overall risk score.
Determining the thresholds you set for different actions requires fine tuning over time. We recommend first considering the cost of fraud and potentially lost goods or services, the cost of manual review, and the cost of rejecting good transactions. The risk strategy relevant to your business may mean more or less tolerance for risk as you begin using the risk score.
After monitoring the risk scores received for the manually reviewed transactions, you can adjust the thresholds appropriately to reduce the amount of manual review required. Learn more about setting a disposition for transactions based on the risk score and other values.
Overall risk score distribution across minFraud users
The risk score distribution chart below is based on data last updated in April 2024.
Below is the chance that a risk score will be greater than or equal to given values based on a snapshot of the risk score distribution across all minFraud users. For example, the chart below shows that there's about a 20% chance that a risk score will be greater than or equal to 1.
Value | Probability | |
---|---|---|
0.2+ | 43% | This graph approximates the probability that a transaction will have a risk score of at least the values on the horizontal axis. Most transactions should have a risk score of 0.2 or lower. |
1+ | 20% | |
2+ | 14% | |
5+ | 9% | |
10+ | 7% | |
50+ | 3% | |
95+ | 1% |
IP risk score distribution across minFraud users
The IP risk score distribution chart below is based on data last updated in April 2024.
The IP risk score is a signal about how risky the IP address associated with a transaction is in and of itself, regardless of other factors. The IP risk score is an example of one of our risk factor scores, which rate the riskiness of individual factors of a transaction. Learn more about the IP risk score, and risk factor scores broadly.
Below is the chance that the IP risk score will be greater than or equal to given values based on a snapshot of the IP risk score distribution across all minFraud users. For example, the chart below shows that there's about a 7.5% chance that the IP risk score will be greater than or equal to 0.5.
Value | Probability | |
---|---|---|
0.01 | 91% | This graph approximates the probability that a transaction will have an IP risk score of at least the values on the horizontal axis. Most transactions have an risk score of 0.01. |
0.5+ | 7.5% | |
3+ | 6% | |
12+ | 5% | |
30+ | 2.5% | |
50+ | 1.25% | |
60+ | 1% |
Notice that the vast majority of IP risk scores (91%) are 0.01, the minimum value for a minFraud risk score. This is because most IP addresses are not risky in and of themselves.
The overall risk score is based on all transaction inputs, as well as patterns in transactions over time. Even if you are only passing the IP address as an input to minFraud, the overall risk score and the IP risk score will not be the same.
An otherwise lower risk IP address may begin to show patterns of use that are associated with higher risk, at which point the overall risk score will reflect those patterns of usage. Learn more about velocity checks, which are one of the ways that minFraud detects risky patterns of usage.
To improve overall risk scoring, you should send as much data about your transactions as possible. Learn more about the value of sending various minFraud inputs.
This page was last updated on .