What is the riskScore?
How is the riskScore determined?
The riskScore is based on a statistical analysis of the following:
Reputations and real-time monitoring of
- IP addresses
- Email addresses
- Geolocation checks
- Proxy detection
- Bank Identification Number checks
- The minFraud Network
At what riskScore values should I accept, reject, or manually review transactions?
There is no single recommended set of riskScore values to use for deciding whether to accept, reject, manually review, or submit transactions to complementary services for analysis. In determining what thresholds to set, you should consider the costs of chargebacks and lost goods, the cost of manual review, the cost of complementary services, and the cost of potentially rejecting good orders.
One possible strategy is to at first only automatically accept orders under a low riskScore (e.g., 3.00), only automatically reject orders above a high riskScore (e.g., 70.00), and manually review all other transactions. After monitoring the riskScores received for the manually reviewed transactions, you can adjust the thresholds appropriately to reduce the amount of manual review required.
Below is the distribution of riskScores returned by the minFraud service across all users. You can use this data to estimate the number of orders that will be approved, rejected, or held back for review given the thresholds you set. Please note that the distribution of riskScores you observe may differ.
|riskScore range||Percent of orders in range|
|0.10 – 0.49||70%|
|0.50 – 0.99||13%|
|1 – 1.99||7%|
|2 – 4.99||4%|
|5.00 – 9.99||2%|
|10.00 – 49.99||2%|
|50.00 – 99.99||2%|
What is device tracking and how does it affect the riskScore?
The device tracking add-on for the minFraud service identifies devices as they move across networks and enhances the ability of the minFraud service to detect fraud. If a fraudster changes proxies while they are browsing your website or between visits to your website, you will observe an increased riskScore and IP Risk Score in the minFraud response associated with their transaction.
What is the difference between the riskScore and the IP Risk Score?
The riskScore is the overall score for the transaction, which is based on all of the inputs passed for the request. In general, the more inputs you can pass to minFraud, the more accurately we can calculate the riskScore.
The IP Risk Score is a separate score (included in the riskScore calculation) that indicates the risk associated specifically with the IP address input only.