Articles on: Configuration

Configure fraud rules

What are Fraud rules?

Fraud rules are a scoring engine that assigns points to each operation based on dynamic variables. When the sum of scores exceeds a threshold, the operation is treated as suspicious.


A fraud rule defines:

  • A set of criteria (variables and conditions) about the current operation.
  • A score that is added or subtracted from the total score when the rule applies. Positive scores indicate the condition is suspicious; negative scores indicate it is legitimate.
  • An application: at Company level (all environments) or Environment level (current only).


Unlike Risk lists (static binary rules), Fraud rules allow you to build a gradual risk model that adapts to each operation.


How to access Fraud rules

  • Go to Settings in the side menu.
  • Click on the "Fraud rules" tile.


The rules list

From the list you can search rules by name, filter by status, and see for each rule its name, type (Company / Environment), score (with ↑ icon in red if it adds, ↓ in green if it subtracts), description, and creation date. Each rule has a toggle to activate or deactivate it.


How to create a rule

Creation is a 3-step wizard: Configuration ▶︎ Score ▶︎ Application.


Step 1: Configuration

  • Enter the rule name (required) and an optional description.
  • Click "+ Add variable" to define the criteria that trigger the rule.


When adding a variable, you can choose from four groups:

  • Operation (11 variables): current transaction data (amount, currency, payment method, recurring authorizations, recurring subscriptions...).
  • Customer (9 variables): customer data (email, country, identification...).
  • Card (12 variables): card data used (BIN, issuing country, type...).
  • Historical (70 variables): historical customer or card data (number of previous operations, failures in the last 24 hours, failed transactions with email...).


You can chain multiple variables: the rule only applies if ALL conditions are met.


Step 2: Score

Assign the score that will be added to the total score when the rule applies. It can be positive (suspicion) or negative (legitimacy).


Step 3: Application

Define whether the rule applies at Company level (all environments) or Environment level (current only).


Examples of useful rules

  • "High amount" (+40): if the amount exceeds €2,000, add 40 to the score.
  • "Risk BIN" (+100): if the BIN comes from a high-risk country, add 100.
  • "Multiple recent failures" (+100): if the customer has had more than 2 failed operations in the last 24 hours, add 100.
  • "Recurring customer" (-72): if the customer has more than N previous successful operations, subtract 72 (legitimacy signal).


Recommendations

  • Start with few rules and observe the distribution of real scores before adding more.
  • Combine positive rules (suspicion) with negative ones (legitimacy) to avoid penalizing legitimate operations.
  • Company rules always apply; Environment rules are only added to the specific environment.
  • Use Risk lists as a complement for cases where you want a direct binary block on a specific element.

Updated on: 12/05/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!