Skip to Content

Configure and Weight Your Own Business Rules

Business Rules screenshot

Put Your Fraud Strategy Into Action using Business Rules

No business is the same. What may be considered ‘low risk’ by one company may be high risk for another, and vice-versa. To effectively reflect your unique risk strategies and goals, you need a solution that targets the threats that matter to your business.

With our service, you choose the right balance. ReputationManager 360’s Business Rules Editor allows you to customize rules and rule sets for each customer touchpoint—including login, account creation, funds transfer and checkout. Its flexible design makes it easy to:

  • See rules at a glance. View your current rules, rule parameters, and rule sets.
  • Create new rules. It's as easy as drag-and-drop.
  • Compound Rules. Combine individual rules using the AND and OR connectors to create sophisticated compound rules that accurately reflect known or even suspect indicators that correlate to fraud when they occur together.
  • Adjust rule settings as new threats emerge. Fraud techniques are constantly evolving—and so should your defense system. Add or edit rules as often as you like.
  • Instant updates. Once you make changes to your rules and activate them, they are live.
  • Customize risk scoring. Create risk score thresholds that reflect the importance of each threat to your business.
  • Enable or disable individual rules. Dormant rules and rule sets remain in your account, ready to be reactivated at any time.
  • Manage lists. Create or edit lists such as Risky Countries, Risky IP Addresses, and White/Block Device lists with the new List Manager.

Categories of Rules

ReputationManager 360 provides a wide range of highly customizable rules within seven categories, providing you excellent control and support for any combination of rules.

Evidence Rules – flag transactions that originate from an account or device already associated with fraud or abuse. You set the types of evidence (over 45 to choose from such as credit card fraud, identity theft, shipping fraud, account takeover) and decide whether you want to consider only your own evidence or include fraud experiences from others.

Geolocation Rules – flag transactions when activity is coming from an unauthorized country, through a proxy, or use iovation’s Real IP technology to get the user’s actual location.

Velocity Rules – flag transactions when thresholds are exceeded. These may include situations where too many accounts are accessed per device, too many new accounts are created within a timeframe (seconds, minutes, hours, days), or the number of devices accessing an account has been exceeded within a certain timeframe.

Watch List Rules – flag transactions based on your custom-built lists. These lists can be positive or negative lists. Lists types include accounts, devices, IP ranges, ISPs, locations and others, and are easily managed with ReputationManager 360’s List Manager.

Age-Based Rules – flag transactions based on the amount of history that you have with a device or device-account pair. For example, activity from a new device that has never been previously been associated with an account in your system, can be flagged to offer an additional authentication step before giving account access might prevent unauthorized access.

Anomaly Rules – flag transactions when the device exhibits risky settings. Individual device characteristics may not be indicators of risk, but certain characteristics may be worth monitoring, or several in combination with each other may indicate attempts by the user to evade detection.

Risk Profile Rules – Profile rules look at specific combinations of device characteristics for the device used in the transaction and then identify all other devices in iovation’s system that look familiar. If many similar devices are associated with risk, the transaction may share that risk.