Risk rules
How they work#
Just like your email inbox, you can create your own rules. In Circuit Breaker, each rule has a score and when a transaction is initiated, the score of each triggered rule is added together. If the combined score reaches 100 then the transaction will be blocked. If the total is lower than 100, the transaction is passed to the bank.
Here’s an example:
This rule adds 10 points to the total score. This is low enough that it won’t be able to block any transaction by itself, but if the same payer initiated seven or more transactions in conjunction with the following rule, the seventh transaction would be blocked:
As the scores for these rules are 10 and 90, they will total 100 when triggered in the same transaction. As a result, the transaction is blocked.
Circuit Breaker was designed to be flexible, recognising that not every merchant has the same requirements or criteria. With this in mind, you’re able to add filters to rules, allowing you to automatically block transactions that you know are likely to be fraudulent. An example may be that you’ve noticed a lot of fraudulent activity in a particular country using a specific scheme. Your filter could therefore flag up transactions coming from that country and using that scheme, while all other schemes from that country are approved. Similarly, the same scheme from other countries could be approved. When the scheme and country are together in one transaction, it gets blocked.
You can create as many filters as you require, giving unparalleled convenience and security at the same time.
What they are#
Circuit Breaker lets you create multiple rules and new ones are added regularly. They include:
- Transaction amount
- Volume of transactions
- Number of initiated transactions
Let’s look at each one in more detail:
Transaction Amount#
With this rule, transactions are blocked depending on the amount of money being sent. For example, if you notice that fraudsters are trying to use small amounts of money, you could create a rule that triggers when they send an amount under a certain threshold. Likewise, you can create a rule that triggers when they send higher amounts.
In the pictured example, the rule states “is greater than” with an amount of EUR1000. If the transaction was EUR1000.01, the rule would be triggered and the transaction declined.
Alternatively, you can set it as “is less than” an amount. For broader security, you could create multiple versions of the Transaction Amount rule, including both a “less than” threshold as well as a “greater than” threshold.
Please also note that this rule is specific to the currency. The pictured example shows EUR1000, so it only applies to transactions in euros. A transaction of 1000 in GBP or USD would not trigger the rule. Volt’s recommendation is to create a Transaction Amount rule for each currency that you accept payments in.
Volume of transactions#
As the name suggests, this rule is triggered if the same payer reference is used on multiple payments that exceed a stated amount of money in a given timeframe. In the pictured example, if more than EUR1500 is sent in one hour, the rule will trigger and give a score of 30:
In this scenario, a person could send EUR1499 and the rule would not be triggered. If the same payer reference sent EUR1.01 within an hour, the rule would trigger.
With this rule, you can set the amount of money and timeframe at whatever makes most sense for your business. If you receive suspicious activity of USD200 in two hours, that can be your rule. Likewise, it could be GBP3,000 in eight hours. Combine this with filters to unleash even more advanced levels of protection, like only triggering the rule to specific regions.
Number of initiated transactions#
This rule looks exclusively at how many transactions a payer reference tries to initiate in a given period of time. In the pictured example, the rule is set to trigger if the same payer reference tries to initiate four or more transactions within 10 minutes, applying a score of 60.
Statuses#
Once the final score has been calculated, the transaction details will show the score and one of two statuses: approved_by_risk or refused_by_risk.
Approved_by_risk means that Circuit Breaker has analyzed the transaction and gave a score lower than 100. The transaction was sent to the bank for completion. Please note that this does not mean it has been paid; the bank can still refuse to complete the payment.
Refused_by_risk means that Circuit Breaker gave a final score of 100 or above. The transaction was blocked before sending it to the bank.