Rebilly offers fully customizable risk scoring using the rules engine. Build rules to add or detract points from the risk score of the transaction, and take some action based on the risk score. Most commonly, you will want to add the customer and/or payment instrument to a blocklist to stop the transaction.
transaction process requested event to program rules to evaluate the transaction and the `ad../../concepts-and-features/concept/action-types.mdaction](action-types.md) to change the risk score.
Use the risk metadata
mismatched items to filter for inconsistent information. Merchants commonly check for consistent:
- Bank country
- Billing country
- Time zone
- Cardholder name and name in primary address
Use the transaction risk metadata to search for VPN, proxy, or TOR usage.
If you sell a physical product, use the risk metadata to check the distance between the shipping address and the billing address.
Velocity refers to the number of transactions in the last 24 hours. Use the risk metadata to perform the following velocity checks:
- Velocity - the number of transactions made by a customer for a single merchant.
- Payment instrument velocity - the number of transactions made with a payment instrument (PAN fingerprint for payment cards or bank account fingerprint for bank transfers) across all Rebilly merchants.
- Device velocity - the number of transactions made from a device (using device fingerprint) across all Rebilly merchants.
Use the conditions to filter for transactions with a velocity higher than X. For example, I'll use a velocity higher than 5.
Once you've programmed your checks, use the
risk score changed event and the
blocklist action to stop the transaction. You may blocklist any or all of the following:
- Customer ID
- IP address
- Payment card
The block may be temporary or permanent.