Blog

Customize your protection with new features in the Dynamics 365 Fraud Protection preview

Article written by: Anand Oka – Partner Group Program Manager. Click here to see original post.

Successful fraud protection relies on a lot of information. The more insights you have into transactions and accounts, the better you will be able to detect suspicious activity. Microsoft Dynamics 365 Fraud Protection uses advanced AI models to bring together diverse sets of information into a single assessment score that indicates the overall risk of an event. Customers can create rules that threshold this score to make decisions in a manner that suits their risk appetite. However, sometimes customers also have the need to directly reason over raw attributes in their rules, for example, to detect business policy violations or to stop emerging fraud patterns specific to their business. In this preview, we are adding two features that will significantly improve the information available in the Dynamics 365 Fraud Protection rule engine: velocities and external calls.

Velocities use relationships and patterns between historical transactions to identify suspicious activity and help customers prevent loss from fraud. External calls let Dynamics 365 Fraud Protection customers ingest data from third-party information providers or from their in-house AI models. All these inputs may be needed by customers to make fully informed decisions on their events.

Identify potential fraud with velocities

How do you determine if a transaction is suspicious? In short, you have to look at the bigger picture. For example, there may be nothing suspicious about someone buying a single exercise bike online. However, if they buy fifteen exercise bikes over a short period of time, each with a different payment instrument, that might indicate possession of stolen payment information and malicious fraud. This is why monitoring the relationships and patterns between current and past transactions is essential in determining the riskiness of any given event.

Velocity detection allows customers to analyze the historical patterns of an individual or entity such as a credit card, IP address, or user email. Velocities already play a significant part in our AI-driven risk assessments, and now we are enabling our customers to define their own velocities that matter most to their business. With velocity checks, you can get the answers to questions such as: How much money has a user account spent in the last hour? How many distinct payment instruments have been used from this device in the last seven days? How many times has this user account attempted to login in the last five minutes? Customers can then utilize these historical patterns in real-time decision-making.

Some behaviors are more suspicious regardless of the business, such as hundreds of login attempts within a short interval from the same IP address. Other behaviors might be suspicious for one business, but not for another. It is not uncommon for a single customer to make two to six transactions a month at a grocery store. However, it might be more suspicious if a single customer makes two to six transactions in a month at a luxury car dealer. Velocities are an important tool for any fraud protection service, but their effectiveness depends on being able to customize it to your business.

Dynamics 365 Fraud Protection’s velocities provide customers the ability to fully customize their velocities, all the way from which attributes to monitor, to the timeframe they monitor them over, to what thresholds they want to set.

Shows a rule that rejects transactions based on the velocities defined.

Velocities also allow customers to connect behaviors from different assessment events including account creations, account logins, and purchases. For example, a customer could block a user from logging in based on an inordinately large number of purchases made from the account in a short interval, or flag a purchase for review based on suspicious login attempts, since both velocities may be indicative of account compromise.

Make informed decisions in real-time with external calls

Until now, using the Dynamics 365 Fraud Protection’s rule engine customers could make real-time decisions based only on the data available within the product. This included data sent as part of the request payload, data uploaded in the form of lists, data generated by device fingerprinting, and risk assessment and bot detection scores produced by our AI models. However, sometimes customers may need additional signals from data sources outside the product to inform their decisions. Some customers may choose to partner with third-party information providers for additional data enrichment. Details such as address verification and phone reputation can help discover suspicious and fraudulent activity. Other customers may choose to utilize scores from their own in-house AI models tailored to their business. All these inputs may be important for customers to make fully informed decisions regarding their business.

Shows process of creating brand new external call, connecting to phone verification API

Our external calls feature enables customers to bring in data from essentially any API endpoint on the web, ensuring they have full context and flexibility needed at the point of decision. This update continues to increase the power and scope of what can be done from within the Dynamics 365 Fraud Protection rules engine, allowing customers to utilize outside data when orchestrating their decisions.

Shows External Call landing page where multiple external calls are set up, and you can see relevant metrics for each

Note that velocities and external calls are features made available in preview with reasonable consumption limits. In the future, we may bring these to general availability in an appropriate way.