Custom rules let you fine-tune your risk profile. You can use them to address risks specific to your business or to complement the risk evaluation by the Machine learning: fraud risk rule.
Requirements
Before you begin, take into account the following requirements and limitations.
| Requirement | Description |
|---|---|
| Customer Area roles | Make sure that you have one of the following role(s):
|
| Limitations | You can only use custom rules when you use Protect premium. |
How it works
You can add custom rules to complement the fraud risk evaluation. When you configure a rule in your risk profile, you configure which action should be taken when a transaction matches that rule.
For each rule, you configure if the rule should run before or after authorization, and what to do if a transaction matches the rule: Allow, Block, Review, or Check for 3DS.
You can also label your rules for easy classification, and to further personalize your risk profile setup.
Create a custom rule
To create a new rule in your Customer Area:
- Go to Revenue & risk > Risk profiles.
- Select a risk profile.
- Select Risk rules.
- Select + Create new custom rule, and then select Pre-authorization or Post-authorization.
- Enter a rule name.
- In the Action section, select Allow, Block, Review, or Check for 3DS to define the action you want to take when the rule triggers.
- Allow: do not block the transaction if the transaction matches this rule.
- Block: block the transaction if the transaction matches this rule.
- Review: send the transaction to case management if the transaction matches this rule.
- Check for 3DS: do not make a risk decision if the transaction matches this rule.
When you create a pre-authorization rule with the Check for 3DS action, you can use it to influence the authentication engine. Because no risk decision is made to block or allow the transaction, you can select the custom rule as a trigger for Dynamic 3D Secure rules.
- In the Label section, select one of the following labels for the rule:
- Business: for rules specifically related to your business.
- Legal: for rules based on regulations or laws.
- Fraud: for rules to prevent specific fraud risks for your business.
- Block list: for rules to add payment properties to predefined block lists.
- Trust list: for rules to add payment properties to predefined trust lists.
- Enter conditions. You can add conditions to the rule by selecting AND or OR. For each condition, select:
- Field Name: choose a field to use as a risk variable.
- Operator: how to compare the Field Name and the Field Value. The type of the fields you are comparing defines which operators you can use. For example, you can use greater than (>) for numbers, or starts with for strings.
- Field Value: value that triggers your rule.
- Select Create new rule.
Operators
When you build your custom risk rule, you can use operators to define the rule conditions. You can use AND and OR to add conditions to the custom risk rule.
The data type of the field you are building your rule around determines if you can use a specific operator, which and how many values you can enter, and how the fields will be compared.
| Operator | When to use | Example | Data type | Multiple values |
|---|---|---|---|---|
| equals (==) | Compare the field against another field, against a single field value, or verify that the field value is true or false. | quantity equals (==) 2 |
String, Number or Boolean |  |
| does not equal (!=) | Compare the field against another field, against a single field value, or verify that the field value is true or false. | quantity does not equal (!=) 2 |
String, Number or Boolean | |
| is one of | Compare the field against multiple field values of a list. | currency is one of EUR, USD, AUD |
String or Number |  |
| is not one of | Compare the field against multiple field values of a list. | currency is not one of EUR, USD, AUD |
String or Number | |
| is in list | Compare the field against a custom or Adyen-provided risk list. Using this operator, you can create custom list comparisons, or create a condition to compare a field against an Adyen-provided risk list. | productTitle is in YOUR_CUSTOM_LIST |
List | |
| is not in list | Compare the field against a custom or Adyen-provided risk list. Using this operator, you can create custom list comparisons, or create a condition to compare a field against an Adyen-provided risk list. | productTitle is not in YOUR_CUSTOM_LIST |
List | |
| contains string | Compare the field value to a specific string. | emailDomain contains example.com |
String or Number | |
| starts with | Compare the start of the string in the field value to a specific string. | emailName starts with test |
String | |
| ends with | Compare the end of the string in the field value to a specific string. | emailName ends with test |
String | |
| greater than (>) | Compare the field value against a specific value. | amount greater than (>) 1000 |
Number | |
| greater than or equals (>=) | Compare the field value against a specific value. | amount greater than or equals (>=) 1000 |
Number | |
| less than (<) | Compare the field value against a specific value. | amount less than (<) 1000 |
Number | |
| less than or equals (<=) | Compare the field value against a specific value. | amount less than or equals (<=) 1000 |
Number | |
Backtest a rule
You can backtest the impact before you activate a new rule, or change the settings of an existing rule.
You can run the rule on your historical data to build more confidence in the effect of the rule before you turn it on. Or, after you identify a rule that is not performing well, you can test the effect of any changes to the rule before you make them.
Backtesting can give you helpful insights in your risk profile performance, and reduces the time you have to spend on manually monitoring risk rule performance over time.
To backtest a rule in your Customer Area:
- Go to Revenue & risk > Risk profiles.
- Select a risk profile.
- Select Risk rules.
- Select a pre-authorization rule from the Allow, Block or Review tab, and then select Backtest.