Rules
Card payments are processed by fraud rules which are defined by the merchant. Fraud Rules are defined with a language called Fraud DSL which is developed by Craftgate.
When payment matches defined rule, action of the rule (see: Fraud Actions) will be applied.
Fraud Actions
| Action | Description |
|---|---|
REVIEW | Review |
BLOCK | Block |
Rule Definition
In order to define rules, you can use Fraud Management > Rule Management > New Rule button to open up Rule Definition modal window.
When defined rule action is 'Block', payment will be blocked by FRAUD_BLOCK error group
When defined rule action is 'Review', payment will be allowed but a fraud check record will be created by system.
Rule Definition
Rule definition modal has a rule editor which configured to use Fraud DSL Language
Rule editor will help you to define rules with autocomplete features. Autocomplete will help create rules with rule
variables listed below, operators and lists can be used.
Fraud DSL
In order to detect fraud payments, Fraud DSL language has a special syntax. This syntax has very flexible content with numerous predefined variables and user defined list for you to create your own criteria.
A Fraud rule can be consists of one or more conditions. These conditions can be combined with an and operator.
Rule conditions can be created with variables listed below.
Rule Format:
[condition] and [condition] and ...
Condition Format:
[variable] [operator] [value/list]
Note: Variables with type boolean can be used without operator and value because it has value of true or false
.
For example sameCardNumberHasFraudSuspectHourly and ...
Rule Operators
| Operator | Description | Example |
|---|---|---|
== | Tests if condition variable is equal to value. | clientIp == "127.0.0.1 |
!= | Tests if condition variable is not equal to value. | clientIp != "127.0.0.1 |
< | Tests if condition variable is less than value. Can only be used with variables have numerical data types(integer ya da float). | sameClientIpIn30Minutes < 3 |
<= | Tests if condition variable is less than or equal to value. Can only be used with variables have numerical data types(integer ya da float). | sameClientIpIn30Minutes <= 3 |
> | Tests if condition variable is greater than value. Can only be used with variables have numerical data types(integer ya da float). | sameClientIpIn30Minutes > 3 |
>= | Tests if condition variable is greater than or equal to value. Can only be used with variables have numerical data types(integer ya da float). | sameClientIpIn30Minutes >= 3 |
in | Tests if condition variable exists list values. | clientIp in @ipBlackList |
not in | Tests if condition variable not exists list values. | clientIp not @ipWhiteList |
Variables
| Variable Name | Data Type | Description |
|---|---|---|
cardNumber | cardFingerprint | Card Fingerprint |
cardHolderName | string | Cardholder Name |
cardBrand | string | Card Brand |
isThreeDS | boolean | Is payment operation 3D Secure |
clientIp | string | Client IP - clientIp field on payment request |
buyerId | integer | Member ID - buyerMemberId field on payment request |
buyerExternalId | string | Buyer External ID - buyerExternalId value of fraudParams field on payment request or buyerMember properties |
buyerPhoneNumber | string | Buyer Phone Number - buyerPhoneNumber value of fraudParams field on payment request or buyerMember properties |
buyerEmail | string | Buyer Email - buyerEmail value of fraudParams field on payment request or buyerMember properties |
paidPrice | float | Paid Price |
currency | string | Currency - currency field on payment request - Default TRY - See: Currencies |
paymentType | string | Payment Type - See: Payment Types |
binNumber | string | Bin - First 8 digits of cardNumber field on payment request |
isForeignCard | boolean | Is payment operation requested with a foreign card |
hasSuccessPaymentIn30Minutes | boolean | Has any success payment before now in last 30 minutes |
hasSuccessPaymentHourly | boolean | Has any success payment before now in last 1 hour |
hasSuccessPaymentDaily | boolean | Has any success payment before now in last 1 day |
sameClientIpIn30Minutes | integer | Previous payment count with same ip in last 30 minutes |
sameClientIpHourly | integer | Previous payment count with same ip in last 1 hour |
sameClientIpDaily | integer | Previous payment count with same ip in last 1 day |
sameClientIpTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same ip in last 30 minutes |
sameClientIpTotalPaidPriceHourly | float | Total paid price of previous payments with same ip in last 1 hour |
sameClientIpTotalPaidPriceDaily | float | Total paid price of previous payments now with same ip in last 1 day |
sameBuyerIdIn30Minutes | integer | Previous payment count with same member id in last 30 minutes |
sameBuyerIdHourly | integer | Previous payment count with same member id in last 1 hour |
sameBuyerIdDaily | integer | Previous payment count with same member id in last 1 day |
sameBuyerIdTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same member id in last 30 minutes |
sameBuyerIdTotalPaidPriceHourly | float | Total paid price of previous payments with same member id in last 1 hour |
sameBuyerIdTotalPaidPriceDaily | float | Total paid price of previous payments now with same member id in last 1 day |
sameBuyerExternalIdIn30Minutes | integer | Previous payment count with same buyer external id in last 30 minutes |
sameBuyerExternalIdHourly | integer | Previous payment count with same buyer external id in last 1 hour |
sameBuyerExternalIdDaily | integer | Previous payment count with same buyer external id in last 1 day |
sameBuyerExternalIdTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same buyer external id in last 30 minutes |
sameBuyerExternalIdTotalPaidPriceHourly | float | Total paid price of previous payments with same buyer external id in last 1 hour |
sameBuyerExternalIdTotalPaidPriceDaily | float | Total paid price of previous payments now with same buyer external id in last 1 day |
sameBuyerPhoneNumberIn30Minutes | integer | Previous payment count with same buyer phone number in last 30 minutes |
sameBuyerPhoneNumberHourly | integer | Previous payment count with same buyer phone number in last 1 hour |
sameBuyerPhoneNumberDaily | integer | Previous payment count with same buyer phone number in last 1 day |
sameBuyerPhoneNumberTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same buyer phone number in last 30 minutes |
sameBuyerPhoneNumberTotalPaidPriceHourly | float | Total paid price of previous payments with same buyer phone number in last 1 hour |
sameBuyerPhoneNumberTotalPaidPriceDaily | float | Total paid price of previous payments now with same buyer phone number in last 1 day |
sameBuyerEmailIn30Minutes | integer | Previous payment count with same buyer email in last 30 minutes |
sameBuyerEmailHourly | integer | Previous payment count with same buyer email in last 1 hour |
sameBuyerEmailDaily | integer | Previous payment count with same buyer email in last 1 day |
sameBuyerEmailTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same buyer email in last 30 minutes |
sameBuyerEmailTotalPaidPriceHourly | float | Total paid price of previous payments with same buyer email in last 1 hour |
sameBuyerEmailTotalPaidPriceDaily | float | Total paid price of previous payments now with same buyer email in last 1 day |
sameCardNumberIn30Minutes | integer | Previous payment count with same card number in last 30 minutes |
sameCardNumberHourly | integer | Previous payment count with same card number in last 1 hour |
sameCardNumberTotalPaidPriceIn30Minutes | float | Total paid price of previous payments with same card number in last 30 minutes |
sameCardNumberTotalPaidPriceHourly | float | Total paid price of previous payments with same card number in last 1 hour |
sameCardNumberHasFraudSuspectIn30Minutes | boolean | Has any payment with FRAUD_SUSPECT error group before now with same card number in last 30 minutes |
sameCardNumberHasFraudSuspectHourly | boolean | Has any payment with FRAUD_SUSPECT error group before now with same card number in last 1 hour |
sameClientIpDistinctCardIn30Minutes | integer | Previous payment count with different cards from the same ip in last 30 minutes |
sameClientIpDistinctCardHourly | integer | Previous payment count with different cards from the same ip in last 1 hour |
Rule Examples
You can check out following examples to guide you for creating your own rules
| Example Rule | Description |
|---|---|
cardNumber in @blockedCardNumbers | List usage example - Matches payments with card numbers in blockedCardList |
sameClientIpHourly > 2 and sameClientIpTotalPaidPriceHourly >= 10000 | Previous payments velocity check example Matches if total paid price of previous payments with same ip in last 1 hour equal to or greater than 10000 and previous payment count with same ip in last 1 hour greater than 2 |