Increasing payment acceptance with Fraud Detection System

Crossposted in Midtrans blog, with some modifications, personal notes, etc.

A good chunk of years in my career is spent dabbling on payment risk and fraud detection system — and of the piece of the puzzle that is still ongoing to be solved is to change the stigma of Fraud Detection System. Over the years Fraud engine is always treated as a necessary evil, but also the first culprit to blame when talking about ‘what causes our payment acceptance to drop.’

In Midtrans, we employ our own Fraud Detection System called Aegis, developed in-house back in 2014 by our own fraud analysts, data scientists and risk engineers to help protect our merchants from fraudulent payment attempts and keeping their platform secure. Being a fraud analyst ourselves, we understood all the pain points of the generic fraud systems in the market back at that time. Unlike most fraud systems in the market which was designed either for engineers or the marketing team; we built it with Fraud Analysts in mind — designed to facilitate instant rule deployments without any coding/SQL skill needed to operate in order to cater for on-the-spot fraud attacks.
We invested a lot over the years in building our blocklist database in order for it to become the richest payment blocklist database in Indonesia, where we continuously combine fraud reports from banks, partners, our own fraud honeypots, or reports from our merchants. Over the years, we augment Aegis with machine learning risk score designed to be used as part of rules — which enables us to adapt the fluid nature of machine learning products when certainties and quick adjustment is needed, along with relationship network signals, and even more investment in our rule creation in order to facilitate ultra-flexible rule designs.
With Aegis, Midtrans have managed to help keep our merchants secure 24/7 only with a team of 4 — ever since its launch in 2014, we have kept our rejection rate to be consistently lower than the industry average, while keeping our fraud rate under 0.1%.

As part of Midtrans’s fraud prevention mechanism strategy, Aegis utilizes the following datapoint and mechanisms in real-time manner :

• Payment signals we derive from our own SDK and checkout page,
• Signals uniquely used by each merchant in their business sent to Midtrans via our metadata capability in our API,
• Fraud data reported by banks, partners, merchants or gathered via Midtrans’s own fraud honeypots;
• Network relationship signals generated by our machine learning fraud engine, Sherlock

During the recent double-digit date promotion campaigns held by our merchants, we’ve decided to do something different this year. Specifically for 10.10 and 11.11, learning from our previous year’s experience & data on the campaigns, we worked closely with our merchants to understand better the mechanics of the promotion being held during the said time to derive a behaviour analysis during promotion time. Double-digit date campaigns are akin to Black Friday or Singles Day —the combined purchasing volume in the narrow time window is so massive; hence the purchasing behaviour can’t exactly be compared against regular promotion’s transaction behaviour.

Based on the information, we analyzed a few buyer personas with their purchasing behaviour, such as (but not limited to) :

• Promo Hunters : Buyer whose main goal is to hunt for promotions; typically they are resellers, bulk buyers, or buyers whose main income is to profit from the promotions. They might also use bots or have a team on standby to hunt for promos,
• Promo Fraudsters : Similar to promo hunters, but these buyers use illegal source of funds e.g. stolen credit cards, cashing out wallets from social engineering attempts, etc. Their behaviours might resemble promo hunters at times,
• Genuine Buyers : Regular buyers who are the main target of the promotion where we might see an upward shift in their purchasing behaviour compared to usual,
• Professional Blackhats : Fraudsters whose MO might not necessarily be related to the ongoing promotion as they are looking for a quick way to cash out their illegal funds for a longer period of time.

Not all regular velocity rules that we use in Aegis work well during this campaign period as the behaviour of genuine users who are doing purchasing-spree during unconventional hours and fraudsters who attempt to game the system are starting to overlap. We developed a separate rule & score set for each individual persona and overlapping personas, on top of our regular setups specifically optimized to handle bursts of transactions during the time frame, along with global rules to catch suspicious behaviour shared across personas within that specific platform or even cross platforms. All of these rule setups are monitored by our team of fraud analysts to adjust the metrics on-the-go during the campaign time based on the real-time live feed of the setup’s performance.

This initiative paid off; in the domain where minuscule changes can ripple into a big impact, we managed to save an additional 3.7B IDR while reducing the decline rate by 50.8%, with an increase in fraud less than ~0.1% observed within a couple of weeks post-campaign.

Key takeaways are that when utilized properly, Fraud Detection System can actually improve your acceptance rate while keeping your payments secure, despite the common misconception of it being the main cause of the payment’s decline.

A small caveat to end this post — a fraud detection system is only as good as the data that it has. No matter how sophisticated the technology is, any Fraud system worth its worth is still powerless if it’s not powered with the necessary data pool. Note that at the end of the day, ensuring that your business is passing the important data points and signals to your fraud system are already half the battle won.