Guide to Fraud Scoring: What is it & How it Works?

Guide to Fraud Scoring: What is it & How it Works?

Author avatar

by Bence Jendruszak

Most prevention and detection tools deliver results via fraud scores. But what do they measure, and how do they work exactly?

Whether you already have a risk detection solution in place or you’re in the market for one, chances are you’ve heard of fraud scores.

And yet, even experienced business managers are sometimes unable to explain how they work, or why they help reduce risk.

In this post, we’ll break down the basics of fraud scoring, and we’ll see how you can leverage them to boost business efficiency.

What is a Fraud Score?

Fraud scoring assigns values to how risky a user action is. The fraud scores are calculated based on rules, which add or subtract points. The user action may be a transaction, signup or login. Rules look at datapoints such as an email address, IP address, or social media presence.

How Does Fraud Scoring Work?

For fraud scoring to work, you must have an anti fraud software that can look at user data. That data is fed through risk rules, which allow you to calculate how dangerous an action is. For instance, a new user registration from someone with a high-risk ID, or a credit card that appeared on a blacklist before.

The key is that fraud scoring should allow you to automatically approve, reject, or review certain actions. These could be completing a purchase, or logging into your site.

In that sense, it is similar to a credit score check, where a credit bureau assesses the financial risk posed by a user action (taking out a loan, or opening a new account).

Example of Fraud Scoring Calculation

For this example, we’ll look at two users trying to make a payment on your site. The screenshots show exactly how the SEON dashboard will deliver the results:

fraud scoring - low number set from SEON

In this first example, you can tell the transaction is risky, but it’s not 100% evident you are dealing with a fraudster. It would be a great time to alert the team that a manual review is needed, or to trigger additional verification.

fraud scoring - high number set from SEON

The high number in this second examples lets us know we are clearly dealing with a fraudster, which would automatically block the transaction.

However, based on your risk policy, you could also send the transaction to be reviewed manually by a member of your fraud team.

Build a fraud scoring model with SEON

SEON is a powerful end-to-end solution that gives you complete control over the rules that affect your users’ fraud scores

Book a Demo

Advantages of Fraud Scoring

To understand the benefits of fraud scores, let’s imagine you are a small online store focusing on reducing up to 27% of transaction fraud (when users pay with stolen credit card details). Your goal is to reduce chargeback, identify a legitimate account from a fraudulent one, and facilitate good payments.

  • They allow automation: instead of manually reviewing every purchase, you can let the system assign a value to each action, and approve or deny it based on the results. Of course, you can also review actions where the results are indecisive for certain transactions.
  • Scaling: this goes hand in hand with automation, but fraud scores will let your store process many more transactions quicker. This helps you focus on growing your ecommerce with complete peace of mind, while risk management is taken care of in the background.
  • Dynamic authentication: even if your risk numbers point to the need for manual review, you can still add another layer of safety with triggers. Let’s say someone signs up to your platform, but their transactions data signals they might be a risky user. Your risk prevention system could trigger additional authentication such as a selfie ID or 2FA, which can confirm their identity, and deter potential fraudsters.
  • Reduced friction / churn: final benefit of automating reviews with risk scores: you create a smoother customer journey. For instance, Amazon doesn’t ask for a credit card CVV to speed up the payment process. You can reduce the number of steps between your user and their payment, as long as only risky behaviour is reviewed.
  • Better flexibility: Balancing the numbers yourself lets you decide how you want to mitigate risk. This could be based on seasonality, or for specific items, such as high-value goods or low-value digital downloads. Just keep in mind that not all fraud prevention tools let you adjust the thresholds yourself.

Disadvantages of Fraud Scoring

So a user with a low score of 0 could be excellent for one provider, but extremely risky for another. Click To Tweet

The biggest disadvantage of fraud scoring is that no two fraud companies use the same standards. If you move from one business to the next, you may have to relearn how to mitigate risk based on a completely new scale.

At SEON, we set our preset thresholds as follows: 

  • 0 – 10:  the action is safe, and will be approved automatically.
  • 10 -20: the action could be risky, and should be reviewed manually. The user journey is momentarily paused, and you can create an alert via email, for instance, to manually process the action. Another option is to trigger a second set of verifications automatically at this stage.
  • 20+: the action is risky and will be declined. You can blacklist the user’s data points forever if you choose to.

Note that these can be adjusted manually. But before tweaking them, it’s important to first get a good understanding of which rules give us a fraud score.

How to Get Started with Fraud Scoring 

Fraud scoring varies greatly from one fraud software to the next, so it helps to have an understanding of the basics before you choose your solution.

Understand Where the Fraud Rules Come From

The rules which help calculate a fraud score can be: 

  • Preset by the provider and tailored to your industry
  • Created manually
  • Suggested by AI based on historical data

But when it comes to fraud rules, there is no one-size-fits-all approach. One rule might work great to catch fraudsters on a crypto exchange, but fail with iGaming operators. 

This is why it’s extremely important to test the rules in a true business environment, based on your historical data. 

In the case of AI or ML (machine learning) rules, you also want to be able to understand exactly what the tool is suggesting, hence the importance of whitebox systems.

Consider Whitebox Vs Blackbox Fraud Scoring

Some engines offer full transparency into their inner workings, others tend to make it harder to guess what the algorithms do. At SEON, we believe whitebox systems are always superior as they allow you to:

  • Understand what each rule does. For instance, looking at how many login attempts are considered suspicious within a set time range.
  • Balance the weight of each rule: You need to test how important each rule is, especially when you use dozens of them at once.
  • Adjust your risk thresholds: You might want control over what is considered a risky score versus a safe one. Make sure the fraud prevention tool doesn’t lock you into their own blackbox settings there.

Our Sense Platform, which can come with industry-preset rules, machine-learning suggested rules, and custom rules, lets you visualize them through a decision tree, so you can get a clear overview of how each score is calculated.

In fact, even the rules suggested by the AI are delivered in human-readable form, so you’re never at the mercy of the algorithms.

Test the Rules for Accuracy

One key element of fraud scores: their precision is only as good as the data used to calculate them. This is why your fraud prevention system should not only collect as much data as possible, but also enrich it.

We have a full post on data enrichment here, but the core concept is that it helps:

  • Validate the quality of the data you get
  • Link it to external data sources, so you get more information about the user than what they submit through the fields
  • Reduce the amount of data the user needs to submit, so you can speed up their customer journey.

Here is a clear example of how much extra information you can glean thanks to data enrichment solutions, and how it helps improve the precision of risk scores:

  1. A new user signs up on your site, with only a name and email address
  2. SEON is already performing a digital footprint analysis to gather extra hidden data such as IP address, social profiles based on email and phone, device used, browser, etc…
  3. The data is cross-referenced (enriched) with external databases
  4. The system receives extra data, such as email domain address info, whether it appears on blacklists, etc…
  5. The data is fed through the predictive rule engine
  6. The calculations give you the risk score.

As you can imagine, avoiding steps 3 and 4 is possible, but it could skew the fraud scoring, and reduce its precision in flagging a fraudulent customer.

Key Takeaway: Fraud Scoring

Whether you are an experienced fraud manager or not, we hope this primer on fraud scoring allowed you to get a better idea of how and why they work.

More importantly, we hope you can see how important it is to truly understand which rules affect the values. This is only possible if your fraud prevention system is a whitebox one, designed to offer transparency into its data enrichment and rule-creation processes.

This is exactly the philosophy behind SEON’s Sense platform, a powerful end-to-end solution that gives you complete control over the rules that affect your users’ fraud scores.

Block risky transactions with fraud scores

SEON’s customizable fraud score threshold automatically declines or alerts you to risky transactions to protect your business from online fraud

Book a Demo

FAQ Frequently Asked Questions About Fraud Scoring

How is a fraud score calculated?

Fraud scores are calculated by feeding user data through risk rules. The total score should fall within a range that lets you know whether you should accept, decline, or review the action.

Is a fraud scoring reliable?

Fraud scoring can give out results with extremely high accuracy. However, the quality of the results depends on the kind of rules in place, how often you update them, and even what kind of industry you are in.

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection Machine Learning

Share article

See a live demo of our product

Click here

Author avatar
Bence Jendruszak
COO

Bence is the co-founder and COO of SEON whose vision is to create a safer online environment for merchants in high risk verticals.


Sign up to our newsletter