Velocity checks, sometimes known as “velocity limits,” serve as a critical tool in the arsenal of eCommerce merchants for combatting fraud. This system is designed to detect potential fraudulent activity by analyzing the frequency at which a buyer submits multiple transactions.
Fraudsters often acquire card numbers that turn out to be invalid. In light of this, they typically engage in a “testing” phase where they repeatedly attempt transactions. If a transaction is declined, it serves as an indicator that the card information is invalid. Conversely, if the transaction is accepted, they have a limited window of opportunity to exploit the stolen data before the cardholder discovers the unauthorized use.
Once fraudsters identify a valid card number, their usual tactic is to exhaust its available credit. They repeatedly process transactions in an effort to extract as much value as possible from the purloined data. Unfortunately, this often results in them successfully obtaining a trove of stolen information, while you, as the merchant, bear the burden of chargebacks.
If a fraudster employs your online store to test cards or make transactions using a valid card, you are left with the financial repercussions. You will encounter chargebacks once the cardholders identify the fraudulent activity, leading to additional expenses, lost revenue, and fees. This is where velocity checks come into play.
Velocity checks are specifically designed to scrutinize the details provided with each transaction and flag instances of repetitive submissions of the same information within a predefined timeframe. This enables you to segregate suspicious transactions and identify cases where a fraudster may be involved in card testing or attempting multiple transactions with a legitimate card number.
This technology allows you to assess customer data based on various factors, including:
- Email Address
- First and Last Name
- Device Information
- IP Address
- Billing Address
- Shipping Address
- Card Number
Velocity checks establish a correlation between user profiles and their actions, considering combinations of these data points. These data elements are then assessed using a complex algorithmic system to determine a pattern of regularity, which is subsequently compared against a timeframe.
The velocity algorithm compares historical user behavior against current transaction data within the context of predefined rules. For instance, if a user initiates a flurry of transactions in quick succession that deviates from their typical historical pattern, the system will flag such transactions as potentially fraudulent.
Written by Andrii Vovk