The WSO2 Open Banking solution faciliates maintaing facilitates maintaining fraud rules to detect fraudulent transactions. The transactions Transactions that do not exceed a predermined predetermined fraudulent rate would be excempted are exempted from Strong Customer Authentication (SCA), as shown below.
The following formula is used to calcuate calculate the fraud rate. The calculation will be rolling runs on a quarterly basis, i.e., only data taken from the data within past 90 days are considerd is considered for the calculation.
Let's take a look at the fraud scenarios, and the applicable fraud rules used in WSO2 Open Banking.
Table of Contents |
---|
...
Payer’s
...
abnormal behavioral pattern
Abnormal payment/behaviroal patters behavioral patterns can be detected using the following activities:
- Abnormal transaction date and/or time: The payer transacts on at an unusual date or time when compared with the trasaction transaction history.
- Abnormal IP address: The payer accesses the system via an IP address that was not used previously.
- Abnormal device usage: The payer access the system using different devices within a particular duration, e.g., accessing the system using three different devices on the same day.
- Abnormal transaction amount
- Abnormal transaction frequency
- Abnormal cumulative transaction spikes.
Malware
...
infection
Malware infections in any sesstions sessions related to authentication procedures can be detected using scripts, as well as through user intervention.
Known
...
fraud scenarios
Fraudulent payments can be detected using the following activities:
- Payment initiated from a blacklisted account an account in the deny list due to stolen credentials.
- Change of IP address within the transaction session.
- Payment initiation via a blacklisted IP address.an IP address in the deny list
- Time zone mismatch with the payer's location.
- Attempting to replicate the transaction using an auth token.
- Redirection from an untrusted/blacklisted website a website in the deny list (phishing).
- User flagged for phishing logs in from a different location (high-risk phishing).
- The number of consective consecutive user consent rejections exceeds exceed the predefined threshhold.threshold
- The payment submission amount is dfferent differs to the consented value.
- Abnormal delivery location of an eCommerce e-commerce transaction.
- High-risk delivery location of an eCommerce e-commerce transaction.