04 Jan

How Fraud Detection System has helped to increase our merchant’s payment acceptance safely during 11.11 promotion period

by Maria Melisa
Head of Merchant Operations

8977Views

In Midtrans, we employ our own Fraud Detection System called Aegis, developed in-house by a team of fraud analysts, data scientists and risk engineers to help protect our merchants from fraudulent payment attempts and keeping their platform secure. Aegis is built by fraud analysts for fraud analysts, which is designed to facilitate instant rule deployments to cater for on-the-spot fraud attacks while equipped with the richest payment blacklist database in Indonesia, machine learning risk score, relationship network signals, and ultra-flexible rule designs. With Aegis, Midtrans have managed to help keep our merchants secure 24/7 only with a team of 4 - ever since its launch in 2014, we have kept our rejection rate to be consistently lower than industry average, while keeping our fraud rate under 0.1%.
 
As part of Midtrans’s fraud prevention mechanism strategy, Aegis utilizes the following datapoint and mechanisms in real time manner :

• Payment signals we derive from our own SDK and checkout page,

• Signals uniquely used by each merchants in their business, sent to Midtrans via our metadata capability in our API,

• Fraud data reported by banks, partners, merchants or gathered via Midtrans’s own fraud honeypots;

• Network relationship signals generated by our machine learning fraud engine, Sherlock

With the ongoing double digit date promotion campaigns held by our merchants, we’ve decided to do something differently this year. Specifically for 10.10 and 11.11, learning from our previous year’s experience & data on the same campaigns, we worked closely with our merchants to understand better the mechanics of the promotion being held during said time to derive a behaviour analysis during promotion. Based on the information, we analyzed a few buyer personas with their purchasing behaviour, such as (but not limited to) :

• Promo Hunters : Buyer whose main goal is to hunt for promotions; typically they are resellers, bulk buyers, or buyers whose main income is to profit from the promotions. They might also use bots or have a team on standby to hunt for promos,

• Promo Fraudsters : Similar to promo hunters, but these buyers use illegal source of funds e.g. stolen credit cards, cashing out wallets from social engineering attempts, etc. Their behaviours might resemble promo hunters but additional scrutiny on the payment methods used are needed,

• Genuine Buyers : Regular buyers who are the main target of the promotion where we might see a upward shift in their purchasing behaviour compared to usual,

• Professional Blackhats : Fraudsters whose MO might not necessarily be related to the ongoing promotion as they are looking for a quick way to cash out their illegal funds for a longer period of time.

Not all regular velocity rules that we use in Aegis work well during this campaign period as behaviour of genuine users who are doing purchase-spree during unconventional hours and fraudsters who attempt to game the system are starting to overlap.  We developed a separate rule & score set for each individual persona and overlapping personas, on top of our regular setups specifically optimized to handle bursts of transactions during the time frame, along with global rules to catch suspicious behaviour shared across personas within that specific platform or even cross platforms. All of these rule setups are monitored by our team of fraud analysts to adjust the metrics on-the-go during the campaign time based on the real time live feed of the setup’s performance.
 
This initiative paid off; in the domain where miniscule changes can ripple into a big impact, we managed to save an additional 3.7B IDR while reducing the decline rate by 50.8%, with increase in fraud not more than 10 transactions within a couple of weeks of post campaign observations.
 
Key takeaways are that when utilized properly, Fraud Detection System can actually improve your acceptance rate while keeping your payments secure, despite the common misconception of it being the main cause of the payment’s decline. However, a fraud detection system is only as good as the data that it has, hence merchant’s participation in working closely with Payment Gateway and willingness to share more signals are the key for higher fraud detection accuracy.
 
Works are continuously being done to improve Aegis’s accuracy. By signing up to Midtrans, your business will be automatically protected by Aegis - no separate sign up needed. To learn more on how Aegis works in securing your payments from fraud, check out our article on Midtrans Fraud Detection System here.