Hello, Dear Carders, with you the Teacher and "AntiFraudScore"!
Can you imagine how many orders go through the anti-fraud system every day? What load do you imagine? And if each order is checked according to scripts created by the administrators, then it develops into a huge problem!
Filters - what are they?
In the last article, we touched on them a little, but did not analyze them in detail. So, filters are script helpers. First of all, the order goes through the filters, after AntiFraud the systems give each argument a value and check it, and after that it is checked against the "system" and "custom" scripts.
How do AntiFraud systems work?
0. You enter data into the payment system (merchant), then this system, usually through the API, sends this data for verification to the anti-fraud system.
1. Each argument in the order is given a value (for example, Order Amount in USD gets the value "565").
2. There is a selection by filters. A little later, we will analyze this item in more detail.
3. Next, each argument is checked and the arguments are assigned "trusted flags" or "risky flags".
4. After that, it is checked against the system scripts that we analyzed in the last article.
5. And only after all these actions, there is a check, according to the user-configured anti-fraud system, scripts.
Back to filters
As you can imagine, they are called "filters" for a reason. They sort orders by "risk classes", by "weight" amounts in USD and other parameters. Let's take standard filters based on the expected FraudScore (PreliminaryFraudScore Rating), for example:
Filters are as simple as possible so as not to overload the system. This filter performs a simple check: if the "expected" FS of the order is greater than 90, then cancel the order.
In this case, the filter will send the order to the terminal for human verification if the expected FraudScore is greater than 50.
This is a very primitive example, you should not focus on it, because the user configures each filter as he wants. In some systems, users can create an unlimited number of filters, which again greatly affects the productivity of the system. Usually a user can create up to 10-20 filters.
Most used filters
Filter # 1
Explanation # 1
If the Billing country is not the same as the Shipping country, then send the order for human verification.
Filter # 2
Explanation # 2
If the IP is in the database of known anonymous Proxy, then send an order for human verification. Larger stores boldly put "Cancel Order" if the IP is from the proxy list.
Filter # 3
Explanation # 3
If your E-Mail is in Blacklists, then any anti-fraud system will automatically cancel your order using a filter.
Filter # 4
Explanation # 4
If your IP is in any Blacklist database, then your order will be canceled. The most popular Blacklist bases: CBL, SORBS-DUHL, SORBS-BLOCK, UBL, SBL, PSBL.
Filter # 5
Explanation # 5
The higher the Global Alexa Rank, that is, the higher the website traffic, the more value is given to this filter, because people simply will not have time to check orders, there will be too many of them.
Filter # 6
Also, if the filter condition is met, in some anti-fraud systems, you can select any rule from the list of "user" scripts and execute it. For instance:
Explanation # 6
In this case, if the expected FraudScore is greater than the specified value, in our case the value is 70, a check (custom script) called "Check Address IP to Address Billing" will be performed .
Scripts in AntiFraud systems or how to get rid of carders
And today we decided to reveal to you the secret of how giver stores are "bullied" with the help of antifraud systems.
How to get rid of annoying carders?
Sitting "Petya" at the computer, in carding he recently, but has already achieved some success - he found a "giving" cardable store. Petya, the guy is not stupid, but unfortunately, instead of replenishing the library of "giving" cardable shops, he, out of his stupidity, decided to work with only one store. Feeling the excitement, Petya disperses to the "full" and orders goods every day, from different cards and accounts. In addition to Petya, another 50,000 regular customers live in the store he found, and 0.05-0.3% of them are carders, the same as Petya.
Over time, the store begins to incur more and more losses, critical, but it would not hurt to get rid of them. Therefore, the entrepreneur "Vasily", who runs this online store, decides to write some rules for accepting orders, which only he knows.
Customizable scripts (Rules)
Almost any antifraud system has this called "rules" - customizable transaction validation scripts before the order gets to the "general" test, the system must perform these "rules".
For starters, we should say that the rules are not only customizable but built initially, such scripts cannot be edited. For example, any system has built-in rules for setting the "hardness" of the system, which directly depend on the amount of the transaction in $ USD. Each system has different rules, their number may not be limited. Depending on how many checks go through the system per day, the rules themselves will change, they will "adjust" to the carders. That is, the more checks the anti-fraud system performs per day, the more accurately it can separate fraudulent orders from "decent" ones.
Let's take a closer look at what these rules look like and how they work. First, let's take the usual rules that define the rigidity of the system. They look approximately the same in any anti-fraud system, only the comparison values change.
So, we have an argument "Amount order in USD", it contains a numerical value - the amount of money of a certain transaction in dollars. The anti-fraud system, having analyzed, for example, more than 1,000,000 orders, noticed that 10% of orders in the category "above $ 500" are fraudulent. And orders below $ 30, on the contrary, are mostly "legitimate", among them only 0.03% of orders are fraudulent. Based on this data, the system will change the rules from day to day.
What do they look like?
Let's give an example of standard rules for an argument "Amount order in USD".
Rule # 1
Rule # 2
Rule # 3
Custom rules
There can be an infinite number of filters in "custom" scripts. For example, if according to the statistics that can be viewed in the terminal of the anti-fraud system, there are more fraudulent orders from GMail, then you can configure the rule:
If you notice that fraudulent orders are distinguished not only by the frequent use of GMail, but also by the country, then the check can be tightened. For example, "legal" orders are mostly from the US, and fraudulent orders from the UK and with GMail mail, you can create a rule:
To summarize, do not hit the same store constantly, and at the same time in the same way. Be creative, add to your library of "giving" cardable shops and you will succeed! If you would like to find out why one or another order does not come in, do not stand still, try to clarify the details of the "protection" from the store's supports in the chat. Ask questions if you don't understand something. And if you would like to find out why one or another order does not come in for you, write to us and we will help you.
Thanks for attention!
Can you imagine how many orders go through the anti-fraud system every day? What load do you imagine? And if each order is checked according to scripts created by the administrators, then it develops into a huge problem!
Filters - what are they?
In the last article, we touched on them a little, but did not analyze them in detail. So, filters are script helpers. First of all, the order goes through the filters, after AntiFraud the systems give each argument a value and check it, and after that it is checked against the "system" and "custom" scripts.
How do AntiFraud systems work?
0. You enter data into the payment system (merchant), then this system, usually through the API, sends this data for verification to the anti-fraud system.
1. Each argument in the order is given a value (for example, Order Amount in USD gets the value "565").
2. There is a selection by filters. A little later, we will analyze this item in more detail.
3. Next, each argument is checked and the arguments are assigned "trusted flags" or "risky flags".
4. After that, it is checked against the system scripts that we analyzed in the last article.
5. And only after all these actions, there is a check, according to the user-configured anti-fraud system, scripts.
Back to filters
As you can imagine, they are called "filters" for a reason. They sort orders by "risk classes", by "weight" amounts in USD and other parameters. Let's take standard filters based on the expected FraudScore (PreliminaryFraudScore Rating), for example:
Filters are as simple as possible so as not to overload the system. This filter performs a simple check: if the "expected" FS of the order is greater than 90, then cancel the order.
In this case, the filter will send the order to the terminal for human verification if the expected FraudScore is greater than 50.
And accordingly, if the PreliminaryFraudScore is less than or equal to 50, then accept the order.
This is a very primitive example, you should not focus on it, because the user configures each filter as he wants. In some systems, users can create an unlimited number of filters, which again greatly affects the productivity of the system. Usually a user can create up to 10-20 filters.
Most used filters
Filter # 1
Explanation # 1
If the Billing country is not the same as the Shipping country, then send the order for human verification.
Filter # 2
Explanation # 2
If the IP is in the database of known anonymous Proxy, then send an order for human verification. Larger stores boldly put "Cancel Order" if the IP is from the proxy list.
Filter # 3
Explanation # 3
If your E-Mail is in Blacklists, then any anti-fraud system will automatically cancel your order using a filter.
Filter # 4
Explanation # 4
If your IP is in any Blacklist database, then your order will be canceled. The most popular Blacklist bases: CBL, SORBS-DUHL, SORBS-BLOCK, UBL, SBL, PSBL.
Filter # 5
Explanation # 5
The higher the Global Alexa Rank, that is, the higher the website traffic, the more value is given to this filter, because people simply will not have time to check orders, there will be too many of them.
Filter # 6
Also, if the filter condition is met, in some anti-fraud systems, you can select any rule from the list of "user" scripts and execute it. For instance:
Explanation # 6
In this case, if the expected FraudScore is greater than the specified value, in our case the value is 70, a check (custom script) called "Check Address IP to Address Billing" will be performed .
Scripts in AntiFraud systems or how to get rid of carders
And today we decided to reveal to you the secret of how giver stores are "bullied" with the help of antifraud systems.
How to get rid of annoying carders?
Sitting "Petya" at the computer, in carding he recently, but has already achieved some success - he found a "giving" cardable store. Petya, the guy is not stupid, but unfortunately, instead of replenishing the library of "giving" cardable shops, he, out of his stupidity, decided to work with only one store. Feeling the excitement, Petya disperses to the "full" and orders goods every day, from different cards and accounts. In addition to Petya, another 50,000 regular customers live in the store he found, and 0.05-0.3% of them are carders, the same as Petya.
Over time, the store begins to incur more and more losses, critical, but it would not hurt to get rid of them. Therefore, the entrepreneur "Vasily", who runs this online store, decides to write some rules for accepting orders, which only he knows.
Customizable scripts (Rules)
Almost any antifraud system has this called "rules" - customizable transaction validation scripts before the order gets to the "general" test, the system must perform these "rules".
For starters, we should say that the rules are not only customizable but built initially, such scripts cannot be edited. For example, any system has built-in rules for setting the "hardness" of the system, which directly depend on the amount of the transaction in $ USD. Each system has different rules, their number may not be limited. Depending on how many checks go through the system per day, the rules themselves will change, they will "adjust" to the carders. That is, the more checks the anti-fraud system performs per day, the more accurately it can separate fraudulent orders from "decent" ones.
Let's take a closer look at what these rules look like and how they work. First, let's take the usual rules that define the rigidity of the system. They look approximately the same in any anti-fraud system, only the comparison values change.
So, we have an argument "Amount order in USD", it contains a numerical value - the amount of money of a certain transaction in dollars. The anti-fraud system, having analyzed, for example, more than 1,000,000 orders, noticed that 10% of orders in the category "above $ 500" are fraudulent. And orders below $ 30, on the contrary, are mostly "legitimate", among them only 0.03% of orders are fraudulent. Based on this data, the system will change the rules from day to day.
What do they look like?
Let's give an example of standard rules for an argument "Amount order in USD".
Rule # 1
That is, if the transaction amount is more than $ 800, then the system is configured for the most stringent verification.
Rule # 2
In this rule, the amount of the transaction must be greater than or equal to $ 2000, in which case, in addition to the rigidity of the system, a "flag" will appear on your transaction in the terminal of the anti-fraud system indicating high risks. Such orders stand out before the eyes and therefore it is impossible for a person to "miss by mistake".
Rule # 3
In this check, orders are filtered by two filters at once, and then the found transactions are quickly checked by the system.
Custom rules
There can be an infinite number of filters in "custom" scripts. For example, if according to the statistics that can be viewed in the terminal of the anti-fraud system, there are more fraudulent orders from GMail, then you can configure the rule:
That is, automatically cancel all orders with GMail mail, but naturally no one will configure the system, because this is very "rude". In this case, it would be better to set up the rule so that all orders from GMail go to people for verification.
If you notice that fraudulent orders are distinguished not only by the frequent use of GMail, but also by the country, then the check can be tightened. For example, "legal" orders are mostly from the US, and fraudulent orders from the UK and with GMail mail, you can create a rule:
Now orders with GMail and IP's from the UK will get to people for verification, and people will already be able to distinguish, with a small margin of error, a fraudulent order or not.
To summarize, do not hit the same store constantly, and at the same time in the same way. Be creative, add to your library of "giving" cardable shops and you will succeed! If you would like to find out why one or another order does not come in, do not stand still, try to clarify the details of the "protection" from the store's supports in the chat. Ask questions if you don't understand something. And if you would like to find out why one or another order does not come in for you, write to us and we will help you.
Thanks for attention!
