Chargebacks911
Velocity Checks

Velocity Checks: One of the 10 Key Fraud Prevention Tools

When we talk about fraud, it’s important to remember that it’s not a singular, static problem with just one solution. Effective fraud management demands a multilayer approach, deploying a variety of tactics to attack fraud from multiple angles.

For instance, did you know that a fraudster who submits an unauthorized transaction is probably not the same person who stole a cardholder’s information?

Fraudsters usually buy stolen cardholder information in bulk from hackers. They also run numerous transactions in quick succession, with the aim being to get as much value out of the data as possible before being detected.

So, if that’s the case, you could stop many fraud attacks — or at least minimize losses — by deploying a tool to restrict the number of transactions a user can submit at a time. That’s why velocity checks should become a cornerstone of your anti-fraud strategy.

What are Velocity Checks?

Velocity checks

[noun]/və • lä • sə • dē • CHek/

Velocity checks (sometimes referred to as “velocity limits”) are a fraud prevention mechanism widely used by eCommerce merchants. The tool is designed to flag potential fraud based on the rate at which a buyer submits multiple transactions.

Velocity checks, as the name suggests, monitor the frequency and speed at which a cardholder attempts transactions, logins, or account changes. If submissions are deemed to be excessive, or if purchase behavior deviates substantially from normal purchase patterns, the attempted transactions will be flagged as potential card testing or brute force attacks. They may be blocked as a result.

For example, let’s say a customer logs into Amazon.com, and attempts 5 consecutive purchases within 30 minutes. Their purchasing history shows that they usually complete one purchase in a typical month. With velocity check system in place, it may decline the transactions, or flag them for manual review.

These checks can monitor a range of data elements, including a customer’s:

• Email address
• First and last name
• Device name and language
• Installed plugins
• IP address
• Billing address
• Shipping address
• Card number

To improve the effectiveness of velocity checks, merchants should monitor multiple data points submitted at the point of sale.

A Real-World Look at Chargeback Management

Based on a survey of over 400 merchants, the report presents a comprehensive, cross-vertical look at the current state of chargebacks and chargeback management.

Access the FREE Report

How Do Velocity Checks Work?

Velocity checks establish a correlation between users and actions (or combinations thereof). These data points are then ranked by a complex system of algorithms to determine a regularity function. This function is then compared against an element of time. In the example below, these transactions made by the same buyer within a few minutes of one another would be considered suspicious:

A secondary component of this system would entail a customer initiating transactions that trigger the predetermined ruleset in any meaningful way. For instance, a handful of purchases made outside of regional operating hours, several purchases made in unusually small increments, etc. These data points can be found using sources like device fingerprinting and canvas fingerprinting.

Velocity limits can be implemented according to two specific indicators:

Credit Card Velocity Checking

These velocity checking rules are linked to the use of specific cardholder information over a period of time. The system is designed to flag any suspicious transaction volume with regard to the credit card being used.

IP-Based Velocity Checking

Velocity IP checking tracks the number of attempts that have been recorded from a particular IP address over a short period of time. These systems can flag repeated submissions from the same IP address.

4 Steps to Deploy Velocity Limits

To date, there are countless combinations of velocity rules that you can apply to filter out questionable users or transactions. That said, fraud detection platforms offering velocity checks typically follow specific steps:

Once the machine has done its work, it’s up to you to decide how to proceed. This is a fairly swift process that occurs in just seconds, with limited friction introduced at checkout.

The Importance of Velocity Checks

Velocity checks work because they target common fraud tactics. In a typical attack, a scammer will illicitly get access to card details via hacking, phishing, or by buying card numbers from black-hat data brokers on the dark web. Once the attacker discovers a working card combination, they have a limited window of opportunity to act before the card is reported as stolen and subsequently frozen or canceled. So, the scammer will often try to make a lot of high-value transactions in a short period of time to maximize their value.

If the transactions are approved, the attacker profits. If this happens, it’s already too late: by the time the cardholder uncovers the fraudulent purchases, the transactions will have already settled. As a result, the cardholder contacts their issuer to file a chargeback. That means the merchant ultimately bears the cost of fraud.

Need help? A better way to stop fraud and chargebacks is just a click away.

Velocity checks play a crucial fraud prevention role at the point of checkout. This security mechanism blocks repeated transaction attempts, thereby thwarting:

• Account Takeover (ATO) Fraud
• Card Testing Fraud
• Bots and Bot Farms
• Chargeback Fraud
• Synthetic Fraud

Velocity checks are useful in that they can be customized and tailored to respond to specific fraud indicators. For instance, systems can be configured to flag high purchase amounts from new accounts, transactions attempted from certain geographical locations, similar or identical purchases in short succession, or transactions originating from particular IP addresses.

Velocity Checks & False Positives

Velocity checks are not a panacea for all fraudulent attacks. Like many preventative measures, they are prone to false positives, which occur when valid transactions are flagged as fraudulent. For instance, legitimate buyers making multiple purchases during a promotional period, multiple accounts sharing one payment method, or buyers placing orders while traveling abroad can set off false alarms.

Merchants can reduce false positives by setting reasonable and flexible velocity thresholds that balance individual, time-based, and transaction volume-based fraud indicators. Using past account activity and purchase behavior as a guide, along with contextual data gleaned from device fingerprinting techniques, can also help stop false positives.

After all, every business faces different purchase and fraud patterns. Merchants who continually fine-tune fraud parameters in response to new information, and who use velocity checks in concert with other fraud prevention tools, are more likely to maximize their true positive rate and minimize false flags.

50 Insider Tips for Preventing More Chargebacks

In this exclusive guide, we outline the 50 most effective tools and strategies to reduce the overall number of chargebacks you receive.

Get the FREE guide

A Multi-Tiered Strategy is Best

Velocity checks are useful, but they’re just one of many fraud prevention tools that merchants should deploy. Fraud tactics are constantly evolving, so merchants should combat illicit activity using a holistic and proactive approach.

For starters, this means deploying multiple fraud prevention tools that address both checkout and post-transaction fraud risks. Doing so improves the likelihood that fraudulent activity left undeterred can be detected and neutralized by systems deployed elsewhere. 

For example, merchants can implement:

• Address Verification Service (AVS)
• CVV Verification
• Geolocation
• Proxy Piercing
• Biometrics
• Affiliate fraud screening

Learn more about fraud detection tools

Data from each of these fraud detection tools can be composed into a single, simple fraud score. This can help you quantify transaction fraud risks, compare relative risks, and flag or reject risky purchases either manually or automatically.

Velocity Controls: An Important Component of a Larger solution

Velocity checks play an important role in deterring pre-transaction fraud. Use them exclusively, however, and you’re left vulnerable against other threats. 

Take post-transaction fraud risks like friendly fraud, for example. This is a pervasive problem that, according to the 2024 Chargeback Field Report, accounts for at least 50% of all chargebacks. That’s where other fraud fighting tactics, like tactical chargeback representment, come into play.

Have questions? Reach out to Chargebacks911 for a fully-customized, no-obligation ROI analysis today.

This post Velocity Checks appeared first on Chargebacks911