Payment Fraud Detection (PFD)

This document provides a detailed overview of how Fraudio's Payment Fraud Detection (PFD) product works. It is intended for technical and risk teams who want to understand the underlying detection logic beyond the API layer.

Fraudio's PFD product assigns fraud scores to transactions in real time, providing an immediate risk assessment for each transaction as it occurs. The product is accessed through the Payment Fraud Score endpoint, which returns a fraud score (0-1) and recommendation (green/yellow/red/unavailable) for each transaction, enabling automated decision-making at the point of authorization.

Reported Entity

The Payment Fraud Detection product evaluates and reports on individual transactions. Each API call to the Payment Fraud Score endpoint receives a single transaction and returns a fraud score and recommendation for that specific transaction.

Scope & Coverage

Fraud Types Detected

The primary labels used by Fraudio's PFD product are fraud-related chargebacks and fraud notifications. These labels indicate transactions that have been confirmed as fraudulent through chargeback processes or fraud notifications from card networks, issuers, or other fraud detection systems.

Payment fraud, sometimes referred to as transaction fraud, refers to fraudulent activities related to the unauthorised use of financial payment cards or account information. The PFD product detects various types of payment fraud, including:

• Credit card fraud: using a stolen credit card number to make unauthorised purchases
• Friendly fraud: when a customer fraudulently disputes a legitimate charge for their own gain
• Identity theft: using someone's financial information to open accounts or make purchases in their name
• Phishing and scams: tricking people into providing account numbers, PINs, or other sensitive info

Transaction fraud is a major problem for banks, merchants, and payment networks and they employ various fraud detection and prevention techniques to try to mitigate it.

Limitations

The PFD product is not intended to cover:

• Service-related chargebacks – The AI focuses on fraud-related chargebacks and fraud notifications, not on service-related chargebacks (e.g., disputes related to product quality, delivery issues, or customer service problems). While the system will attempt to detect service-related chargebacks, some factors simply cannot be considered from transaction data alone. Service-related chargebacks are difficult to detect because the transaction itself may appear legitimate—the card was authorised, the payment was processed correctly, and the transaction pattern may not deviate from normal behaviour. The dispute arises from issues outside the payment transaction itself, such as delivery failures, product defects, or merchant service problems, which cannot be determined from payment data alone.
• Patterns that cannot be triggered due to missing or incomplete data – Certain models depend on specific inputs. If these fields are missing or inaccurate, detection accuracy may be reduced.
• Cases where systemic data quality issues affect feature computation – If the incoming transaction data is heavily delayed, incorrect, or inconsistent, the aggregated features may not accurately reflect transaction risk.

If your risk appetite or fraud concerns extend beyond the current scope, Fraudio can work with you to evaluate and expand coverage.

Technical Overview

Fraudio's PFD product transforms individual transaction data into enriched features using aggregations, then evaluates these features using machine learning models to generate fraud scores. The system operates in real time, providing immediate risk assessment for each transaction.

The detection process consists of two distinct stages: data enrichment (transforming raw transaction data into meaningful aggregated features) and scoring (evaluating those features to determine fraud risk). These stages are described below.

Data & Feature Enrichment

The Payment Fraud Detection product enriches raw transaction data through multiple feature types:

• Raw Transaction-level features: Direct attributes of the current transaction (amount, currency, merchant, location, etc.)

• Enriched Transaction-level features: Raw transactions are enriched with external data sources to provide additional context for fraud detection:

  • BIN data: Information about the card's Bank Identification Number, including issuer details, card type, and country of origin
  • IP data: Intelligence about IP addresses, including VPN detection, proxy identification, and geographic location verification
  • Email data: Analysis of email addresses, including detection of disposable email domains and other risk indicators
  • Country data: Risk assessment based on country-level intelligence, including identification of high-risk jurisdictions and sanctioned countries

• Historical aggregates: Statistical summaries of past transactions for the card, cardholder, merchant, or other entities

• Peer group comparisons: How the transaction compares to similar transactions in the network

These features provide the context needed for the machine learning models to assess fraud risk. The enrichment approach allows the system to:

• Compare current transaction behavior to historical patterns
• Identify deviations from expected norms
• Leverage network-wide insights and external intelligence while maintaining real-time performance

The enrichment process is optimized for low latency, ensuring that feature computation and model scoring can be completed within the real-time response requirements of payment authorization flows.

For more information on how aggregations and other data enrichment techniques work, see the Techniques & Backend documentation.

Hybrid ML-Based Scoring

Once features have been enriched, the product employs a combination of supervised, unsupervised, and ensemble learning techniques to evaluate fraud risk:

• Supervised Learning: Models trained on historical fraud labels (fraud-related chargebacks and fraud notifications) recognise known fraud patterns. These models leverage confirmed fraud cases to identify similar high-risk patterns in new transactions.

• Unsupervised Learning: Anomaly detection models identify deviations from expected transaction patterns without requiring prior fraud labels. This enables detection of new or emerging fraud schemes.

• Ensemble Learning: The outputs from supervised and unsupervised approaches are integrated through an ensemble framework to produce a single, unified fraud score and recommendation. The ensemble adaptively combines model outputs to deliver robust fraud detection across diverse scenarios.

For detailed explanations of these machine learning approaches, including how Random Forests, autoencoders, and ensemble methods work, see the Techniques & Backend documentation.

For information about the response format from the Payment Fraud Score endpoint, including score, recommendation, and notes fields, see the Response Handling Section.