Fraud prevention

Fraud Prevention protects merchants, customers, and acquiring banks across card and A2A payment flows. It combines real-time risk evaluation, configurable rules, and list-based controls to stop fraud early without adding unnecessary friction.

Why it matters

Fraud prevention must protect revenue and keep checkout moving. EGW applies risk controls at the right point in the payment flow, so teams can reduce fraud exposure while preserving approval rates and customer experience.

Core capabilities

Real-time rule engine

Each transaction is evaluated against configurable risk rules and behavioral thresholds. Rules can decline a transaction, flag it as suspicious, or route it for further review.

Block and allow lists

Block lists stop known high-risk traffic using identifiers such as IP address, BIN range, email, or other transaction attributes. Allow lists support trusted cards, customers, or sources and can be combined with transaction limits and monitoring rules.

Event and behavior-based controls

Rules can react to patterns such as repeated failed attempts, abnormal transaction volume, or geo mismatches. EGW also supports merchant-specific baselines, so decisions can reflect historical behavior instead of static thresholds only.

Controlled rule lifecycle

Rules can be created in Drools (DRL) or through the user interface. Teams can test them against historical data before activation and apply four-eyes approval for controlled rollout.

How fraud checks are applied

Card payments

Fraud checks run after card data is entered, when relevant payment context becomes available. Rules can use cardholder data, token details, IP address, device signals, geography, amount, and transaction velocity.

A2A payments

Fraud checks run after bank selection, when payer and session context is available. Rules can use geolocation, IP address, device data, merchant profile, payment amount, and behavioral indicators.

Example controls

• Decline four card attempts with different amounts within 60 seconds.

• Flag merchants whose daily sales exceed 150% of their historical average.

• Block transactions where the IP country does not match the shipping country.

• Detect BIN attacks based on network or processor-defined thresholds.

Operations and visibility

Fraud decisions are returned with reason codes and rule IDs. This gives merchants and operators full traceability for every evaluated transaction.

In the Merchant Portal, teams can review flagged transactions, manage block and allow lists, and export fraud-related reports. In the Administration Portal, gateway operators manage global and merchant-level rules, monitor events, and analyze fraud trends across the platform.

Business value

• Reduces fraud losses and chargeback exposure.

• Limits manual review by automating risk decisions.

• Balances security, conversion, and operational control across payment channels.