# Fraud prevention Fraud Prevention protects merchants, customers, and acquiring banks across card and A2A payment flows. It combines real-time risk evaluation, configurable rules, and list-based controls to stop fraud early without adding unnecessary friction. ### Why it matters Fraud prevention must protect revenue and keep checkout moving. EGW applies risk controls at the right point in the payment flow, so teams can reduce fraud exposure while preserving approval rates and customer experience. ### Core capabilities #### Real-time rule engine Each transaction is evaluated against configurable risk rules and behavioral thresholds. Rules can decline a transaction, flag it as suspicious, or route it for further review. #### Block and allow lists Block lists stop known high-risk traffic using identifiers such as IP address, BIN range, email, or other transaction attributes. Allow lists support trusted cards, customers, or sources and can be combined with transaction limits and monitoring rules. #### Event and behavior-based controls Rules can react to patterns such as repeated failed attempts, abnormal transaction volume, or geo mismatches. EGW also supports merchant-specific baselines, so decisions can reflect historical behavior instead of static thresholds only. #### Controlled rule lifecycle Rules can be created in Drools (DRL) or through the user interface. Teams can test them against historical data before activation and apply four-eyes approval for controlled rollout. ### How fraud checks are applied #### Card payments Fraud checks run after card data is entered, when relevant payment context becomes available. Rules can use cardholder data, token details, IP address, device signals, geography, amount, and transaction velocity. #### A2A payments Fraud checks run after bank selection, when payer and session context is available. Rules can use geolocation, IP address, device data, merchant profile, payment amount, and behavioral indicators. ### Example controls * Decline four card attempts with different amounts within 60 seconds. * Flag merchants whose daily sales exceed 150% of their historical average. * Block transactions where the IP country does not match the shipping country. * Detect BIN attacks based on network or processor-defined thresholds. ### Operations and visibility Fraud decisions are returned with reason codes and rule IDs. This gives merchants and operators full traceability for every evaluated transaction. In the **Merchant Portal**, teams can review flagged transactions, manage block and allow lists, and export fraud-related reports. In the **Administration Portal**, gateway operators manage global and merchant-level rules, monitor events, and analyze fraud trends across the platform. ### Business value * Reduces fraud losses and chargeback exposure. * Limits manual review by automating risk decisions. * Balances security, conversion, and operational control across payment channels. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://doc.ecomm.api.tietoevry.com/features/fraud-prevention.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.