Forum Discussion

Christian_Schlegel's avatar
Christian_Schlegel
Copper Contributor
Dec 18, 2024

Spotlight on ‘Velocities’ in Dynamics 365 Fraud Protection

We are excited to bring you our latest weekly spotlight series edition. This week, we are focusing on the frequently asked questions about ‘Velocities’ in DFP. Check out all the Q&A details below.

Your input is invaluable, so please feel free to reply with any questions or for more information in the Fraud Protection Tech Community.

Best regards,

DFP Product Team

 

 

1. What are velocities in Microsoft Dynamics 365 Fraud Protection? 

While Lists, ML scores, and other payload attributes give you insight into the current event that is being processed, we also have velocities that will help you consider past behavior as well. Velocities give insights into historical patterns of an individual or entity. It helps answer questions like 'how many attempted transactions coming from the same emails? Or how many unique users or IP addresses? Or how many login attempts happened in a certain amount of time such as 5 or 10 minutes? Perhaps, I want to block anyone who tries to login into the web site more than 3 times in under ten minutes then I can do that. Velocities help identify patterns of events that occur over a period of time, which can be monitored to identify potentially fraudulent activity. By defining velocities, you can set thresholds to flag activities as suspicious when they exceed certain limits.

References: 

https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities 

 

 

 

2. How would someone use velocities in fraud protection?

Velocities can be used in various ways, such as: 

  • Setting Rules: Define rules using velocities to automatically flag transactions that exceed predefined thresholds.
  • Monitoring Patterns: Keep an eye on the frequency and volume of events associated with user accounts, payment instruments, or IP addresses.
  • Investigating Anomalies: Use velocity data to investigate and understand unusual patterns that could indicate fraudulent behavior.

References: 

  • https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities

 

 

 

3. Can you provide examples of velocities?

Yes, here are a few examples: 

  • Total Spending Per User: This velocity tracks the sum of money spent by each user over a specified time frame.
  • IP Address Usage: This velocity monitors the number of times an IP address is used to create new accounts.
  • Device ID Checks: This velocity observes how often a particular device ID is used in transactions.

References: 

  • https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities

 

 

 

4. Are there any system-defined velocities?

Yes, Dynamics 365 Fraud Protection creates several system-defined velocities per environment, such as email, payment instrument, IP, and device ID velocities. These can be customized to fit the specific needs of your business. 

References: 

https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities#system-defined-default-velocities 

 

 

 

5. Why isn't my velocity rule being hit by some transactions even though the conditions are met?

Microsoft D365 Fraud Protection is a distributed system. In a distributed system, events can happen concurrently and there is no sequence/order between them if they arrive at the same time.  (For transactions that come in at the same time, DFP does not block one transaction for the other.)  From a velocity standpoint, which would mean that multiple transactions sent at the same time can be considered the “first one” and in these cases can influence the aggregate count of the velocity. One potential way to mitigate this on the customer side would be for you to sequentially execute your transactions one by one (i.e., only send the next transaction after the previous one is done being processed), however this may not be a desired behavior as it would result in longer latencies for those transactions that get executed later. 

References: 

  • https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities

 

 

 

6. Do you recommend using device ID to set up a velocity rule?

In Microsoft Dynamics 365 Fraud Protection, setting up velocity rules using device ID can be an effective method to identify suspicious activity patterns. For instance, velocity checks can help you spot patterns such as a single credit card quickly placing many orders from a single IP address or device, which might indicate potential fraud. You can define velocities using the SELECT, FROM, WHEN, and GROUPBY keywords, and device ID can be a useful attribute to GROUPBY in your velocity definition. 

It is important to tailor the velocity rules to the specific patterns and behaviors that are indicative of fraud in your business context. The device ID can be a valuable attribute to monitoring, especially if device-related fraud is a concern for your organization. Always ensure that the field you want to observe for velocity is part of the API call and consider the specific conditions and thresholds that are relevant to your business when defining these rules. 

References: 

  • https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities
  • https://learn.microsoft.com/en-us/dynamics365/fraud-protection/rules

 

 

 

7. In the recommended rules, there are velocity-based rules. How did you set the threshold for those velocity-based rules?

The threshold for velocity-based rules in Microsoft Dynamics 365 Fraud Protection is typically set based on historical data analysis and the specific fraud patterns observed within your organization. It involves identifying the normal transaction velocity for legitimate users and then setting thresholds that would flag transactions as suspicious when they exceed this normal velocity. 

It is important to continuously monitor and adjust these thresholds as fraud patterns evolve and as you gather more data on user behavior. Collaboration with your fraud management team and using machine learning models can also help in dynamically adjusting these thresholds to improve fraud detection accuracy.

 

 

 

8. Where can I find more information on setting up velocities? 

You can find detailed instructions and examples on the official Microsoft documentation site for Dynamics 365 Fraud Protection here: https://learn.microsoft.com/en-us/dynamics365/fraud-protection/velocities 

 

Fraud Protection
No RepliesBe the first to reply

Resources