GH GambleHub

Antifrod we düzgünleri sazlamak

TL; DR

Antifrod "hüjümçileri tutmak" däl-de, girdejini optimizirlemekdir: Cost of Friction (CoF) we AR_net çäklendirilen Froddan we Çarjbeklerden Expected Loss (EL) iň az. Esasy shema: skoring (ML) → bosagasy/lenka step-up → düzgünler (policy & velocity) → el bilen barlamak. Üstünlik berýär: arassa bellikler, durnukly çişler, ykdysady taýdan kalibrlenen çäk, kanareýa goýberişleri, berk idempotentlik we düzgünleriň dolandyrylyşy.

1) Ykdysady sahnalaşdyrma

Expected Loss:
  • `EL = P_fraud(tx) × Exposure(tx)`; Adatça 'Exposure = captured_amount'.
Cost of Friction (CoF):
  • `CoF = (Abandon_on_Friction × LTV_new/ret) + Opex_review + Fees_stepup`.
Maksat funksiýasy (iň ýokary profit):
  • `Profit = GGR − Cost_payments − EL − CoF`.

Iň amatly çäk 'τ': score-cutoff 'd (Profit )/d τ = 0' ýa-da min ('EL + CoF'). Iş ýüzünde - cost-sensitive ROC/PR agramly: 'w _ fraud = Exposure', 'w _ fp = LTV_loss + opex'.

2) Barmak (step-up ladder)

1. Awto-approve (pes töwekgelçilik): derrew geçmek, mümkin bolan 3DS frictionless.
2. Step-up A: 3DS challenge / SCA / device-challenge / reCAPTCHA.
3. Step-up B: легкий KYC (doc selfie/face-match, liveness).
4. Manual review: analitikde kazyýet işi (SLA, reason-codes).
5. Auto-decline: ýokary töwekgelçilik/sanksiýalar/pullar/talon anomaliýalary.

Çäk/şahasy skoring balyna, jemi ('ticket _ size'), ýurda, BIN/issuer, özüni alyp baryş aýratynlyklaryna we kontekstine (bonus kampaniýalary, gijeki penjireler, velocity) baglydyr.

3) Signallar we çyzgylar (iň az binýat)

Töleg: BIN/IIN, issuer_country, ECI/3DS flow, AVS/CVV match, soft-decline kodlary, taryhda yzyna gaýtarmalar/disputes.
Özüňi alyp barşyň tizligi (velocity: 'cards/device/ip/email'), gije-gündiziň wagty, first-seen/last-seen, hasaplaryň "topologiýasy" (graf-baglanyşyklar: umumy enjamlar/kartlar/gapjyklar).
Enjam/tor: device fingerprint, emulýatorlar/jail/rut, proxy/VPN/TOR, ASN/hostingler.
Anti-bonus: referal-sindikatlar, "nasos" bonuslary, anomal patternler depozit → oýnamazdan çykarmak.
Tölegler/gapjyklar/talonlar: PIN gaýtalary, geo-mismatç, "tizlikli" seýrek, muling kaskadlary.
KYC/KYB: derejesi, tassyklamalary, SoF/SoW baýdaklary.
Sanksiýalar/RER/blok-listler: sanawlar boýunça gabat gelmek, doly ady/salgysy boýunça fuzzi-oýun.

💡 Fiçler durnukly we köpugurly bolmaly: anyk kesgitlemeler, gelejek syzmazdan, gollanmalar we wersiýalaşdyrmalar bilen.

4) Stek: ML + düzgünler

ML (primary ranker): GBM/Tree-ensembles/NN, обучен на `label = chargebackconfirmed fraud ', time-based split,' PSI/KS 'monitoring.
Düzgünler (policy & velocity): sanksiýalar/kanuny gadaganlyklar (berk), tizlik çäkleri, anti-bonus (domen), "traffik" baýdaklary.
Kompozisiýa: 'decision = f (score, rules, context)' → ýelek şahasy.
Explainability: SHAP/feature-impact → mapping in reason_codes for sapport and RCA.

5) Hil ölçegleri (anyk esaslar bilen)

AR_clean = `Auth_Approved / (Auth_Attempted − Fraud_preblocked − Abandon_3DS)`

Fraud Rate (tutma boýunça) = 'Fraud _ captured _ amount/ Captured_amount'

Çargeback Rate = 'Chargeback _ count/ Captured_Tx' (ýa-da jemi boýunça)

False Positive Rate (FP) = `Legit_declined / Legit_attempted`

Step-up Rate = `StepUp_tx / Auth_Attempted`, Abandon_on_StepUp

Auto-approve %, Manual review %, Review SLA/TtA

Sazlamadan soň Net Profit uplift (AB-tapawudy EL + CoF vs gözegçilik).

Görkezmeler: Täze ulanyjylaryň FP ≤ 1-2% (göwrümi boýunça), Fraud (jemi boýunça) - ygtyýarnamanyň/shemalaryň maksatly koridorynda.

6) Düzgünleriň çäkleri we syýasaty

6. 1 Bosagany kalibrlemek

cost-curve gurýarys: her biri üçin 'τ' hasaplaýarys 'EL (τ) + CoF (τ)'.
Iň az 'τ' saýlaýarys. high-ticket üçin - aýratyn 'τ _ hi'.

6. 2 Adaty düzgünler (psevdokod)

yaml
- name: SANCTIONS_HIT when: sanctions_match==true action: DECLINE reason: "Sanctions/PEP match"

- name: BIN_RISKY_3DS when: bin in RISKY_BINS and score in [τ_low, τ_mid)
action: STEPUP_3DS

- name: DEVICE_VELOCITY_LOCK when: device_id in last_10min.deposits > 3 action: DECLINE_TEMPORARY ttl: 2h

- name: BONUS_ABUSE_GUARD when: (bonus_received and gameplay_turnover < Xdeposit_amount) and payout_request action: HOLD_REVIEW reason: "Turnover not met"

6. 3 Dinamiki çäkler

Töwekgelçilik derejesi (risk-tier) boýunça geleşikleriň möçberiniň we sanynyň çägi: 'R1/R2/R3'.
Täze hasaplar üçin adaptasiýa çäkleri, gowy hekaýa bilen gyzdyrmak.

7) Düzgünleriň durmuş sikli (governance)

DSL/wersiýalary, eýesi we täsiriniň beýany bolan düzgünleriň sanawy.
Shadow mode → canary (5–10%) → full rollout.
RACI: Owner (Payments Risk), Approver (Compliance/Legal), Consulted (Support/Treasury), Informed (Ops).
Audit-log: kim/haçan üýtgetdi, haýsy metrikler/AV, yzyna gaýtarmak.
Düzgüniň ýaramlylyk möhleti we gaýtadan baha bermek (mysal üçin 30/60 gün).

8) Maglumatlar we modelleri taýýarlamak

Wagt boýunça bölünýär, syzdyrylmaýar (features diňe öňki penjireden).
Maksat nyşany: confirmed fraud/chargeback; aýratyn bellikler bonus abuse.
Jemi boýunça synplary reweighing (amount-weighted loss).
Drift-monitoring: Esasy aýratynlyklar üçin PSI, tizlik üçin KS, esasy durnuklylyk.
Retrain tetikler: PSI> 0. 25, KS ýykylmagy, traffigiň/ýurisdiksiýalaryň üýtgemegi.

9) Düşündirilebilirlik we sapport

Her çözgüt üçin adam tarapyndan okalýan maslahatlar bilen reason_codes (5-e çenli sebäp) döredýäris.
Step-up/şowsuzlyklar boýunça sapport-makroslar (3DS, KYC, turnover).
Jedeller/jedeller: seslenme labeling pipeline düşýär (aýlawy ýapýarys).

10) Gabat gelmek we gizlinlik

GDPR/DSAR: çözgüdi düşündirmek hukugy; PII-ni azaltmak; identifikatorlary kesmek (email/phone/PAN-token).
PCI-DSS: PAN-safe akymlary, tokenizasiýa.
Sanksiýalar/AML: skriningiň aýratyn kontury + MLRO-nyň güýçlenmegi.
Retention: signallary saklamak syýasaty we çözgütleriň esaslary.

11) Gözegçilik we alertler (her sagat/her gün)

AR_clean, Fraud (amt%), FP (retention-weighted), Step-up/Abandon, Review SLA, Chargeback Rate (lagged).
Velocity, TOR/Proxy/ASN-hostingleriň ösüşi, BIN-degradasiýalar, woker-seýrek.
Alertler: FP> koridor, Fraud> target, Abandon> bazalar + X pp, PSI/KS süýşmesi.

12) SQL dilimleri (mysal)

12. 1 Esasy metrikler

sql
WITH base AS (
SELECT
DATE_TRUNC('day', attempt_ts) d, country, provider, method_code,
COUNT() FILTER (WHERE auth_status='ATTEMPTED') AS attempted,
COUNT() FILTER (WHERE auth_status='APPROVED') AS approved,
COUNT() FILTER (WHERE decision='DECLINE' AND label='LEGIT') AS fp_cnt,
SUM(captured_amount) AS cap_amt,
SUM(CASE WHEN label='FRAUD' THEN captured_amount ELSE 0 END) AS fraud_amt
FROM payments_flat
GROUP BY 1,2,3,4
)
SELECT d, country, provider, method_code,
approved::decimal/NULLIF(attempted,0) AS ar_clean,
fraud_amt::decimal/NULLIF(cap_amt,0)  AS fraud_rate_amt,
fp_cnt::decimal/NULLIF(attempted,0)  AS fp_rate
FROM base;

12. 2 Step-up we şowsuzlyklar

sql
SELECT
DATE_TRUNC('day', attempt_ts) d,
WIDTH_BUCKET(score, 0, 1, 10) AS bucket,
AVG(CASE WHEN decision='STEPUP' THEN 1 ELSE 0 END) AS stepup_share,
AVG(CASE WHEN decision='DECLINE' THEN 1 ELSE 0 END) AS decline_share,
AVG(CASE WHEN stepup_abandon THEN 1 ELSE 0 END) AS abandon_after_stepup
FROM risk_events
GROUP BY 1,2
ORDER BY d, bucket;

13) Sazlama pleýbuklary

Durnukly FP → 'τ' -de Fraud (amt%) ösüşi ,/ASN enjamlarynda velocity güýçlendirmek, gowşak BIN-de 3DS-challenge açmak.
Täze FP-de ýokary → low-ticket üçin 'τ' ýumşadyň, bir bölegini gyşarmagyň ýerine Step-up A-a geçiriň.
3DS-de Abandon ↑ → PSP bilen 3DS2 parametrleri barada ylalaşyň, UX-ni gowulandyryň, low-risk üçin ykjam step-upy daraltyň.
Sindividual bonus torlary → graf çyzyklary, "paralel" tölegleri çäklendirmek, turnover-düzgünler.
Çaý anomaliýalary → velocity PIN/satyjy/geo, device-binding, hold barlanmazdan ozal.

14) Giriş: çek-sanawy

  • Bosaganyň ykdysady kalibrlenmegi ('EL + CoF'), segmentler boýunça aýratyn 'τ'.
  • Düzgünler sanawy (DSL), shadow → canary → rollout, audit we yzyna gaýtarmak.
  • Reason-codes we aragatnaşyk şablonlary.
  • Gözegçilik PSI/KS, süýşmek/tizlik, yzygiderli retrain.
  • Seslenme kanaly (jedeller → bellikler).
  • KYC/step-up, SLA syny we TtA/TtR syýasaty.
  • Gizlinlik: identifikatorlary kesmek, PII-ni azaltmak.

15) Gysgaça mazmuny

Antifrod sazlamak, dolandyrylýan sürtülme bilen girdejini ulgamlaýyn optimizirlemekdir: ML-skoring + oýlanyşykly ädim-ädim, berk kanuny düzgünler we takyk velocity-çäklendirmeler. Bosaganyň ykdysady kalibrlenmegi, arassa bellikler, kanareýanyň ýerleşdirilmegi we berk dolandyrylmak, jemi pes Fraud, täze pes FP, ýokary AR_net - gabat gelmek we UX üçin garaşylmadyk ýagdaýda.

Contact

Biziň bilen habarlaşyň

Islendik sorag ýa-da goldaw boýunça bize ýazyp bilersiňiz.Biz hemişe kömek etmäge taýýar.

Integrasiýany başlamak

Email — hökmany. Telegram ýa-da WhatsApp — islege görä.

Adyňyz obýýektiw däl / islege görä
Email obýýektiw däl / islege görä
Tema obýýektiw däl / islege görä
Habar obýýektiw däl / islege görä
Telegram obýýektiw däl / islege görä
@
Eger Telegram görkezen bolsaňyz — Email-den daşary şol ýerden hem jogap bereris.
WhatsApp obýýektiw däl / islege görä
Format: ýurduň kody we belgi (meselem, +993XXXXXXXX).

Düwmäni basmak bilen siz maglumatlaryňyzyň işlenmegine razylyk berýärsiňiz.