A false positive is when a legitimate transaction is incorrectly flagged as suspicious based on your Fraud Detection risk rules, and then declined.
False positives impact your sales and damage customer trust. Your risk strategies must balance security (catching fraud) with customer experience (minimizing declines).
Common triggers for flagging transactions as suspicious include the following:
-
Large first-time orders – An unusually high purchase amount from a new customer.
-
Address mismatch – The shipping address differs from the billing address.
-
Velocity – Multiple rapid transactions attempted on the same card in a short time.
-
Geolocation – The card was issued in one country, but the transaction originates from a different country or is masked by a VPN or mobile network.
Consider the following guidance to adjust your strategies and recover lost sales.
Fine-tune your rules
We recommend regularly adjusting the conditional logic of your risk rules to help reduce false positives.
| ******Rule type****** | ******Strategy to reduce false positives****** |
| Transaction amount & frequency | Use dynamic thresholds that adjust outcomes based on the customer's history. Instead of a hard decline outcome, flag high-value transactions and perform additional verification. For velocity checks, add known, trusted, or repeat customers to trust lists to create exceptions. |
| Address checks | Use the Address Verification Services (AVS) to compare the billing and shipping address. The AVS provides a "softer" check that can reduce false positives. |
| Geolocation & IP checks | Avoid strict decline outcomes for transactions from VPN or mobile network traffic, which are often legitimate. If the location is unusual, consider a secondary verification step instead. |
| Payment method checks | Monitor fraud patterns based on specific details, such as the bank identification number (BIN) and card number. If the payment method is flagged, enable the customer to retry, or offer an alternative payment option instead of a final decline. |
| Customer history & trust lists | Add trusted, repeat customers to trust lists to assess their transactions against less stringent rules. Factor in the customer's lifetime value or order history when calculating the risk score. |
Test your strategies
Ensure you test new rules or adjustments to your strategies before implementing them.
For more information, see:
Perform manual reviews
You can create rules that flag suspicious transactions for manual review, instead of declining them automatically.
For example:
-
High-value transactions
-
Multiple flags but the customer's history is otherwise consistent and unsuspicious
-
For Fraud Detection Pro, transactions with a high risk score from a known customer
As part of your manual review, consider the following:
-
Checking the customer's transaction history
-
Contacting the customer to verify the transaction
Handle declines and customer recovery
Effective communication and a clear recovery path are essential to save the sale and retain the customer.
We recommend taking the following actions:
| ******Action****** | ******Description****** |
| Communicate clearly | Notify the customer politely at checkout using clear, simple language. Avoid confusing, generic messages. For example: "For your safety, this transaction was flagged by our security system. Please try another payment method or contact your bank." "Payment could not be processed." |
| Offer alternative payment methods (APMs) | If the primary card is declined, offer other APMs as an immediate solution. |
| Enable 3D Secure (3DS) authentication options | Use the 3DS rules rule group. For example, adding an authentication step such as a one-time passcode (OTP) often grants you liability shift. |
| Provide resolution instructions | Offer explicit next steps. For example, suggest retrying the payment using a different card, or contacting your support team. |