Fraud detection systems determine whether a transaction is fraudulent based on authentication factors presented in a request to process the transaction. Examples of authentication factors include a time of day at which the transaction request was submitted, an amount of money involved in the transaction, and a country in which the transaction would take place. Fraud detection systems may trigger actions such as flagging the transaction for further investigation, rejecting the transaction, and so on in response to particular authentication factors having certain values or existing within certain ranges. By performing these actions, the fraud detection systems may prevent a fraudulent transaction from being processed.
The particular authentication factors and those respective values or ranges that trigger actions define fraud detection policies that govern how fraud detection systems operate. An example of a fraud detection policy used in a fraud detection system takes the form of a set of rules such as “IF amount >$500 AND country=‘Belgium’ THEN flag for further investigation.” In this way, any transaction request having transaction factors that satisfy such a rule will be flagged for further investigation. Such a policy thereby dictates how the fraud detection system reacts to the authentication factors presented in each request.