Fraud Detection Rules: What They Are & How They Impact Outcomes

Jessica Velasco | Friday, October 27th, 2023 | 22 minutes

Choosing the right fraud solution provider is a difficult decision. And there is a lot riding on that decision — your business’s profitability, your fraud team’s job satisfaction, and your customer’s lifetime value are just a few areas of impact.

One topic that likely comes up in the vendor review process is fraud detection rules. In order to make an educated decision about vendor quality, it’s important to understand what rules are and how they impact results.


The quick version…

Want a high-level overview on the topic? Here is what you need to know.

What are rules?

Rules tell a technology platform how to act. They automate the decision-making process.

Are rules bad?

No, not at all. When used in the right way with the right strategy, rules are a lifesaver for fraud teams.

Who uses rules?

All fraud technology platforms use some kind of rules whether they advertise it or not.

How do I evaluate a platform’s features?

Not all rule functionality is the same. Here’s how to differentiate value and quality.

Rules should be…

  • Customizable
  • Based on more than just a score
  • Easy to change
  • Able to have an immediate impact
  • Transparent
  • Backed by the right data
  • Used in a balanced approach with advanced machine learning
  • Accompanied by human expertise

Want to learn about Kount’s rules? Check our policy page.

Kount's rules

What are fraud detection rules?

Rules are typically if/then statements that help your risk management technology make decisions.

Rules are most commonly used in fraud detection systems to stop suspicious activity. Here are some examples:

  • If a shopper has filed a chargeback in the past, then block future purchases.
  • If a device is linked to more than one email address, then manually review the account login attempt.
  • If more than one transaction is processed from the same IP address in less than 10 minutes, then decline future attempts.

But rules can do more than detect fraud. They can also be used to help manage risk compliance issues. For example:

  • If a potential iGame user is under the age of 18, then block the account creation attempt.
  • If an account holder is attempting to stream a TV show from a country without licensing rights, then disable restricted content.

Do all fraud prevention solutions incorporate rules?

In this day and age, yes, all fraud detection technology incorporates rules of some kind — especially solutions provided by third-party vendors.

Rules tell the technology how to act, automating the decision-making process.

Basically, if a decision is made, a rule is involved. Even “blackbox” solutions that only approve or decline an interaction have a threshold built somewhere into the technology.

Without rules, a technology platform is only capable of gathering data associated with an interaction and presenting it in a dashboard. Then, a fraud team would have to manually review the data associated with each and every interaction, determine the level of risk, and decide how to proceed.

How do fraud detection rules work?

Rules can be used in two different ways.

  1. With machine learning
  2. Without machine learning

And chances are, at some point in your business’s life, you’ll need both capabilities.

What is machine learning?

Machine learning — a subset of artificial intelligence — is the science of programming computers to access, analyze, and learn from data. When it comes to fraud detection, machine learning simulates a fraud expert’s thought process as part of an informed decision.


Rules with machine learning

Fraud management strategies typically incorporate machine learning systems. Here’s how they fits into the decision-making process.

  1. An interaction begins. - An individual interacts with your business — for example, an individual might attempt to create an account or make a purchase.
  2. Data is collected. - The technology gathers information about the interaction such as the user’s email address, device ID, etc.
  3. Machine learning is activated. - The technology analyzes the interaction data and compares it to data in the database. Risk levels are determined.
  4. Rules are reviewed. - The technology consults your rules or thresholds.
  5. A decision is made. - The technology automates a decision that aligns with your rules.


Rules without machine learning

Usually, technology needs machine learning to optimize the decision-making process.

However, in some situations — which are often temporary or limited in scope — accurate decisions can be made without machine learning.

Here are three examples.


Certain geographical locations have banned gambling. So if you are an iGaming business, your technology platform is expected to block newly created accounts from restricted areas.

return fraud

It can take a while for machine learning to pick up on emerging threats. So if your business is hit by a new scheme — refunding fraud, for example — you may need to set rules to specifically block that threat until the technology is able to learn the warning signs.

pizza party

Your business’s risk thresholds can fluctuate over time. But machine learning won’t know that — unless you set a rule and tell it. For example, maybe your pizza restaurant is willing to take more risks during the Super Bowl.

In these types of situations, the approval decision doesn’t require machine learning. You just need the technology to make a yes or no decision based on the rules you provide.

Here’s how that type of rules based fraud detection system works.

  1. An interaction begins. - An individual interacts with your business — for example, attempting to create an account or make a purchase.
  2. Data is collected. - The technology gathers information about the interaction such as the user’s email address, device ID, etc.
  3. Rules are reviewed. - The technology consults your rules or thresholds.
  4. A decision is made. - The technology automates a decision that aligns with your rules.

Why a blended approach is best

Technically, a fraud detection solution could function without machine learning. And technically, you could manage fraud without rules-based technology.

But a truly effective fraud strategy is more than the sum of its parts. You really need both machine learning and rules to combat today’s modern threats.

Expand the sections below to view real-world examples.

A rules-only solution — without machine learning — is very brittle and easy to break. Fraudsters can evade detection with just slight adjustments to the interaction. 


You receive a chargeback and decide to block the friendly fraudster from shopping with you again. You set up a rule to block any card number that is associated with a previously disputed purchase.

Later, when the friendly fraudster comes back to your site, she realizes her credit card of choice has been banned. But she’s determined to get her hands on this season’s hottest merchandise. So she pulls out her wallet, grabs a different card, and buys herself a new pair of shoes. 

If your system had machine learning, you could have detected that the fraudster and the alternate payment card go together. And you could have stopped the purchase — even though the shopper actively tried to bypass the rules. 

But without machine learning, all you have is a process that is easy to manipulate.

Often, with the wrong combination of features, it’s impossible for technology to differentiate between a truly fraudulent interaction and an unusual situation. 


You trace several unauthorized transactions to one particular geographical region. So you set rules to block all future transactions from that same location in an attempt to reduce fraud. 

However, rules alone can’t detect a criminal using IP cloaking techniques to disguise his location. Yet, the rules do block a military member stationed abroad wanting to receive his favorite health supplements from back home (check this real-world example). 

Without machine learning, the platform needs thousands of rules — based on static assumptions about risk levels — to make somewhat accurate decisions. But if a platform combines rules and machine learning, location becomes just one of hundreds of different risk indicators that will influence the outcome.

It takes time for machine learning to detect and understand patterns. But you don’t always have time to wait for technology to learn the essentials. 


A hurricane will make landfall sometime tomorrow. People in harm's way need to evacuate immediately. But unfortunately, the fraud technology that your travel company uses has determined that any reservation made within 24 hours is risky. 

If you don’t have flexible rules, all those vulnerable customers will be turned away. But if you have customizable rules with real-time updates, you can simply tell the technology to approve any reservation made by individuals in the impacted area.

How do risk scores factor into rules and decisions?

When talking about rules, another phrase that often comes up is scores. Machine learning will often assign one or more scores to an interaction or individual to express the corresponding level of risk.

Scores are usually expressed on a spectrum — like 0-100 — and can help influence decisions.

However, you want to be cautious of platforms that place too much emphasis on scores. A score should be just one of hundreds of different data elements that go into the decision-making process — not necessarily the driving factor. If rules revolve solely around scores, your business won’t have the flexibility and customization it needs to be successful.

Why would a vendor indicate a competing platform is inadequate because it uses rules?

Unfortunately, the phrase “rules” has become taboo in the fraud industry. Many vendors point fingers at their competition, calling them things like “a rules-based solution” — as if that’s a bad thing.

A platform that only uses rules — without any artificial intelligence — is subpar. But there are very few solutions like that on the market today. All well-established fraud companies have figured out how to incorporate at least some machine learning (Kount uses multiple types of machine learning models).

Moreover, there aren’t any platforms that don’t use rules. All vendors use rules in some way, shape, or form.

While nearly all vendors use the same strategy for managing fraud — rules and machine learning — not all technologies are the same. The quality of rules can vary significantly, such as the ease of setting or changing rules. And machine learning capabilities can differ too, such as analyzing behaviors only versus behaviors and attributes.

We provide tips and advice on how to differentiate between the quality and less effective options on the market today.

How do I evaluate the quality of a vendor’s rules and machine learning?

If most platforms have some combo of rules and machine learning, how do you determine which is the right fit for your business?

Here are some of the most important qualities to look for.

Rules can be customized.

No two businesses are the same. Everyone deals with different threats and has different goals. Therefore, no business should be limited to a standardized, universal, out-of-the-box, one-size-fits-all set of rules.

Plus, fraud threats shift all the time. What was effective yesterday might not work tomorrow.

Look for capabilities that build rules just as adaptive and unique as your business.

NOTE: This is one of the biggest differentiators to be mindful of. Rule customization is essential, yet capabilities vary widely among vendors. For example, you decide you want to increase order acceptance rates but only in select countries. That’s an easy update to make at Kount — but not at other popular companies on the market today.


  • How many out-of-the-box rules do you offer? Can I edit those rules or turn them off?

  • Do you have a limit to how many rules can be created?

  • On average, how many rules do your clients manage?

Rules take more than scores into consideration.

Risk scores can help influence a decision, but they should not be the sole deciding factor. Because accurate decisions are not based on just one piece of evidence — intelligent decisions are dependent on in-depth data analysis.

For example, you could set a rule to decline every interaction with a risk score above 85. But what about an interaction with a score of 84? Is it truly safer than an interaction with a score of 86?

Look for a technology platform where scores are just one of many data points that influence rules.


  • Can I set my own rules or do I just use a slider to indicate my risk threshold?

Rules can help manage fraud and risk.

Fraud and risk are two different things.

Fraud rules can help you do things like stop criminals from making unauthorized transactions or hacking into accounts.

Risk or compliance rules focus more on non-fraud threats that still harm your business. Risk doesn’t necessarily cause financial loss in the moment, but fines can hit once the compliance issue is detected. For example, a risk rule would block an underage shopper from buying alcohol.

It’s important to work with a vendor that offers a complete solution, protecting your business from both fraud and risk.


  • How many data elements can I write rules for?

Rules are easy to change.

Rules are meant to make fraud and risk management simpler — not more cumbersome and confusing.

Look for a platform that makes it easy to create and change your rules. You should be able to add rules and make updates yourself. Going through an account manager every time will be annoying and frustrating.


  • Can you give me a demo of how to add or change rules in your platform?

  • Can rules be changed at any time so I can respond to new fraud trends?

Results are impacted immediately.

Fraud threats can emerge in a matter of seconds. Your response needs to be just as quick.

Make sure rule changes go into effect immediately. You don’t have time to wait for the technology to reboot or an account manager to do your bidding.


  • How long does it take for rule changes to take effect?

  • Is your technology updated in real time?

Decisions are accompanied by an appropriate amount of transparency.

Decision transparency is typically one of the biggest differentiators when evaluating a platform’s quality.

Most businesses — especially large ones — want to know why a decision was made. But few vendors can easily provide that information.

These “black box” solutions don’t have robust enough technology to share those insights. And if their technology isn’t able to provide transparency, are they capable of making accurate decisions in the first place?

If data transparency is important to you, make sure you have a clear understanding of what will and won’t be shared.

That being said, not all businesses need or want decision information. For example, a small business might not have the time or skills to dig into the data. If you fall into this category, look for a platform that will simplify your management tasks now yet still offers insights if you choose to access them in the future.


  • Can you show me an example of your results screen?

  • Can I customize the view for the results screen?

  • Can I export my data and analyze it myself?

Decisions are backed by the right data.

Data is another big quality influencer, but it can be hard to evaluate.

On the surface, it might be tempting to play a numbers game — the higher the annual interaction count, the better the database. However, that can easily become an apples-to-oranges type of comparison.

For example, on a single customer journey, the user may visit several pages on your website, add products to their shopping cart, update their profile with a new shipping address, add a new payment method, and then checkout.

Does that count as multiple interactions? If so, how involved is the integration process if your solution provider needs to see all those interactions?

Or does one user journey equal one interaction?

Another thing to note is: interaction count is just one metric. Data quality and diversity is also relevant.

Let’s use a spreadsheet as a hypothetical example.

Think of interactions as the rows on a spreadsheet. You open it up and scroll through — “Wow! There are 1 trillion rows!”

But the different types of data feeding the AI are in the columns.

Would you rather make a decision on 1 trillion rows with 10 columns of data? Or would you rather have 36 billion rows with 700 columns of data?

spreadsheet example

That’s a question that doesn’t have a universal answer. Because value and relevance is determined on a business-by-business level. A startup with 1,000 transactions a year will have different priorities than an enterprise brand processing 1,000 transactions an hour.

Try to evaluate the relevance of a database with a combination of metrics.


  • What is the breakdown of global vs. domestic data?

  • How old is your database? How long have you been collecting data?

Machine learning is advanced.

The value of a rules engine is directly tied to the machine learning and data it’s built upon.

So it’s natural for sales and marketing teams to highlight what goes into the solution. But unfortunately, promises, claims, and boasts can all start to sound the same. And elevator pitches rarely go into enough detail (we are even guilty of this sometimes at Kount).

So let’s cut through the noise and get right to the point. What do you really need to know about machine learning for fraud detection?

Here are a couple boasts you might hear — and what they actually mean for your business.

“Our machine learning models are trained and tailor-made for your data. You’ll have a custom model specifically designed for your business.”

On the surface, this seems great. The promise of anything “custom” is pretty sweet.

And it can be — if the technology is built correctly. But if it’s not, this boast can backfire badly.

Because supervised machine learning requires…supervision. The technology needs to be trained. And that training can come from one of two sources:

  1. very manual processes completed by your team
  2. the technology itself

For example, at Kount, our supervised machine learning is in a constant state of optimization. It gets better and better over time.

That means, you can have a fully functioning solution on day one. And as it gets to know your business — your needs and threats — it will self optimize to become a fully customized solution.

But with other platforms, your team has to do all the work required to get the machine learning ready to serve your business. You have to train the models, label the data, build the feedback loop, and so much more.

Once that time-consuming, error-prone, manual process is complete, it will take months for the machine learning to ramp up and become valuable.

Look for a platform that can provide a customized solution — without requiring your own blood, sweat, and tears.


  • What is the onboarding process like? What tasks will my team have to complete?

  • How long is ramp up?

  • Do you need historic data from me?

  • Do you run concurrent with my existing solution?

  • If fraud changes or I change my risk strategy, how long does it take for your supervised models to react?

“Our technology incorporates both supervised and unsupervised machine learning.”

Spoiler alert: nearly all fraud solutions on the market today incorporate both supervised and unsupervised machine learning.

However, unsupervised machine learning is difficult to build and hard to incorporate effectively.

The newest vendors haven’t mastered its development yet. They have had to build out their solution using data they buy from third parties. So when an event comes in, the technology has to compare it to different silos of data.

Obviously, this approach isn’t ideal. Segmented data leaves gaps. And having data on multiple different records means the technology is conducting an apples-to-oranges comparison.

Rather than buy data and try to piece it together, Kount relies on a diverse data network. This means we can more accurately spot anomalies — which means we can more accurately stop fraud.

Let’s go back to our spreadsheet analogy.

Would you rather have a system that breaks down an interaction into several different rows with data in only one or two columns? Or would you rather have a complete interaction stored in a single row with data in hundreds of columns?

spreadsheet example

Machine learning is great — until it isn’t. As you shop, remember that a balanced approach is best. The combination of advanced machine learning, feature data, and a robust rules engine will generate the best results possible.


  • Do you use unsupervised machine learning?

  • Do you make decisions for my company based on information I provide you? Or can you cross-reference it against data provided by other merchants in your network?

  • Do you cross-reference or incorporate data points from any partners or parent companies?

Technology is supplemented with human expertise.

A fraud detection platform is only as valuable as the expertise it is built on.

You’ll want to make sure the technology you choose is developed by people who know what they are doing. Here’s a tip on how to evaluate quality.

  1. Visit the company’s page on LinkedIn.
  2. Check out the company’s employees.
  3. Look for positions like VP of machine learning.
  4. Check the education and achievements of notable individuals.

For example, Kount has positions like senior data scientist, director of AI science, and VP of AI and machine learning — all with master’s degrees or PhDs.

Know-how is important when building technology. But experts shouldn’t be hidden behind the tech and inaccessible. When you have questions or need help, you want to be connected to a professional, knowledgeable human being.

Look for a company that has a reputable, responsive support team. An added bonus? See if you can consult with their pros on a regular basis to build out an effective strategy with the best ROI possible.


  • What are your support hours?

  • If I reach out to your team, how quickly will I get a response?

  • Will I have a dedicated account manager or work with a team of experts?

  • How often do account managers typically meet with clients?

  • What kind of consultations are available? Managed services?

  • Can I meet with one of your engineers? Will an engineer be available to help during the onboarding process?

  • What does a “day in the life” of an account manager and Kount client consist of?

Kount’s approach to rules and machine learning

Kount was the first fraud detection company to enter the market nearly two decades ago. We have had plenty of opportunities to test strategies and determine what is effective.

And we’ve concluded that a balanced approach with flexible, transparent, customizable rules and advanced machine learning produces the best results possible.

We are proud of our rules engine and the AI that drives it. And thousands of satisfied clients appreciate what we have to offer.

Large yellow X next to Jagex

Kount offered us something other companies couldn’t: the ability to write our own custom rules that apply to our unique situation. I didn’t have to buy someone else’s pre-packaged sets.” — Dave Parrott, Fraud Manager


Getty Images logo in full color

“We can use Kount for a variety of things — customizable rule building, automation, and reporting. What we really appreciate is that we can use it for more than just fraud. — Diego Martins, Manager, Finance Operations


cdbaby logo color

“Kount makes things so much faster and easier. I can quickly implement special rules to maximize sign ups. Kount has made my life infinitely easier. I’m back to doing my job instead of spending my entire work week battling fraud.” — Christine Barnum, Controller


ClickBank logo

“Kount really is a one-of-a-kind solution. And it’s pretty easy to use day-to-day. We can handle 30,000 transactions a day with just a single person managing the entire process.” — Tom Denig, Director, Risk Operations


Fetch Rewards logo

“Kount really won us over with the data transparency. The extra detail is really helpful for a team like ours.” — Bethany Morgan, Fraud Manager



“Kount is really good at giving you a lot of information at a glance. You don't have to really dig into a lot of different things. It's just right there at your fingertips.” — Chad Funk, Fraud Specialist


Kount 360 User Dashboard


Want to see Kount in action?

Want to see Kount's technology — and our rules — for yourself? Sign up for a demo today.

Related content

See more related content


Jessica Velasco

Content Manager for Marketing

For nearly a decade, Jessica Velasco has been a thought leader in the payment dispute industry. She aims to provide readers with valuable, easy-to-understand resources.