{"url":"https://www.clear.sale/blog/how-to-set-cutoff-points-automatic-approvals-ecommerce-fraud-prevention","title":"How to Set Cutoff Points for Automatic Approvals in Ecommerce Fraud Prevention","tldr":"Learn how to set cutoff points for automatic approvals in ecommerce fraud prevention, blending automation with manual review to lift approval rates.","markdown":"TL;DR\n\nEnterprise retailers cannot manually review every order, but fully automated fraud solutions reject too many legitimate orders, harming approval rates and customer relationships. The best approach is a blended model that combines automated approval of safe orders with secondary manual review of flagged orders. ClearSale sets cutoff points using calculations such as fraud probability and expected loss (fraud probability multiplied by order value) to decide which orders are worth manual review, drawing on a statistical model with over 70 variables and more than 300 fraud categories.\n\nFor enterprise ecommerce companies, the pandemic has set in motion an online trajectory that continues to produce more orders and more revenue.\n\nIt has also increased the amount of fraud. But fighting fraud has changed: Because brand-new online shoppers don’t behave like typical customers, it can be more difficult to distinguish them from fraudsters.\n\n## Why Retailers Rely on Automated Approvals\n\nMost large online retailers have a dedicated fraud prevention team with anywhere from two to 10 employees who handle hundreds of thousands of orders each week.\n\n*As much as these enterprise companies want zero fraud, it’s simply not realistic.* The only way to prevent every fraudulent order would be to manually review every order – which is unrealistic even for modestly-sized businesses. Few companies have the resources it would take to review that many ecommerce orders on an ongoing basis, even if they “borrowed” staff from other departments (a common practice during peak seasons).\n\nSo, manually reviewing every order is impractical. However, a completely automated solution also poses problems and presents risks.\n\n### What Happens When Automated Review Settings Are Too Strict\n\nCompletely automated fraud solutions rely on rules and filters that will typically flag anything even remotely suspicious as fraud. This results in lower approval rates, false declines, and major problems with customer satisfaction and reputation management.\n\nToday’s consumers are far savvier online than ever before, especially younger consumers. They know ecommerce and they expect it to work for them. So when their valid order is declined, they tend to respond in devastating ways:\n\n- 40% of customers say they would likely never place an order with that same merchant again after a false decline. That number rises to 45% for customers younger than 40.\n\n- 34% say they would likely post a negative comment on social media about their experience after a false decline.\n\n- While 60% of consumers say they would give the order one more try before walking away forever, 21% would not.\n\nThat’s alarming enough already. Now, consider that *90% of declined orders are* *not fraud*. This means companies that trust completely automated fraud prevention solutions are almost certainly losing sales and angering their customers.\n\n### Why Allow Lists and Deny Lists Are Also a Bad Idea\n\nSome retailers try to simplify fraud prevention with lists of customers to allow or deny. These may be VIP customers or company executives who are supposed to get special treatment and have their orders automatically processed. Or these may be customers who are notorious for returning purchases in poor condition.\n\nEither way, these lists are problematic. What will happen if a fraudster gains access to the credit card information for anyone on an allow list? The fraudster gets to be a kid in a candy store with no safeguards.\n\n### Deny lists circumvent the entire fraud prevention process.\n\nThis is because allow and deny lists circumvent the entire fraud prevention process. Those orders are processed and approved outside of a fraud prevention database. So, your fraud protection team won’t have the opportunity to pre-emptively detect that a fraudster has stolen a VIP’s credit card and is using it to make high-dollar purchases.\n\n## Optimal Fraud Prevention Balances Automated and Secondary Review\n\nThe best fraud prevention solution is one that incorporates both automated and secondary reviews. Simply put, retailers need a **blended model** to get the most fraud prevention.\n\nAnd that’s where most enterprise companies get stuck. They don’t know how to create a balanced approach that is the most efficient and effective solution.\n\nFortunately, at ClearSale, that’s what we know how to do best.\n\nOur process is based on best practices, industry intelligence, and fraud experience across industries, markets and order types. If a fraud scheme has been attempted, we’ve seen it and have learned how to recognize it.\n\nIn fact, we’ve developed a statistical model that uses over 70 constructed variables with more than 300 possible fraud categories and scores. This model covers our entire database of historical orders. It involves a level of rigor that has scored **our statistical model scores higher on the KS test than credit models.** And it allows us to automatically approve very large numbers of orders.\n\nWhen it comes to identifying which orders should be reviewed manually, our system flags potential fraud and we determine whether it makes sense to further investigate the order.\n\nTo help companies better understand how to make data-driven approval decisions and increase revenue, we’re showing you what’s behind the curtain and revealing how our blended model works.\n\n## How to Set Cutoff Points for Automatic Review\n\nThere are a number of calculations that help determine which orders need to undergo secondary review and which should be automatically reviewed. Together, they determine a cutoff point or curve like the one plotted on this graph.\n\nLet’s look at each of the calculations:\n\n### Fraud Probability\n\nFraud probability is a score assigned to order values based on past experience. Companies need to have insights about their order history to make this determination. For example, you may know that for every 100 orders worth $450,000, one of them leads to a chargeback. That means the fraud probability for a $450,000 order is 2%.\n\n### Expected Loss\n\nThe expected loss is the product of fraud probability and the total value of your order.\n\n**Expected Loss = probability of fraud x total order value**\n\nSo, for that same order value of $450,000, the expected loss is $9,000.\n\n**$9,000 = 0.02 x $450,000**\n\nIf the cost per order for a secondary review is less than $9,000, you may want to manually review orders of that value.\n\n### Automatic Approval Cutoff Point\n\nThe automatic approval cutoff point is a variable based on the expected loss calculations for the range of total order values. Taking the above example, you would calculate the expected loss for a series of total order values.\n\nLet’s say you also make the calculation for orders valued at $100,000 and those valued at $1,000,000, giving you a range or total order values. The fraud probability for each, again, would be based on your experience with that order value and the expected loss would be calculated for each, as demonstrated in the table below.\n\n**Total Order Value**\n\n**Fraud Probability**\n\n**Expected Loss**\n\n$100,000\n\n.06\n\n$6,000\n\n$450,000\n\n.02\n\n$9,000\n\n$1,000,000\n\n.01\n\n$10,000\n\nPlot the expected loss calculations for each order value on a graph and you’ve created your approval cutoff point, Any order that falls below the curve should be automatically processed – and any order that is above the curve should undergo a secondary review.\n\n### Risks Associated With This Model\n\nThis model isn’t infallible. There is the risk that automatically approved orders turn out to be false positives and orders that are automatically declined are valid.\n\nFor secondary review orders, there is a big risk of cancellation. When an order is flagged for secondary review, a group of analysts check the data against credit bureaus and other sources to determine if the orders are valid. They may even contact customers directly to confirm their information and let the card owner know about the purchase. Some customers take the opportunity to back out of the purchase. In fact, every 1% of additional manual analysis results in an estimated 0.0115% sales canceled.\n\nTo mitigate those risks, we validate our model before implementing it using historical data.\n\n### Model Validation\n\nValidating this model involves back-testing where we take a random sample of previously approved orders and re-run them through the model to see what happens. Keep in mind, we already know which of the orders were fraudulent and resulted in chargebacks.\n\nThen we compare the model results against the actual order outcomes. If they match or are close, we know the automatic approval cutoff curve is valid and the model is valid. If results are too disparate, we go back to the start and look at which calculation may be off.\n\n### How to Optimize Your Automatic Approval Cutoff\n\nWe can also use this data to optimize the automatic approval cutoff and lower operational costs.\n\nAlong every automatic approval cutoff curve is a “sweet spot” where you will get the most overall value from the process. To find it, you’ll need to adjust the automatic approval cutoff curve to be as close as possible to an expected loss curve for the same order values. This way, whether orders are automatically reviewed or not, the cost is the same.\n\nOther considerations that impact your automatic approval cutoff curve include:\n\n- Automatic approvals are instant, which is important for businesses in this extremely competitive ecommerce industry. Companies can’t take too long to approve orders or customers will move. If the probability of fraud is not high, it may be worthwhile to default to automatic approval.\n\n- The cost of the secondary review is variable. Companies may want to consider staffing their fraud analysis positions based on peak demand instead of being static. In fact, your staff augmentation plan really should be based on your automation cutoff curve data points..\n\n- Companies can also increase and reduce automatic approvals based on staff availability, as long as the chargeback rate doesn’t increase. On busy days, they can increase automatic approvals and reduce them on slow days.\n\nUsing a blended model for order review is a complicated process that requires expertise and analysis. It can fluctuate with peak times, historical insight and changing operational goals. The key is to adjust the variables to deliver the most value.\n\n## Want to Talk Through Your Statistical Model With the Experts at ClearSale?\n\n## Frequently Asked Questions\n\n### Why can't retailers manually review every order?\n\nEven modestly sized businesses lack the resources to manually review hundreds of thousands of orders each week, even by borrowing staff from other departments during peak seasons. Manual review of every order is impractical.\n\n### What happens when automated review settings are too strict?\n\nOverly strict automated systems flag anything remotely suspicious as fraud, lowering approval rates and creating false declines. This damages customer satisfaction and reputation, and notably about 90% of declined orders are not actually fraud.\n\n### How do false declines affect customer loyalty?\n\nFalse declines drive customers away: 40% say they would likely never order from that merchant again (rising to 45% for those under 40), and 34% say they would likely post a negative comment on social media about the experience.\n\n### Why are allow lists and deny lists a bad idea for fraud prevention?\n\nAllow and deny lists circumvent the entire fraud prevention process because those orders are approved or denied outside the fraud database. If a fraudster steals a VIP's card on an allow list, the fraud team has no chance to detect the high-dollar purchases.\n\n### How is expected loss calculated for an order?\n\nExpected loss equals fraud probability multiplied by total order value. For example, if a $450,000 order has a 2% fraud probability, the expected loss is $9,000. If a secondary review costs less than that, the order is worth reviewing manually.\n\n### What makes a blended fraud prevention model effective?\n\nA blended model pairs automated approval of safe orders with secondary manual review of flagged orders, capturing the efficiency of automation and the accuracy of human judgment. ClearSale's statistical model uses over 70 variables and more than 300 possible fraud categories to decide which orders need review."}