If the e-commerce service is exposed to payment fraud, it likely has a fraud prevention system with some rules and scoring in place. In that case, the KPIs are straightforward.
Monitor acceptance, rejection, and reviews
First, the merchant needs to know how many payments the fraud prevention system:
- accepts automatically;
- sends for manual verification (if any); and
Monitor false negatives
Second, because the fraud prevention process makes errors, the e-commerce service needs to know how many instances of fraud were considered ok by:
- the rules,
- the risk score, and
- the risk operation analysts.
These errors are called false negatives (or type II); they need to be minimized.
Monitor false postives
Third, with A/B testing, e-commerce services may estimate how many true transactions the rules, scores, and reviewers are rejecting. These are false positives errors (or type I).
To measure the fraud detection outcomes and errors
|#||KPIs||Proportion of payments|
|1||Auto-accept||Automatically accepted by the fraud system.|
|2||Manual review||Sent for manual verification.|
|3||Reject||Automatically rejected by the fraud system.|
|4||False positives||True clients suspected of fraud.|
|5||False negatives||True frauds that the detection has failed to detect.|