Enhancing Payment Fraud Detection with Rapyd Protect

By: Manish Hatwalne

Rapyd provides a platform for embedding payment services into your applications. To help you combat payment fraud, Rapyd Protect is included for Rapyd accounts (verify plan eligibility) that offers protection for transactions involving credit cards, bank transfers, and e-wallets, while maintaining a seamless checkout experience for legitimate customers.

Powered by machine learning (ML) and advanced risk models, Rapyd Protect works in real time to identify suspicious patterns, from unusual spending behavior to mismatched user information. It also allows you to maintain full control with customizable rules that can automatically block high-risk transactions or flag them for manual review.

In this article, you'll learn how you can enhance payment fraud detection in your applications with Rapyd Protect.

Rapyd Protect

Rapyd Protect helps you minimize chargebacks and protect your revenue. It provides protection via two approaches:

1. Machine learning
2. Fraud rules

How Rapyd Protect Uses Machine Learning to Prevent Fraudulent Transactions

Rapyd Protect uses ML models that have been trained on Rapyd's historical transaction data to recognize patterns that indicate fraud. When a transaction comes through, the models analyze various signals, like the customer's location, device fingerprint, transaction amount, and payment method, to assign a specific risk score.

For example, if someone attempts multiple small test transactions from different IP addresses using the same card within a short timeframe (a common card-testing pattern), the velocity engine typically tracks this behavior while the ML model evaluates the overall risk profile. Similarly, if a card’s Bank Identification Number (BIN) belongs to a U.S. bank but is used for a high-value transaction from an IP in another country, Rapyd Protect may flag it as suspicious.

The ML models are continuously retrained with new data to detect evolving fraud tactics, like shifts in geographic attack patterns or new account takeover techniques.

Fraud Rules

Rapyd Protect also includes a rules engine for creating custom fraud policies based on parameters like IP addresses, card types, amount, geographic locations, and 3D Secure requirements. The platform maintains reference lists of known fraudulent entities, suspicious IP addresses, restricted countries, and high-risk BIN ranges. Transactions can be blocked or routed to manual review queues based on configurable criteria such as transaction amount or origin country.

The system provides interfaces for reviewing flagged transactions, approving or declining payments, viewing triggered rules, and accessing blocked transaction logs. These rules work alongside ML to enhance fraud detection and adapt to evolving threats.

Implementing Custom Fraud Rules in Rapyd Protect

While ML used by Rapyd Protect prevents common fraudulent transactions, sometimes you need custom rules to address your specific business requirements. For example, you might want to block customers making more than a specified number of card transactions within three days, block card transactions from regions where you don't operate, or block high-value card transactions over 2,500 EUR.

Let's look at how you can create this amount-based blocking rule in Rapyd Protect.

Rules Engine

The Rapyd Protect Rules Engine lets you create custom fraud prevention rules based on various transaction attributes like IP addresses, card types, countries, transaction amounts, BIN ranges, and 3D Secure requirements. These rules provide an additional layer of protection tailored to your specific business needs. Each rule consists of two components: the triggering conditions (what to look for) and the action (allow, block, or review) to take when those conditions are met.

Rules fall into three categories with a specific hierarchy:

1. Allow rules takes highest priority and permits transactions matching their criteria, overriding any other rules.
2. Block rules automatically rejects transactions that meet their conditions, unless an "Allow" rule applies.
3. Review rules flags transactions for manual evaluation and routes them to an "Under Review" queue where you must approve or decline them within seven days. These rules only trigger if the transaction doesn't match any "Allow" or "Block" rules and they are only available for bank payments, not for card payments.

The following diagram shows how rule processing takes place in Rapyd Protect:

Creating an Amount-Based Blocking Rule

Now that you understand how Rapyd Protect rule processing works, let's create a blocking rule for high-value transactions. We'll build a rule that automatically blocks any transaction exceeding 2,500 EUR.

Log in to your Rapyd account and select Protect from the left-hand navigation menu. The Rules page displays all your existing rules and lets you create new ones:

Click the Add rule button in the Block section at the bottom of the page. In the dialog that appears, define your blocking condition: "Amount EUR Greater than 2,500". Then, add a meaningful description for your rule.

Rapyd Protect supports complex rule logic, so you can combine multiple conditions using and or or clauses if needed.

After configuring your conditions, click the Create rule button (this becomes active once you've added at least one condition). A confirmation dialog will appear asking you to enable the rule:

Click Enable to activate your rule. If you skip this step, the rule will be created but remain inactive (aka disabled). It won't affect any transactions until you manually enable it later.

You can create additional blocking rules based on your specific business needs. For instance, if you only accept US-issued cards, create a rule with the condition Card country Not Equal to US to block all international card transactions.

Testing the Blocking Rule

After creating your amount-based blocking rule, you can test it using Rapyd's Virtual Terminal. Navigate to the Getting started page and select the Collect payments tab. This page provides multiple options, including payment links, card payment simulation, and branding customization.

Rapyd provides a sandbox mode for development, so all transactions use test data, no real cards or money are involved. Click the Collect virtually button under the Virtual terminal:

With the Virtual Terminal, you can simulate a card payment by following these steps:

Enter payment details: Select the customer's country, payment method (card type: Visa or Mastercard), amount (enter a value above your rule threshold, such as: 2501 EUR), currency, then click Next.

Enter card information: Provide the cardholder name, card number (use test card 4111 1111 1111 1111), a future expiration month and year, and any 3-digit CVV number (any digits work in Sandbox), then click Next.

Skip additional details: Click Create payment to bypass the optional Additional details dialog.

View the blocking result: Since the transaction amount exceeds EUR 2,500, the Rapyd Protect rules engine marks the payment as blocked or routes it to the Under Review queue; see your dashboard for the block reason. You'll see a Payment blocked dialog with the message: "Your transaction has been blocked by Rapyd Protect. It can be viewed under the "Blocked" tab."

Click Close to dismiss this dialog. Your blocking rule has successfully triggered and prevented the high-value transaction.

To verify the rule works correctly, test a few more transactions. Use amounts at or below 2,500 EUR (which should process successfully) and amounts above 2,500 EUR (which should be blocked). This confirms your rule is enforcing the threshold properly.

Note: Your application can integrate the payment collection using Rapyd APIs as well.

Monitoring Blocked and Successful Transactions

After testing your rule, you can review the results in the Rapyd dashboard. Navigate to Collect in the left-hand navigation, then under Review & Protect, select Blocked. This page displays all transactions that were rejected by your blocking rules. You can filter the list by date range and other criteria.

Click on any transaction row to view its details in the right-hand panel. The detail view shows the transaction amount, currency, timestamp, customer information, and other relevant data:

At the bottom of the detail panel, you'll see a Triggered rules section. Click the View link to see which rule(s) caused the transaction to be blocked. A dialog will display the specific blocking rule that triggered it, which is your high-value transaction rule:

To verify that legitimate transactions are processing correctly, navigate to the Payments page under Collect. This page shows all successfully processed transactions. As shown in the following screenshot, transactions at or below 2,500 EUR complete successfully and are not blocked by your rule:

Note: These transactions may take up to 15 minutes to appear in this dashboard.

Advanced Features of Rapyd Protect

Beyond basic blocking rules, Rapyd Protect offers several advanced features for more sophisticated fraud prevention strategies.

• 3D Secure rules allow you to conditionally trigger additional authentication for card transactions based on specific criteria. For example, requiring 3D Secure verification for all transactions above a certain amount or from particular countries.
• Review rules work differently from blocking rules by placing transactions in a manual review queue rather than automatically rejecting them. This is available for bank payments (inbound or outbound) where you want human oversight before approving high-risk transactions. Reviewers have seven days to approve or decline each flagged transaction from the Under Review dashboard.
• Rule Library provides a collection of pre-configured fraud prevention rules that you can activate and customize for your business. Instead of building common rules from scratch, you can select templates from the library, adjust their parameters to match your requirements, and add them to your active rule set. This speeds up the implementation of standard fraud prevention patterns while still allowing full customization.
• Lists Rapyd Protect offers several lists that your rules can reference for more granular control.
  • The Allowed Cards and Blocked Cards lists use card fingerprints to whitelist or blacklist specific cards.
  • For bank transactions, you can manage Approved Bank Accounts (always allow) and Blocked Bank Accounts (always reject) based on customer (or beneficiary) account details.
  • Geographic controls are available through Country Codes to Block (for card-issuing countries) and Blocked Beneficiary Bank Country (for bank transfer destinations). These lists provide a flexible way to maintain exception-based policies without creating individual rules for each case.
• Programmatic access Rapyd Protect provides API endpoints and Webhooks that allow you to integrate fraud prevention directly into your application. The APIs allow you to handle payments, while webhooks send real-time alerts when your fraud rules trigger, allowing your system to respond automatically to fraud events.

For detailed integration guides and API documentation, visit the Rapyd Developer Portal.

Conclusion

In this article, you learned how Rapyd Protect combines ML with customizable fraud prevention rules to safeguard your payment operations. You not only learned how to create those custom rules, but also test those rules using the Virtual Terminal, and then monitor their performance through the dashboard.

Rapyd Protect is an important component of Rapyd's comprehensive payment platform. Whether you're processing cards, bank transfers, or e-wallets, Rapyd provides the tools to accept payments globally while maintaining security and compliance.

If you're looking to implement fraud prevention in your application, sign up for Rapyd's trial account to access the Sandbox environment, explore the full Rapyd API capabilities, and start building secure payment flows today.