How is the IP blocking helpful with the email patterns? What is the mechanism by which velocity blocks the fraudulent transactions once a pattern has been identified? Will velocity accidently stop valid transactions? Will velocity stop all fraudulent transactions?
Q: Why does Velocity exist? OR What is a carding run? A: Velocity's sole goal is to block carding runs. A carding run is where some nefarious person takes a list of stole credit cards and uses a script to test those credit cards. Testing a credit card is most easily done on a donation form as there are less options on a donation form to select then there are on say Amazon. Also, most donation forms only require a $5 donation which is a fairly low amount.
Q: What are the symptoms of a carding run? A: Dozens or sometimes even hundreds of transactions for the same amount being submitted in a short period of time. A normal human would take several minutes to process a single transaction but a script can submit the donation form quickly and easily over and over and over again. Typically a carding run will have the same IP throughout the run. Sometimes a carding run will use the same credit card throughout the run.
Q. Will velocity stop all fraudulent transactions? A. No. Velocity will only stop fraudulent transactions that are a part of a defined pattern of fraudulent behavior. Furthermore, the first few transactions in such a pattern may succeed as the system will not identify the fact that there is a pattern until the pattern has been established.
Q. Will velocity accidently stop valid transactions? A. This can happen but it is rare. The most common time this happens is if you, the client, have a call center or some sort of in house corporate fund drive where transactions are being entered in succession from the same IP. This can be avoided by having us white list your IP beforehand.
Q. What is the mechanism by which velocity blocks the fraudulent transactions once a pattern has been identified? A. Velocity blocks the IP(s) that been involved in the pattern identified by the defined limit in the defined window of time.
Q. How is the IP blocking helpful with the email patterns? A. Although the velocity system blocks by IP and not by email, once an email has reached the threshold this rule will continue to fire on every transaction attempt, blocking each IP from which the fraudulent transactions are being presented.