B2B के लिए Fraud Rules Engine Design 2026: Velocity, BIN, Fingerprinting
Digital goods में B2B fraud B2C से अलग है: transactions कम होते हैं पर average ticket $200–2000, और chargeback में product, interchange fee, और dispute fee तीनों जाते हैं। यह article ऐसे fraud rules engine का blueprint है जो 70%+ fraud <0.5% false positives पर पकड़ता है।
Note: यह आपके अपने platform का fraud layer है। FoxReload API से ऑर्डर POST /api/orders (base URL: https://public-api.foxreload.com) से X-API-Key header के साथ होते हैं — FoxReload-side में built-in fraud score field नहीं है। Fraud scoring आपकी अपनी pipeline में होनी चाहिए।
1. Velocity rules — foundation
Velocity = per time window actions की frequency। Baseline set:
type FraudSignal = { rule: string; score: number; reason: string };
async function checkVelocity(order: Order): Promise<FraudSignal[]> {
const signals: FraudSignal[] = [];
const ipCount = await redis.zcount(`vel:ip:${order.ip}`, Date.now() - 600_000, '+inf');
if (ipCount > 5) signals.push({ rule: 'ip_velocity', score: 80, reason: '>5 orders/10min' });
const cards = await redis.scard(`vel:cards:${order.userId}:24h`);
if (cards > 3) signals.push({ rule: 'multi_card', score: 60, reason: '>3 cards/24h' });
return signals;
}
Storage: Redis sorted sets with TTL = window। Write: ZADD vel:ip:1.2.3.4 NOW order_id + EXPIRE 600।
2. BIN risk scoring
Card number के पहले 6–8 digits (BIN) issuing bank identify करते हैं। Risk table maintain करें:
const binRisk = await binLookup(card.bin); // 0..100
if (binRisk > 70) flags.push({ rule: 'high_risk_bin', score: 50, reason: `BIN ${card.bin}` });
if (binRisk === 100) return reject('blocked_bin'); // prepaid mass-issuance cards
High-risk BINs हैं prepaid cards (खासकर mass-issuance non-bank), sanctioned jurisdictions के cards, और recent fraud waves में दिखे BIN ranges। Table weekly refresh करें।
3. Device fingerprinting
Cookie-less fingerprint (fpjs, ClientJS):
import FingerprintJS from '@fingerprintjs/fingerprintjs-pro';
const fp = await FingerprintJS.load({ apiKey: process.env.FPJS_KEY });
const result = await fp.get();
// result.visitorId — stable hash, ~99% accuracy
const fpHistory = await db.fingerprints.find({ visitorId: result.visitorId });
if (fpHistory.chargebackCount > 0) flag.score += 90;
यह "एक real device — कई accounts" link करता है और mass-account-creation fraud पकड़ता है।
4. Comparison: Sift, Sumsub, in-house
| Provider | Type | Cost/transaction | Setup | Accuracy |
|---|---|---|---|---|
| In-house JSON rules | Rules | $0 | 1–2 weeks | 60–70% |
| Sift | ML-as-service | $0.04 | 1 day | 85–92% |
| Sumsub | KYC + fraud | $0.50–1.50 | 3 days | 80–88% |
| Riskified | Chargeback guarantee | 0.8–1.2% volume | 2 weeks | 90%+ |
| Stripe Radar | Payments में built-in | 0.5%/decision | 0 | 75–85% |
FoxReload partners के लिए recommendation: $500k/mo तक — in-house rules + Stripe Radar। $500k/mo से ऊपर — Sift या Riskified add करें। Sumsub सिर्फ तभी लें जब parallel में KYC भी चाहिए।
FoxReload API Integration Pattern
अपनी fraud pipeline FoxReload order flow से पहले run करें:
async function processOrder(customerOrder: CustomerOrder) {
// 1. अपना fraud check
const fraudSignals = await checkVelocity(customerOrder);
const binSignals = await checkBin(customerOrder.card);
const totalScore = [...fraudSignals, ...binSignals].reduce((s, f) => s + f.score, 0);
if (totalScore > 100) {
return { blocked: true, reason: 'fraud_suspected' };
}
// 2. FoxReload पर ऑर्डर
const order = await fetch('https://public-api.foxreload.com/api/orders', {
method: 'POST',
headers: {
'X-API-Key': process.env.FOXRELOAD_KEY!,
'Content-Type': 'application/json',
},
body: JSON.stringify({
items: [{ itemId: customerOrder.itemId, quantity: customerOrder.qty }],
isMock: false,
}),
}).then(r => r.json());
return order;
}
FoxReload API के order flow को समझना और उसके ऊपर fraud layer जोड़ना — यही production-grade reseller system का foundation है। Access पाएं।
