![[CyberSource logo]](images/cybslogo.gif)
Search documentation:
|
|
Search documentation: |
| Help Advanced | |
| Published 08/06/2002 |
|
Chapter 6
Best Practices
This chapter describes best practices for using Risk Manager.
Rules
Keep your rules simple so that they are easier to maintain.
Use clear, short names for your rules that accurately describe how they evaluate an order.
If you have a particular rule or set of rules that will be used more than once in a business, put them into their own module.
Consider using a single custom parameter (such as rule_code) to store a code indicating why a transaction was accepted, rejected, or reviewed. You could then use your order management system to interpret these codes and prompt the customer for more information if necessary.
Make sure your rules account for all possible values of a field, including cases where the field is missing entirely. Consider creating rules such that if an unexpected value is found, you mark the transaction for review rather than accepting it.
Make sure your rules do not include features that your license does not support.
Modules
If a strategy becomes very long or complicated, move some of the strategy's rules into a module.
If you have several strategies that need to use the same rules, create a module that includes those rules.
Before you edit a module, make sure that your changes will not cause problems for the strategies that use the module.
Hotlists
When you use the ListCheck plug-in, make sure to create rules that process the result of the hotlist checks.
Put positive hotlist checks at the top of your strategy. This ensures that you do not inadvertently reject or review orders from your best customers.
Velocity
Make sure you run the VelocityInsert plug-in as a pre-process plug-in. If you do not, the VelocityCheck plug-in will not work correctly.
Testing
Before you deploy a strategy and use it on your production server, make sure you test it on a test server.
Create tests that check both the true and the false branch of each rule.
After you deploy changes to an existing strategy, run regression tests to verify that the strategy works correctly.
Documentation
Document the maintenance tasks for the Risk Manager server administrator.
Document how to start and stop the Risk Manager server in your environment.
Maintenance
Trim your Decision Server's velocity table every seven days to ensure that it does not grow too large.
Create a process for evaluating proposals to change a strategy. Follow the process before you implement any changes.
Review your strategies every month to ensure that the rules are appropriate for your business and your current fraud patterns.
Analyze information about your chargebacks, then determine how you could improve your strategies to prevent similar chargebacks.
| Copyright © 2002 CyberSource Corporation. |
| |
|
|
|