Antifraud operations models

Published on: 2024-08-10 18:29:56

Fighting fraud in eCommerce usually requires third-party providers. There are several types of antifraud providers, and the right choice depends on your business maturity and internal capability.

One option is fully outsourced antifraud with “insurance for chargebacks”. In this model, you pay the provider a premium rate to process payments. If a chargeback happens, the provider covers it from the “insurance” pool.

Another option is a hybrid setup, where you get a discounted processing rate and take responsibility for part of the chargebacks. The provider handles fraud detection and prevention, but you decide which orders to approve or decline.

The most advanced companies build internal fraud teams and use antifraud providers only for specific tasks, such as scoring, data enrichment, monitoring, or machine learning.

There are many options between these 3 models. The best way to find the right fit is to test a few and see what works for your company.

Fully outsourced model

In the fully outsourced model, the eCommerce company pays the antifraud provider a premium rate for payment processing. If a chargeback happens, the provider covers it from the “insurance” pool.

The main advantages of this model are:

  • You do not need to worry about chargebacks because the provider covers them.
  • You do not need an internal fraud team.

The main disadvantages of this model are:

  • You depend on the provider because it makes the final decision to approve or decline an order.
  • The provider has an incentive to reject slightly suspicious cases because unused premium improves its margin.
  • You do not have visibility into the fraud detection process, so improving it is difficult.

Hybrid model

In the hybrid model, you get a discounted rate for payment processing and take responsibility for part of the chargebacks. The provider handles fraud detection and prevention, but you decide which orders to approve or decline.

The main advantages of this model are:

  • You have more control over which orders are approved or declined.
  • You have visibility into the fraud detection process, so it is easier to improve it.

The main disadvantages of this model are:

  • You still need an internal fraud team.
  • You need to integrate with the provider’s systems.

Internal fraud team

The most advanced companies build internal fraud teams and use antifraud providers only for specific tasks, such as scoring, data enrichment, monitoring, or machine learning.

The main advantages of this model are:

  • You have full control over the fraud detection process.
  • You can adapt the fraud detection process to your needs.
  • You do not pay for a service. You pay only for the platforms that you use.

The main disadvantages of this model are:

  • You need an internal fraud team.
  • You need to know how to use the platforms that you pay for.
  • You need to keep up with new fraud trends.

Progression

A common progression is to start with the fully outsourced model. You start collecting data, build internal capability over time, and learn how the fraud landscape works.

As the company grows, it moves to the hybrid model. With a better understanding of the fraud landscape, it starts to understand case management and how to use data. By that point, enough data has been collected to optimize the provider’s rules.

Then the company builds its internal fraud team. That team includes more than case management and fraud operations. It also includes data analytics and machine learning specialists.

Once a company builds its own team, the focus shifts to improving rules, adding rules, finding data sources for enrichment, and improving scoring and detection.

Drivers of progression

The main drivers of progression are cost and customer experience.

  • With the fully outsourced model, a company pays a premium for every order. As order volume grows, costs rise. At some point, building an internal team becomes cheaper.
  • With the fully outsourced model, the company depends on the provider. Any change in the provider’s rules can change the customer experience. As the company grows, it usually wants more control over that experience.

What holds back the progression

The main reasons companies do not move on from the fully outsourced or hybrid model are lack of capability, scarcity of talent, operational complexity, and management cost.

  • Lack of competency: most companies do not have the internal capability to build a fraud team. They do not know where to start, what to do, or how to do it.
  • Scarcity of talent: it is hard to find people with the right skills. Even when you do, they are expensive.
  • Operational complexities: it is hard to set up the right platforms and processes.
  • Management costs: it is expensive to manage a fraud team. You need to invest in training, coaching, and platforms.

Where to start

There is no single solution for choosing how to handle antifraud. The right approach depends on your cost constraints and the internal capability you have now.

If your company does not rely on fraud operations as a core capability, as in the case of payment companies where fraud is one of the main capabilities, the better path is usually to move gradually from fully outsourced to fully managed.

If your company relies on fraud operations as a core capability, it makes more sense to start with a fully managed fraud team from the beginning.

When to build own team

The most important considerations when choosing a model are:

  • The size of your company: the larger the company, the more likely it is to need an internal fraud team.
  • The fraud landscape: the more complex the fraud landscape, the more likely it is to need an internal fraud team.
  • The customer experience: the more important the customer experience, the more likely it is to need an internal fraud team.
  • The cost of customer acquisition: the higher the cost of customer acquisition, the more likely it is to need an internal fraud team.
  • The cost of goods sold: the higher the cost of goods sold, the more likely it is to need an internal fraud team.
  • The volume of transactions: the higher the volume of transactions, the more likely it is to need an internal fraud team.
  • The customer lifetime value: the higher the customer lifetime value, the more likely it is to need an internal fraud team.
 

Related Articles

  • Tools Used in Online Fraud Prevention

    Online fraud prevention uses gateway checks, data enrichment, ML models, chargeback controls, transaction monitoring, and case management to reduce e-commerce fraud. This article outlines these methods and shows how to encode them into auditable decision logic for repeatable fraud screening.

  • Attribute and Model Management: How to Track Stability Without Weakening Your Decision Strategy

    Adding more attributes to a model does not always improve decision quality. If predictors are poorly grouped, weakly represented, or unstable over time, they can degrade model performance and create risk for the wider decision strategy. This article explains how to manage attributes and models with stability in mind, and why binning and categorizing predictors remains a practical way to keep automated decisions explainable, traceable, and reliable.

  • Building Anti-Fraud Competency Without Losing Control of Your Data

    Anti-fraud is not a product you install once and forget. It is an operating capability built from data, decision logic, traceability, and continuous tuning across the customer journey. Companies can buy parts of that stack, but if they outsource the core logic and enriched data, they often create a lock-in problem that is hard to unwind later.

  • The True Nature of Fraud and How to Build Anti-Fraud That Works

    Most anti-fraud programs focus on single bad applications, stolen identities, or suspicious transactions. That matters, but it misses the main point. The real fraud problem is not isolated opportunists. It is organized actors who treat fraud like a business, calculate return on investment, and target the weakest operators first.

  • How do you import a machine learning model that you trained in python

    This article walks through the basic steps for creating an API in Decisimo, from design and data preparation to region selection, endpoint testing, and payload structure. It then shows how to deploy a decision flow so your automated decision logic can start running through the API.