Fraud Monitoring

Getting started with the fraud detection suite

PartnerStack has partnered with Sift, an industry leading fraud detection network to provide channel managers and their compliance teams strong protection against undetected fraudulent partner activity.

Sift is trusted by brand like Twitter, Box, Doordash, Zipcar, Zillow, and Yelp and many others to provide robust fraud detection across hundreds of millions of data points.

In this article, you’ll learn the basics of the PartnerStack fraud detection suite and how to protect your channel from high-risk partners, and fraudulent activity that can impact your brand and bottom line.

Things to know

Here are some key things you should know about the fraud suite:

  • All programs have access to the fraud suite
  • Some elements of the fraud system depend on your integration
  • You must be an account Admin or have a Fraud permissions to access the fraud suite

About the fraud detection suite

You can think of the fraud suite as ever-present guardian that watches over your partner programs.

When key events occur in any of your programs, PartnerStack will run the event and user behaviour through the Sift network. If an event is flagged for review, you can take the appropriate action within the fraud suite.

What is happening behind the scenes?

At a high level, PartnerStack provides Sift data about observable events that occur on PartnerStack and through PartnerStack integrations. Sift then builds a risk assessment around each user and event, blocking and notifying the PartnerStack fraud team and your program manager when there is a decision to be made. For security reasons we can't go into full detail about our threat model.

Using the fraud detection suite

In this section we'll cover the events that PartnerStack passes to Sift, the logic used to determine fraudulent activity, as well as the actions available to you in the fraud suite.

Currently, PartnerStack monitors the following events for fraud:

  • A Partner joins your program (Partnership created)
  • A referred customer purchases your product (Transaction created)
  • Ongoing user behaviour across the PartnerStack network

Event

Data Monitored

Incidents that may raise an alert

Partnership created

  • User email
  • User session IP
  • User Device Fingerprint
  • Partner status in PartnerStack network
  • User country
  • User address
  • Email matching or similar to another existing address
  • Email has a suspicious domain name.
  • User IP associated with suspicious activity
  • User IP address does not match with the reported country
  • User device fingerprint matches another user's device fingerprint
  • User's location is far from reported address

Transaction Created

  • Customer email
  • Customer session IP*
  • Customer Device Fingerprint*
  • Transaction source information
  • Customer email matching or similar to another existing address
  • Customer email has a suspicious domain name.
  • Customer IP associated with suspicious activity
  • Customer IP address does not match with the reported country
  • Customer device fingerprint matches another customer's device fingerprint
  • Transaction source information is flagged as suspicious

User Behaviour

  • Behaviour in Partnerstack Portal
  • User metadata, historical behaviour
  • Unusual activity
  • Clustering of lower threat behaviours and metadata
  • Flagged behaviour on other platforms in the Sift network

Getting to the fraud detection suite

PartnerStack will let you know when we've identified any action suspicious enough to be blocked.

When PartnerStack blocks an event or partner, you will see a notification on your program dashboard under "Security Monitoring".

To review your suspicious cases:

  • Click the link in the Security Monitoring box or
  • Click "Fraud Management" in the menu
30583058

Understanding the fraud process and disputes

Once you're in the fraud management suite, you have a few options.

28142814

Reviewing cases, default behavior, and disputing decisions

Each case opened by the fraud system is easily filterable and searchable by name and the type of flagged object (partner, customer).

Each case will provide you with the following details:

  • Partner or customer name (click on to see further details)
  • Date flagged
  • The suspicious behavior that caused the flag

The fraud system is designed to not require any manual work by you or your team, however you may dispute the decision the fraud system has made by clicking the "Dispute Decision" button and providing a reason.

The PartnerStack fraud team will review your request and work with you to find the right decision for this partner or event.

Once the dispute has been opened, each disputed cases with display an icon with the current status of your dispute:

  • 👁️ eye icon - in review
24702470
  • ✅ checkmark - approved
24502450
  • 🚫 disabled - declined (with PartnerStack reason)
23782378

It can be helpful to know what happens by default if you do not dispute a case:

Type of object flagged

Default behaviour if you take no action

Partner

  • Partner cannot cashout funds from their PartnerStack account
  • Rewards created during or after flagged event will be in the 'hold' status
  • Partner will be removed from the program 30 days after flagged event

Customer

  • Transactions and rewards associated with customer are moved to a 'hold' status
  • Customer will be removed 30 days after flagged event

Frequently asked questions:

  • A partner was incorrectly flagged, how do I get the their rewards?
    • Rewards are held until the flagged partners and/or the flagged customers are disputed and the dispute is approved. Once approved, PartnerStack will generate the rewards as if the flag never happened, and then rewards will appear on the next invoice. If the event is flagged near the end of a billing cycle, the fraud review may result in the Partner receiving their commissions a month later than they would have.
  • Can I control the way the fraud suite behaves? Can I decided when a customer is flagged and when they are not?
    • The fraud detection suite is controlled by the PartnerStack fraud team, you cannot configure rules or logic for your individual program. If you have concerns that your
  • The same partner keeps getting flagged by your system. Can I whitelist certain partners?
    • You cannot whitelist partners. If you have concerns about an authentic partner who is repeatedly caught by the fraud system, please contact [email protected]
  • Will the fraud suite catch self referrals?
    • Yes.
  • What if I am concerned with the legitimacy of one of my referrals, or partners?
    • Good eye! Please reach out to [email protected] and we can ensure our fraud team takes a deeper look.

Did this page help you?