The Online Fraud check compares the location provided by the device that completes the verification to the location of the internet provider (IP).
The ideal result will show both locations in close proximity to each other and in the same country.
If the online fraud check has failed it does not automatically mean that the transaction is fraudulent. Valid reasons for failing the check include:
- if the person being verified is using a Virtual Private Network (VPN); or
- if the IP address has been sold at some point and is now located elsewhere
What to look for when an online fraud check doesn't pass
If the online fraud check has failed, use the following questions to assess the level of risk:
- How many other checks in the verification passed? The more checks that fail the higher the risk of fraudulent activity;
- Are the device-provided location and the IP location in different countries?
- Is the IP location in one of the top scamming countries? (search online for the most recent rankings)
Now what?
With the above points in mind, you will need to review the transaction against your organisation's risk appetite, and only once you have done this should you consider forcing a Match.
Read our article When is it OK to force match a transaction? for more guidance.