Kount
Kount is a leading provider of digital fraud detection and prevention solutions. It offers an advanced platform that helps businesses identify and mitigate fraudulent activities in real time. By analyzing numerous data points and utilizing machine learning algorithms, Kount helps organizations detect and stop fraudulent transactions, account takeovers, and other online threats. Its solutions are used across various industries, including e-commerce, financial services, travel, and more, to protect businesses and their customers from the risks associated with online fraud. Kount's technology aims to provide robust security measures while minimizing false positives to ensure a seamless and secure online experience. Thiio's advanced system has made significant strides in enhancing its capabilities by integrating with the Kount API. This integration empowers Thiio to leverage the robust features and functionality offered by Kount's powerful fraud detection and prevention platform.
The integration with Kount API enables Thiio to analyze multiple data points, including device information, IP addresses, geolocation, transaction history, and other relevant data, to assess the legitimacy of each transaction. This comprehensive approach significantly reduces the likelihood of fraudulent activities slipping through the system undetected.
Fetch API Keys
Access Kount’s Dashboard: Once your account is created and verified, log in to your Kount account and navigate to the ADMIN section on the top right menu. This is where you can manage your API keys and access other related resources.
Click on API Keys link.
Generate API Keys: Once in the API Keys section. Click on the Create API Key button.
A new form will pop up where we’re required to enter a name for the new API Key and it is important to check both options RIS and API.
Click on Create API Key; a new API Key will be rendered.
Fetch Website
From the Kount’s dashboard click on Fraud Control button on the top right menu.
Select Websites from the menu.
Once in this section if no website has been previously created, it is important to add a new one.
When the new form is shown fill the name of the website, add a small description and check on the ENS Enabled the Yes option.
Leave the ENS URL empty.
Click on the Add Website.
We’ll use this information when setting up the integration on Thiio’s admin later.
Create Submerchant ID as UDF
When using the same Kount account across different platforms it is convenient to have a way to differentiate them from each other. Kount provides User Defined Fields (USD) that can help us with this problem. In order to create a submerchant ID we need to follow the following steps:
From the Kount’s dashboard click on Fraud Control button on the top right menu.
Select User Defined Fields from the menu list.
Click on the Add UDF button
Add the label SUBMERCHANT_ID In order for the API to recognize and accept this value
Add a small description (optional)
Select Alpha-Numeric from the list
Click on Save UDF.
After these steps whenever a request is sent by Thiio to the API, this field will be present and it will be easier to identify which account is being used for validating transactions.
Kount RIS configuration file
As part of the onboarding process when opening a new Kount account, it's worth noting that the customer support team is known to provide a Kount RIS PHP SDK Configuration file. This configuration file is a crucial component for integrating the Kount RIS (Risk Inquiry System) PHP SDK into your application.
The Kount RIS PHP SDK Configuration file contains essential settings and parameters that enable seamless communication between your application and the Kount API. It typically includes details such as the API endpoint URL, authentication credentials, encryption keys, and other necessary configurations.
By providing this configuration file, the customer support team simplifies the integration process for developers. It ensures that the necessary settings are correctly configured, reducing the chances of errors and streamlining the setup of the Kount RIS PHP SDK within your application.
It is important to consult the customer support team or refer to the Kount documentation for specific instructions on how to utilize the provided configuration file. They will provide guidance on where to place the file within your project structure and how to reference it during the integration process.
The availability of a pre-configured Kount RIS PHP SDK Configuration file demonstrates Kount's commitment to providing a user-friendly experience and comprehensive support to their customers during the onboarding phase. It allows developers to quickly set up their Kount integration, ensuring a smooth and efficient integration with the Kount API.
The file looks something like the following:
; Kount RIS PHP SDK configuration
[RIS]
; Kount RIS merchant ID
; Your merchant ID will be assigned to you during the boarding process.
; Set your merchant ID here appropriately.
MERCHANT_ID=%1$d
; Kount RIS release version
; Set your version release number here appropriately, for now it has to match the release number in the branch you want to merge to master.
VERSION_NUMBER=0700
; SDK release version
; Set the sdk release version which will be used for git tagging in github
SDK_VERSION=7.0.2
; Kount Ris config key
; Set the config key and surround it with single or double quotation
; IMPORTANT! It must be set here or else an Exception will be thrown in the method hash()
; If one of the following characters are present in the configuration key: (`"`, or `'`) they need to be escaped.
CONFIG_KEY='%2$s'
; RIS end-point
; production: https://risk.kount.net
; boarding & testing: https://risk.test.kount.net
; beta testing: https://risk.beta.kount.net
URL=%3$s
; RIS connection timeout in whole numbers of seconds. Set to 0 for unlimited
; timeout (not recommended). The recommended value is 30.
CONNECT_TIMEOUT=30
; Client authentication certificate
; If certificate is a .pk12 file then it must be converted to PEM format.
; The UNIX command line tool 'openssl' converts .pk12 to PEM:
; `openssl pkcs12 -nocerts -in exported.p12 -out key.pem`
; `openssl pkcs12 -clcerts -nokeys -in exported.p12 -out cert.pem`
PEM_CERTIFICATE=/path/to/certificate.pem
PEM_KEY_FILE=/path/to/keyfile.pem
PEM_PASS_PHRASE=passphrase
; API authentication token. Use in favor of deprecated certificates for
; authentication.
API_KEY='%4$s'
[LOGGING]
; Specify the logger to use. The default loggers supplied with the Kount RIS
; SDK are NOP (a logger that silently discards all logging), and SIMPLE (a
; simple logger that writes messages to a specified file).
; See the README for more advanced logging configuration information.
LOGGER=NOP
; Logging level for SimpleLogger if it is enabled.
; Acceptable logging levels in order of decreasing severity are FATAL, ERROR,
; WARN, INFO, and DEBUG.
SIMPLE_LOG_LEVEL=INFO
; Specify the file name where the SimpleLogger will log messages to.
SIMPLE_LOG_FILE=Kount-SDK-Ris-PHP.log
; SimpleLogger log path. This is the directory where the log file will be
; located. This directory must have read and write permissions enabled for the
; PHP user. This directory must already exist.
SIMPLE_LOG_PATH=
;Logging variable to configure the logging of client-side timing metrics.
;Default value is OFF. Can be set to ON which will enable the logging when creating a RIS Request to Kount.
SIMPLE_LOG_RIS_METRICS=OFF
It is important to have the following information provided by Kount’s Customer Support Team in order to continue with the set up on thiio’s side.
MerchantID
Config Key
RIS Endpoint URL
Data Collector URL
Set up Kount
On thiio’s admin it is important to access to the integrations section from the menu on the left.
Then click on the add (+) button in order to open the catalog of integrations.
Search for the Kount integration.
On this form we’ll fill it out with the Website we created on the Fetch Website section above. The URL is the same url as the RIS Endpoint URL provided by Kount’s Customer Support team.
The data collector URL provided by Kount’s customer support team.
The key is the API Key we created on the Fetch API Keys section described above.
Merchant ID is the same provided by Kount’s Customer Support team.
And the Submerchant ID we got it from the Create Submerchant ID as UDF section above.
Persona Score & Omniscore
In the context of Kount, a persona refers to a profile or representation of an individual or entity engaging in an online transaction. It is a dynamic and data-driven identity that helps assess the risk associated with a particular user or transaction. Kount assigns a persona to each user based on various data points, behavioral patterns, and historical information.
The persona concept allows Kount to categorize users into different risk segments, ranging from low-risk to high-risk, based on the likelihood of fraudulent activity. By analyzing factors such as device information, geolocation, transaction history, and other relevant data, Kount's system creates and updates personas to provide a comprehensive risk assessment.
Omniscore, on the other hand, is Kount's proprietary risk scoring mechanism. It is a numeric value that represents the overall risk associated with a particular user or transaction. Omniscore is calculated using a combination of machine learning algorithms and historical data, incorporating various factors and indicators of potential fraud.
The Omniscore enables businesses to make informed decisions when it comes to accepting, reviewing, or declining transactions. A higher Omniscore indicates a higher level of risk, while a lower score suggests a lower risk of fraudulent activity.
Both the persona and Omniscore are integral components of Kount's comprehensive fraud detection and prevention system. By leveraging these tools, businesses can assess the risk associated with each transaction and take appropriate actions to protect themselves and their customers from potential fraud.
Persona Score & Omniscore
It is important to define a threshold for the Omniscore and the Persona Score. Thiio allows to work with them individually, meaning that we could evaluate transactions only using either Omniscore, Persona Score or both at the same time. For more reference about what these values mean please
review the information below gathered from Kount’s official website.
Persona Technology and Persona Score Usage
5 months ago
Updated
FollowNot yet followed by anyone
Persona Technology is a real-time unsupervised machine learning algorithm that identifies direct and indirect linkages between transactions. It is designed to detect emerging fraud across Kount’s vast network of online businesses and their transactions. The Persona Score is a measure of the transaction risk generated by Persona Technology.
Identifying a Persona
A Persona is a set of transactions linked by common attributes. Persona is not a static medium; but rather they are created and updated in real-time as transactions are submitted to Kount. Persona Technology is optimized to filter outdated transactions to ensure that a Persona represents current activity limited to the last 14 days.
Calculating Persona Score
In real-time, Kount derives over 200 data elements from a Persona that provide insight into the risk of a transaction. The score is calculated by analyzing these data elements via a proprietary mathematical algorithm. Some of the data elements that can impact the value of the score are as follows:
Device country location
Number of unique payment tokens, device IDs, or emails associated to the Persona
Specific attributes of the physical device from which the order was placed, including language settings, time zone settings, and other user-selected elements
Payment information
Network type
The score indicates the risk level for a given transaction based on data linked to other transactions. It ranges from 1-99, with 99 being the riskiest.
Interpreting Persona Score
Transaction risk is the inverse of transaction safety. The Persona Score is a measure of transaction risk ranging from 0 (low risk) to 99 (high risk). Higher Persona Scores indicate higher risk.
The table below provides guidelines for interpreting the Persona Score. These guidelines are based on analysis across Kount’s entire merchant base. Actual results for a merchant can vary depending on unique characteristics of the integration with Kount and the merchant’s business model. Please contact your Client Success Representative for assistance.
Persona Score | Risk Level | Description |
0-40 | Low Risk | Small Persona, few if any risk factors |
41-70 | Medium Risk | Some risk factors present in Persona |
71-99 | High Risk | Large Persona and/or significant risk factors |
Omniscore Overview
7 months ago
Updated
FollowNot yet followed by anyone
Omniscore is a transaction safety rating that can be used in rule creation and during the manual review process to determine the disposition of an order (approve, decline, review). It is the output of Kount's next-generation AI model analyzing hundreds of millions of transactions – their outcomes (including approvals, declines, chargebacks, refunds, etc.) and their real-time linkages and patterns.
Omniscore differs from previous scores in that it incorporates the most predictive components of both our supervised machine learning and our unsupervised machine learning, as well as other predictive factors, into one score.
The best of both worlds in one score
Omniscore uses two types of machine learning – unsupervised and supervised. The unsupervised machine learning focuses on short-term linkages and patterns, enabling it to catch emerging fraud attacks and anomalies that supervised machine learning cannot yet learn about due to the recentness of unseen attack types. Our supervised machine learning technology learns from historical data – decisioned orders and their outcomes.
The AI simulates how an experienced fraud analyst would review a transaction. The unsupervised machine learning aspect of Omniscore evaluates the transaction as a human would use instinct. The supervised machine learning aspect evaluates the transaction like the historical experience of seasoned fraud analysts. Together they allow Kount to calculate one highly-predictive transaction safety rating that can be relied upon for decisioning orders, so that there is less reliance on manual review and reactive fraud rules. The result is catching more true fraud and allowing more good transactions to generate revenue.
Interpreting Omniscore
Transaction safety is the inverse of transaction risk. Omniscore is an indicator of a transaction’s safety ranging from .1 (unsafe) to 99.9 (safe). A safe transaction will have a relatively high Omniscore and an unsafe transaction will have a relatively low Omniscore.
Designed to make good decisions more intuitive, the Omniscore can be likened to U.S. academic letter grades that range from F to A. Most transactions will rate in the 80s and 90s (Bs and As). Transactions with issues will rate in the 60s to 70s (Ds and Cs). The riskiest transactions rate below 60 (F).
Omniscore | Grade | Description |
90 – 99.9 | A | Very safe, multiple indicators of safety found |
80 – 89.9 | B | Indicators of safety found |
70 – 79.9> | C | Typically a mix of safe and risky indicators |
60 – 69.9 | D | Indicators of risk found |
0.1 – 59.9 | F | Very risky, significant indicators of risk found |
It is important to note that Omniscore is not a decision. It is a prediction of safety that is used by customers to decision a transaction (either automatically via creating a rule or manually while under review).
Low/High Omniscore anomaly
A Low/High Omniscore alert is generated when Kount has identified a decrease in high Omniscore ratings and/or an increase in low Omniscore ratings, on transactions within your merchant account. This means that increased indicators of risk were found, which can indicate a rise in fraudulent orders that may be worth investigating.
Creating a fraud rule with Omniscore
Since Omniscore is so accurate in predicting fraud, you can set one rule around it instead of creating large rulesets targeting fraud.
A suggested rule is to determine the decisioning threshold (at what value the Omniscore is set) based on the decline rate your expected fraud rate:
Desired Decline Rate | Omniscore Fraud Rule |
5% | If Omniscore < 61 Decline |
4% | If Omniscore < 49 Decline |
3% | If Omniscore < 37 Decline |
2% | If Omniscore < 25 Decline |
1% | If Omniscore < 13 Decline |
The decisioning threshold can be adjusted after analyzing decline and chargeback rates, and any other measures of performance important to the merchant.
Do not forget to link this new Kount account to the desired gateway from the Fraud Prevention tab present in the gateway configuration tab.