Transaction Review Guide

About

Instnt is a single signup solution that streamlines the consumer identity governance process for enterprises that rely on verified users accessing their services or products.  Our transaction review dashboard presents the intelligence securely collected on the identity of a user and an interpretable justification of the assessment made by our decision engine. 

Various factors are taken into account to finalize the aggregate decision. With the Instnt decision engine, we analyze end-user-supplied information performance data. The transaction dashboard pulls all the intelligence into one place, making assessments and comparisons simple and transparent. And the ability to file fraud claims, review transactions and override decisions from the dashboard. This document provides guidelines to help understand the decision-review process to accept, reject or review a user.

Transaction pane

Transaction pane consolidates all transaction review-related actions into one place called Transaction

TR1.png

  1. Go to Instnt dashboard. Sign in using your credentials. Tap the Transactions icon on the left to view the transaction review pane. This section lists the users that have applied via your onboarding workflow with the option to filter by name, email,  transactionID, or date. 
  2. To view transactions that are in review status, toggle the Review Only button. 
  3. The Dashboard is split into 6 sections: 
  • Timestamp: Time when the user applied
  • Transaction ID: Unique identifier generated by Instnt for applicants 
  • Workflow ID: Workflow used to sign up
  • Name: The user’s full name
  • Decision: Instnt decision based on the processing and verification of the user data
  • Action: Actions available for a transaction depending on Instnt's decision. Actions consist of the following: 
    • File claims: To file a claim for accepted (based on Instnt’s decision) users who commit fraud. This action is available only for accepted transactions. For more information, see the Claims section of this article.
    • Overwrite decision: To overwrite the ‘Rejected’ decision given by Instnt to any user if, on further investigation, you decide to accept them. This overriding of Instnt’s decision helps Instnt continuously improve models and fine-tune the decision engine to match your use cases. For more information, see the Overwrite decision section of this article.

Review decision: You can review a decision. This review process helps make Instnt’s decisioning robust over time by helping train our models and build trust. The number of cases going to review should decline as Instnt’s decision matches the profiles of the users and demographics that you serve. For more information, see Review a decision section of this article.

Transaction review pane 

The transaction review pane shows user transactions with details on all the collected data showcased in each tab and the attributes processed for the final decision.

To view details, select a transaction. A preview pane with a Justification Summary tab opens by default. The decision made by Instnt and all the details that the user entered preview on the left-hand side. You can see user profile details, including name, email, date of birth, mobile number, national id, address, photo, and transaction details. This view will be static with each tab for better interpretation, so you can always refer to the basics of the user profile when looking at any decision-making metrics available.

TP2.png

To view a transaction, select a transaction. The review pane opens, and the Justification Summary tab opens by default. Here, on the left-hand side, you can see the decision made by Instnt and all the details that the user entered. You can see their profile details, including their name, email, date of birth, mobile number, national id, address, photo, and transaction details.

This view will be static with each tab for better interpretation, so you can always refer to the basics of the user profile when looking at any of the decision-making metrics available.

Justification summary 

On the right-hand side of the overview pane is the Justification Summary tab. A list of positive, negative, and neutral reasons related to the decision made by Instnt. With reason codes to give you an insight into what information provided by the user matched against the PII (Personal Identifiable Information) data compared. These reasons are accounted for when deciding the authenticity of the user profile. You have the option to investigate the decision made. For more information, see the reason code glossary. 

TP2.png

Know Your Customer (KYC)

The KYC tab in our transaction review dashboard provides details of all the checks performed on a user and the outcomes. Including bar graphs to show the strength of these correlations for different subsets of features, a score of 100 being a perfect match, degrading towards zero for synthetic identities. This information is essential for compliance to ensure that all regulatory requirements meet. The assessment includes the following: 

  • The individual's names and date of birth are matched to global watchlists for sanctions (OFAC), political exposure (PEP), and adverse media.
  • Cross-correlation of the different elements of identity to see how well they match up to the intelligence returned from various data sources.

TP9.png

Match Details

In the KYC tab, select the arrow for a dropdown screen with match details. Depending on the number of matches, you can see the drop-downs. Following details are provided for better understanding: 

  • Match Status: The status of the information match, for example, partial match, potential match
  • Search Terms: The terms that were used to search the watchlist
  • Total Matches: The numerical measure of the total number of watchlist matches
  • Match Confidence: Numerical measure of confidence that the user's identity matched with the ones on the watchlist
  • Match Entity Type: The entity of a user that matched on the watchlist, for example, Name, address
  • Matched Name: The name that matched on the watchlist
  • Matched Types Details: The details of the match
  • Matched Watchlist Sources: Sources such as media links where vendors found the matches
  • Matched Watchlist Types: The type of the match, for example, adverse media match, adverse media-general match

TP3.png

Devices

The Devices tab contains two distinct descriptors: the device that was utilized by the end user during the onboarding process, and the geolocation data that was imprinted by that user. We provide details of the mobile devices such as if the OS is Android or iOS as well, if used for the onboarding process.

Adding in the device users used during the onboarding process brings you another step closer to creating a complete picture of the user. 

DT.png

These two descriptors are laid out as follows:

  • Device Fingerprint: The device fingerprint is a unique identifier that is used as part of our cohort and velocity metrics to track whether the device is being used as part of a fraud network.
  • Browser Name: The type of browser used (Firefox, Internet Explorer, Chrome, etc.)
  • Browser Major Version:  The general version of the browser used.
  • Browser Full Version: The branch of the major version of the browser used.
  • OS: Operating System used.
  • OS Version : The version of the operating system used.
  • Device: The type of device used (Laptop, desktop, mobile device etc.)
  • City: The city the device is located in.
  • Country: The device’s country of origin.
  • Continent: The specific continent that the user accessed the workflow from.
  • Subdivisions: Counties, prefectures, etc.
  • Postal Code: The zip or postal code where the device is located.
  • Time Zone: The time zone the device is located in.
  • Latitude/Longitude: The approximate latitude or longitude location of the device.

TP4.png

TP8.png

Biometrics 

Instnt's SDKs capture behavioral biometric markers passively in the background while end-users interact with your application. These markers are used to filter bot behavior and together with the supplied PII, verify the identity of the individual. Instnt analyzes thousands of interactions per session to distinguish between genuine users, bots, and cybercriminals. And the details of the user interaction are aggregated and represented in the Biometrics tab.

TP5.png

  • Bot Anomaly: This provides a flag determining if the user was a human or if there was bot activity. If the Bot Detection Flag is true, that indicates that robotic behavior was detected. 
    • Factors listed below are considered to distinguish human interaction from bot input:
    • Mouse Activity:  Speed, movement patterns, scroll preferences
    • Keystroke Movement: Speed, Shortcuts, Advanced Keys
    • Touchscreen Behavior: Press size, area, pressure
    • Device Movement:  Gyro, orientation, scrolling
  • Rat Anomaly: Rat (Remote access trojan) is a program used by intruders to control others' computers/devices.
    Rat anomaly flag in Instnt determines if any RAT program was detected. If the Remote Access Flag is true, that indicates the detection of one or more remote access protocols. 
  • Session Risk: This is a numerical measure of the potentially fraudulent activity while filling an application during the session in progress. The risk level can be greater than 1, and a range of 0 to1 is considered less risky. Any score above 1 is a high risk and should be investigated.
  • Hidden IP: Here, a Hidden flag of true is provided if the IP address or origin is hidden and cannot be detected. The flag is true if VPN use is detected or TOR exit nodes are found.
  • Different IP: This flag is true if the IP address changes during the active session or is different from the applicant’s last 20 sessions.
  • Behavioral Score: A numerical measure ranging from 0 to 1 indicating what degree the user behavior in the session matches the behavior in the trained user profile. For example, The score indicates the match in the behavioral data timing in a trained user profile and the applicants. The high score means that there is a little difference in the behavioral timing and a low score means the behavioral data timing of the logged-in user did not match the data stored in the profile.
  • Corrupted Session: A Session corrupted flag is provided, which is true if there was a session-level corruption such as unauthorized changes to the session.
  • Whitelisted: A whitelisted (e.g., an injured user who cannot type as usual) flag is provided, which is true if the user is designated a whitelisted user by any behavior sec administrator.
  • User Coached: A coaching detection flag is provided, which is true if the user has been probably coached or is not willing or threatened to perform the transaction.

These factors are correlated and returned in the values shown in the Biometrics pane above in order to create general scores for how trustworthy the user actually is. 

However, while this data is useful in determining underlying factors that may not be readily apparent when users submit data, the data must be compared against similar profiles pulled from available PII data or other registered users within your workflow.

Cohorts

The Cohorts tab contains velocity metrics that tracks how often identity components, devices, and IP addresses have been reused across the Instnt system in a 24 hour sliding window. These metrics help alert the Instnt decision engine about distributed and co-ordinated attempts to onboard using stolen or synthetic identities.

TP10.png

  • IP Frequency: The number of times the particular IP address has been submitted to the system as part of an onboarding workflow.
  • Name Frequency: The number of times the particular Name has been submitted to the system as part of an onboarding workflow.
  • Phone Frequency: The number of times the particular Phone number has been submitted to the system as part of an onboarding workflow.
  • Email Frequency: The number of times the particular email address has been submitted to the system as part of an onboarding workflow.
  • Address Frequency: The number of times the particular physical address has been submitted to the system as part of an onboarding workflow.
  • Device Frequency: The number of times the same device (fingerprint) has been submitted to the system as part of an onboarding workflow.

Models

The Models tab is the sum total of all of the data received by Instnt to produce a result via the previous panes of available information. The model details are informational and that Instnt internally manages optimal decisioning thresholds on the individual model scores to balance risk and growth profiles.

Each decision made by Instnt provides the following:

  • Aggregate Decision: The decision is returned as one of three results, Accepted, Rejected, or Manual Review. Note that users who are either Accepted or Rejected in this process can still be manually reviewed and their status changed if contradictory information arises that conflicts with score results.
  • Score: The total score produced by the engine to determine the risk of the application. This score ranges from 0 to 1.
    The higher a score is, the more likely it is a fraudulent application, the lower it is, the more likely it is that the application is legitimate. This is due to the number of connecting points of data that the engine was able to make via the user’s submitted information and Instnt’s available PII data.

TP6.png

Claims

Claims is the section where you can view and review all the claims that you have filed for any fraud committed by users who were accepted due to Instnt’s decisioning.

File a claim

To file a claim, perform the steps below:

Step 1: Log in to your Instnt dashboard and go to the transaction for which you need to file a claim.

TR1.png

Note: Claims can only be made on ACCEPTED transactions since these are the only ones covered under Instnt’s indemnification.

Step 2: To take action against a transaction, click on the Action column in the Transaction page where all the transactions are listed.

Step 3: You can see a Claims tab in the Transaction Review pane

CL1.png

Here, you can fill out the details of the fraudulent transaction by giving the following details:

  • Incident and Reported Dates: These fields are pre-filled with the date the Incident occurred and the date incident was reported respectively.
  • Loss Amount: You can fill in the amount that was lost during a transaction for which you are filing the claim.
  • Product: The type of product for which the fraud occurred. For example: Credit card or debit card etc.
  • Fraud Type: Here, you can select the type of fraud you encountered. The options that available are :
    • First party: A user enters their own truthful credentials correctly, and then commits a fraud.
    • Third party: Some other individual steals an identity and credentials, and then commits fraud with it.
    • Synthetic: When an individual creates a completely fake profile consisting of some mixed genuine and in-genuine credentials and if the identity gets verified, then they perform fraud. For example a blend of valid first name, invalid last name, valid phone number, etc.
  • Reason: The reason for filing the claim and details of the fraud that occurred.
  • Attachments: You can attach the supporting documents for your claim here.

Step 4: To submit the claim, click File a New Claim button at the end of the page. You can see that details have been saved and a new claim created. And in the Action column the claim for the transaction is in pending state.

Claim.png

Edit a claim 

Once you file a claim, and then you need to update any details or provide an attachment, you can edit that particular claim. 

To edit a claim, perform the following steps:

Step 1: Log in to your Instnt dashboard and go to the transaction for which you need to update a filed claim.

Claim.png

Step 2: To edit a claim for a particular transaction, click the specific transaction in the Transaction page where all the transactions are listed.

Step 3: If you have already filed a claim then you can see a Claims tab, click on Edit Claims button to edit the claim. You can now edit the details of the claim.

EDC.png

Step 4: Once you are done with the editing, click the Update Claim button at the bottom of the page. The claim gets updated.

Review a claim 

We provide you with an option to review all the claims that you have filed. 

If you need to review the status of the claims, or to review the different claims filed, then perform the following steps:

Step 1: Log in to your Instnt dashboard.

TR1.png

Step 2: There are two ways to review the claims:

Note: If you want to view a claim for a particular transaction, then click the specific transaction in the Transaction page where all the transactions are listed. Here, you can view the claim in the Claims tab.

EDC.png

Note: Claims tab only appears if a claim is being filed or already created against the transaction. If you want to review all the claims that you have filed for various transactions, then click on the Claims menu on the left hand-side. Here, you can review the claims that you have filed and their status for the different transactions.

RC.png

Reviewclaim.png

Review a decision

Reviewing a decision comes into play only when a transaction is processed and Instnt provides a decision to ‘Review’ a transaction/user. This functionality enables you to further investigate and verify an applicant and then take a decision if you would like to Accept or Reject a user/applicant.

Approve a decision

To approve a decision, perform the following steps:

Step 1: Login to your Instnt dashboard and go to the transaction with Review status.

Reject1.png

Step 2: If you want to accept the application/transaction, then click the Approve button in the Action column. A page to confirm the action opens. Here, you have a field to enter the details regarding why you are accepting the user/ applicant.

Approve.png

Step 3: Enter the comments as to why you are approving a transaction, and click the Approve button. If you do not want to approve then click Cancel.

Reject a decision 

Step 1: Login to your Instnt dashboard and go to the transaction with Review status.

Reject1.png

Step 2: If you want to Reject the application/transaction, then click the Reject button in the Action column. A page to confirm the action opens.Here, you have a field to enter the details regarding why you are rejecting the user/ applicant.

Reject.png

Step 3: Enter the comments as to why you are rejecting the transaction, and click the Reject button. If you do not want to approve then click Cancel.

Overwrite a decision 

Step 1: Login to your Instnt dashboard and go to the transaction with Reject status.

OD.png

Step 2: If you want to Overwrite the reject decision provided by Instnt for the application/transaction, then click Overwrite Decision button in the Action column.

Approve.png

Step 3: Enter the comments as to why you are approving a transaction, and click the Approve button. And you see the Eye icon to denote that the particular transaction was overwritten. If you do not want to approve then click Cancel.

ORD1.png

 

 

 

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request