What are different customer insights

Data protection for customer data

  • 7 minutes to read

Fraud protection requires extensive knowledge. Microsoft Dynamics 365 Fraud Protection processes data about payment transactions, online account activity, and devices that interact with the e-commerce properties of Fraud Protection customers to help:

  • Prevent and identify fraudulent payment transactions
  • Identify legitimate transactions to reduce "false positives".
  • Enhance customers' online shopping experience

Fraud Protection was designed with compliance, security, reliability and data protection in mind and uses machine learning, artificial intelligence and data identification techniques to check payment transactions and certain account activities for risks and to provide customer insights into the health of their e-commerce businesses.


Microsoft is not a consumer reporting agency. The fraud intelligence generated by Fraud Protection is not intended to be used as a credit report or an indicator of creditworthiness or creditworthiness. The use of Fraud Protection is subject to the usage restrictions set out in the Microsoft Online Services Terms.

What data does Fraud Protection process?

Fraud Protection processes three types of customer data to provide the service:

  • Payment transaction data. This is information about our customer's online payment transactions (past and present). Payment transaction data can include:

    • The transaction amount and the information about the goods included in the order.
    • The name, email address, shipping address and other geospatial information associated with a payment transaction.
    • The result of a payment transaction, e.g. B. a chargeback.
    • Provide information about the payment method. Note that Fraud Protection does not provide full payment details such as payment details. B. contains the full credit card number.
  • Device data. This is information associated with the account activities of customers' end users (past and present), such as: B. Requests to create a new customer account or updates to an existing customer account. Account activity data includes:

    • Device properties such as installed plugins, processor class, etc.
    • Operating system attributes, such as B. Operating system information.
    • Browser-related attributes, if applicable, such as browser language, font, etc.
    • Network attributes such as IP address, signature hash, etc.
  • Account activity data. This is information about the devices that check the e-commerce properties of our customers, for example:

    • The account name and email address.
    • Information about when the account was created.
    • Information about events associated with the account, such as: B. if the shipping address or email address associated with the account changes.

Both payment transaction data and account activity data are provided to fraud protection by customers in two ways:

  • Customers use the Fraud Protection API to send the data associated with real-time payment transactions or account activity.
  • Customers upload data on past payment transactions and account activities through the service.

Device data is collected and transmitted to Fraud Protection when a customer installs a device fingerprint script in their e-commerce properties. This instructs Fraud Protection to collect data on its behalf from devices that visit the customer's e-commerce properties.

How does Fraud Protection process this customer data?

Fraud Protection processes the customer data described above solely for the purpose of providing the service in accordance with the instructions in the Microsoft Online Services Terms of Use and the instructions that the customer configured when administering the service. To provide the service, Microsoft uses customer data to secure, improve and correct errors as well as to generate fraud information from hacked data (see below) of all fraud protection customers within the fraud protection network (the fraud network).

Fraud Protection expands and restores customer data

Payment transaction data, account activity data and device data are expanded and restored to support the application of machine learning and artificial intelligence of the service. Example:

  • The transaction amount is converted into US dollars using the current exchange rate.
  • Addresses, such as the billing or shipping address, associated with a transaction are converted into a canonical format. For example, "One Microsoft Wy" becomes "1 Microsoft Way."
  • The device data recorded by a single device is then converted into a fuzzy identifier.

Fraud Protection breaks down certain customer data in order to be processed in the Fraud Network

Fraud Protection decomposes the customer data, which contains personal data that can identify a data subject, before it is sent to the fraud network, where it is processed to generate fraud intelligence. The decomposition technology used by Fraud Protection transforms this customer data into unique token or character strings. For example, the email address "[email protected]" is always mapped to the same character string as "TK239732". This technique serves the following purposes.

The technique produces the same output for an input (it is reproducible). The de-identification technique, which uses a specific salt for the fraudulent network and unique salts for each customer, ensures that the same input value is always assigned to the same output token. For example, the email address “[email protected]” is always mapped (assumed) to “TK239732” when the specific salt is used for the fraud network, regardless of which customer provides the input and when. With this feature, Fraud Protection can identify patterns of fraud and establish relationships between tokens across all Fraud Protection customers in the fraud network. By processing customer data with a unique salt assigned to only one customer, Fraud Protection can also provide customers with information about their own patterns of fraud, as Fraud Protection can create relationships between tokens for an individual customer. In this context, a "salt" is a random value added to a one-way decomposition technique that further randomizes the output.

The technology creates (practically) a 1: 1 assignment. Although the decomposition technique is technically not a 1: 1 assignment for a specific salt, the probability that two different input values ​​generate the same identified output value (so-called decomposition conflict) is negligible. This means that for practical purposes we can only rely on the relationships that are created between the tokens.

The technique is practically irreversible. This process makes it virtually impossible to reverse an identified token into the original input, identify a data subject from the tokens, or otherwise rehydrate the customer data without accessing the decomposition function and using the salt. Reversing the technique of rehydrating the data and rendering it to identify it would require a highly complex brute force attack.

The technology gives customers more security that their customer data will not be released to other fraud protection customers. The tokens in the fraud network cannot be linked to a specific fraud protection customer without access to the hash function, salt and raw data in that customer's dealer room.

Fraud Protection uses Artificial Intelligence for the tokens in the fraud network to generate fraud intelligence for Fraud Protection customers

Fraud Protection uses Artificial Intelligence to understand fraud patterns so the service can generate fraud intelligence for new real-time payment transactions and account activity for customers. These fraud findings include a risk assessment for the real-time event and reason codes for the assessment. For example, Fraud Protection can detect a suspiciously high volume of payment transactions within the fraud network, within a very short period of time, linked to a specific token (which a billing address can represent an IP address). When Fraud Protection detects this token in new real-time payment transactions, it provides the customer with a higher risk score and a reason code indicating that Fraud Protection detected a suspiciously high volume of transactions for a data attribute associated with the transaction.

Fraud Protection processes customer data in accordance with the business rules established by the customer

Customers can set business rules in Fraud Protection to automate their own analysis of a real-time transaction or account event, taking into account the risk assessment and reason codes. In addition to the fraud intelligence provided by Fraud Protection, customers e.g. For example, you can set up your own business rules to approve a payment transaction based on any number of factors including the transaction amount, the payment method used, or the contents of the order. A customer's business rules are treated as confidential customer information and customer data. Fraud Protection processes such data on behalf of the customer, in accordance with established business rules, in order to make a recommendation to accept or reject the transaction or event.

Fraud Protection enables customers to share information about the trustworthiness of the transaction with participating banks

Customers can use the transaction acceptance booster by signing up for the feature. With this function, customers can instruct Microsoft to release certain customer data, so-called information on the trustworthiness of the transaction, for participating banks when a payment transaction is started with a means of payment that is issued by the participating bank. The trustworthiness information of a transaction is a small payload of customer data that includes the evaluation of the transaction, the location and the device identity by fraud protection, as well as transaction-specific details such as the reduced card number and the amount that banks can use to match the correct purchase transaction .

By signing up for this feature, a customer instructs Fraud Protection to submit transaction trustworthiness information on their behalf to a participating bank when initiating a payment transaction for the customer's e-commerce property with a payment card issued by that bank becomes. For a specific payment transaction, the information on the trustworthiness of the customer's transaction is only released for the participating bank if a payment card issued by this bank is used to initiate this payment transaction.

Fraud Protection processes customer data to provide tools such as graphical reports to display fraud-related business intelligence

Fraud Protection uses customer data to provide tools to help customers understand how fraud affects the e-commerce business. Such tools include reporting functions, graphical displays, and support service functions.