mirror of https://github.com/valitydev/fraudo.git synced 2024-11-06 01:45:16 +00:00

Go to file

Kostya 0d0b51f3c8 Add chargebacks and refunds (#25 )		2020-05-28 11:32:12 +03:00
build_utils@cf6578dac7	Fix thread local (#23 )	2020-03-24 13:26:41 +03:00
src	Add chargebacks and refunds (#25 )	2020-05-28 11:32:12 +03:00
.gitignore	Add catch exception and change readme (#8 )	2019-02-06 12:13:30 +03:00
.gitmodules	Add dependencies and build modules	2018-12-07 10:57:13 +03:00
Jenkinsfile	Fix thread local (#23 )	2020-03-24 13:26:41 +03:00
LICENSE	Let's make it opensource	2019-12-03 18:35:39 +03:00
logo.jpg	Add logo	2018-12-04 17:18:50 +03:00
pom.xml	Fix resolve field (#24 )	2020-05-20 15:30:17 +03:00
README.md	BJ-681: readme fix (#21 )	2019-12-04 14:12:42 +03:00
syntax.png	Add catch exception and change readme (#8 )	2019-02-06 12:13:30 +03:00

README.md

Fraudo DSL

Language for describing antifraud patterns

Provides the ability to describe the required set of rules for characteristics and triggers for attempts at fraudulent actions

Syntax

OPERATIONS:

*   count("group_field", time_in_minutes|[from_offset, to_offset], ["group_by_additional_fields"])
*   countSuccess("group_field", time_in_minutes|[from_offset, to_offset], ["group_by_additional_fields"])
*   countError("group_field", time_in_minutes|[from_offset, to_offset], "error_code", ["group_by_additional_fields"])
*   sum("group_field", time_in_minutes|[from_offset, to_offset], ["group_by_additional_fields"])
*   sumSuccess("group_field", time_in_minutes|[from_offset, to_offset], ["group_by_additional_fields"])
*   sumError(("group_field", time_in_minutes|[from_offset, to_offset], "error_code", ["group_by_additional_fields"])
*   unique(("group_field", "by_field",time_in_minutes|[from_offset, to_offset], ["group_by_additional_fields"])
*   in(("field", "first", "second", ...)
*   inWhiteList("field")
*   inBlackList("field")
*   inList("test", "email")
*   inGreyList("email")
*   like("field", "regexp_in_java_style"[1])
*   amount()
*   country() - this function can return result "unknown", you must remember it!

group_field:

email,
ip,
fingerprint,
bin,
shop_ip,
party_id,
card_token

regexp_in_java_style

RESULTS:

*   accept 
*   3ds
*   decline
*   notify
*   normal

EXAMPLES:

Simple:

rule: 3 > 2 AND 1 = 1
-> accept;

Black list check:

rule: inBlackList("email")
-> notify;

Counts check:

rule: (count("ip", 1444) >= 10 OR countSuccess("email", 1444) > 5)
        AND countError("fingerprint", 1444, "error_code") > 5
-> notify;

Unique count emails for ip:

rule: unique("email", "ip") < 4
-> decline;

Check country by ip:

rule: country() = "RU"
-> notify;

Check current amount:

rule: amount() < 100
-> accept;

Catch:

rule: unique("email", "ip") < 4
-> accept
catch: decline;

Combined check:

rule:
inWhiteList("email", "fingerprint", "card", "bin", "ip") -> accept; # принимаем платеж, если хотя бы один из указанных параметров находится в вайтлисте

rule:
inBlackList("email", "fingerprint", "card", "bin", "ip") -> decline; # отклоняем платеж, если хотя бы один из указанных параметров находится в блэклисте

rule:
in(countryBy("bin"), "AS", "SD", "TR", "WE", "SD", "CD", "KL", "EW", "VF", "XZ", "CD") -> decline; # эти страны блочим всегда

rule:
amount() > 1000 AND in(countryBy("bin"), "DS", "LA", "AS") -> decline; # лимит суммы платежа 10 баксов для 

rule:
amount() > 1000 AND in(countryBy("bin"), "VC", "WE") -> decline;# лимит суммы платежа 10 баксов для некоторых стран

rule:
amount() > 10000 -> decline;# лимит суммы платежа 100 баксов для всех остальных

rule:
count("card", 1440) > 10 AND in (countryBy("bin"), "TR", "WE", "SD", "CD", "KL", "EW") -> decline;# этим странам 10 попыток с одной карты в сутки

rule:
count("card", 1440) > 5 -> decline;# остальным странам 5 попыток с одной карты в сутки

rule:
unique("card", "email", 1440) > 3 -> decline; # лимит 3 уникальных карты на емэйл за сутки

rule:
unique("card", "fingerprint", 1440) > 3 -> decline; # лимит 3 уникальных карты на девайс за сутки

README.md Unescape Escape