Transaction Decisions and Risk Scores

Each executed transaction An executed business process that is associated with an account. The transaction applies credentials for the account to a workflow and contains the decision rendered by the workflow. includes a decision. The decision is based on the risk score A numeric value calculated for a capability or workflow indicating the level of fraud risk associated with the evaluated credentials.that indicates the overall level of fraud risk for the transaction. The decision is provided as a JSON object in the Workflow Details response and can be seen in the Portal.

Example: Decision Object

"decision": {
        "type": "WARNING",
        "details": {
            "label": "WARNING"
        },
        "risk": {
            "score": 50.0
        }
    }

Risk Scores

Scores for transactions range from -1 to 100, with:

-1 indicating that the workflow was not executed.
0 indicating no identified risk.
100 indicating extremely high risk.

Transactions that are initiated but not completed receive a score of -1, along with a decision:type value of NOT_EXECUTED. This typically occurs when the end-user abandons the customer journey before successfully submitting the required credentials. For example, if the authorization token expires before the credentials are received the decision data will include:

 	"decision": {
		"type": "NOT_EXECUTED",
		"details": {
			"label": "TOKEN_EXPIRED"
		},
		"risk": {
			"score": -1.0
		}
	},

Decision Types and Labels

The transactions is assigned a decision type value based on the score. By default the decision types are determined as follows:

PASSED = 0-30
WARNING = 31-70
REJECTED = 71-100
NOT_EXECUTED = -1

The decision type thresholds can be configured to meet your needs and risk appetite. Contact Jumio Support.

Decision Details Labels

Decision Type	Label	Description
PASSED	PASSED	Label is the same as the type value.
REJECTED	REJECTED	Label is the same as the type value.
WARNING	WARNING	Label is the same as the type value.
NOT_EXECUTED	TOKEN_EXPIRED	The bearer token obtained from the Creating or Updating Accounts response expired prior to finalization.
NOT_EXECUTED	SESSION_EXPIRED	The session expired prior to finalization.

Capability Decisions

Each capability A low-level business process that implements all or part of a service or risk signal. Individual capabilities provide the reasons for determining the transaction decision. or risk signal Risk signals are additional third-party services that can be invoked by a workflow. They are typically used to augment the standard services and provide extra assurance for determining the end user’s fraud risk. that is called by the transaction workflow returns its own risk score and decision type. For transactions that call a single service, the transaction score and decision type are the same as the service score. However, the service is first assigned a decision type based on factors specific to each service, and the service score depends on the decision type:

PASSED = 0
WARNING = 50
REJECTED = 100
NOT_EXECUTED = -1

See the reference topics listed under Capabilities Reference and Risk Signals for descriptions of when and why the decision types are assigned.

For workflows that call multiple services or risk signals, the overall transaction score is calculated from the weighted average of each of the services. Weights are applied so that more significant services and signals have a greater impact on the overall score.

The values of any rules that are triggered by the transaction also impact the overall score. See Rules Management.