API Dashboard
Vonage.com
Pricing
Support
Documentation
Blog
Code Hub
View All docs
Fraud Defender
Overview
Technical Details
Guides
AIT Protection
Fraud Alert Actions
Alerts
Fraud Defender Dashboard
Proactive Traffic Rules
Release Notes
Related Blog Posts

Releases

Release 1.2 (August 2024)

  • New Dashboard: The new Fraud Defender Dashboard replaces the lateral navigation menu. When you click on the Fraud Defender section you will be directed to the new dashboard, from there you will be able to navigate to the rest of the Fraud Defender site sections.
  • Alert Rules have been renamed to Alert Actions. Your Fraud Alerts are automatically raised. Through Alert Actions, you can define actions and email notifications to trigger once the Fraud Alert reaches your defined threshold. In any case, an Alert Action influences when a Fraud Alert is raised.
  • Alert Actions Modal Improvements. Now you can easily trigger your action for every Fraud Alert by selecting option “Trigger action for every Fraud Alert”, or, if you prefer, set a threshold value for the action to trigger.
  • Minimum threshold validation. Volumetric Fraud Alerts require a minimum of 1,000 SMS/calls in the last 12 hours to be raised, and we have added validation for the Alert Actions threshold, preventing values below 1,000.
  • Volumetric Alerts Email Notifications. We have enhanced the email notifications providing additional details about the alert volume and the applied automated actions.

Release 1.1 (June 2024)

This release includes:

  • AIT protection (both configuration and alerts)
  • Fraud Defender dashboard
  • Endpoints for traffic rules and AIT protection configuration exposed
  • Traffic rules redesign

Release 1.0 (July 2023)

  • When are Fraud Alerts generated? This release implements Volumetric fraud alerts. A volumetric fraud alert is generated when an abnormal traffic volume spike is detected based on the following criteria:

    • Absolute traffic volume observed on the API key in the past 12 hours is greater than 1,000 voice calls or 1,000 SMS messages.
    • In addition, the observed traffic volume in the past 12 hours is more than 6 standard deviations from the historical traffic mean over the past 90 days for the API key

    The above criteria are applied on a per-country basis. As a result, the volumetric fraud alert should only fire during a significant traffic spike that deviates significantly from normal traffic toward a destination.

  • How do I set my email address to receive fraud alert notifications? Your Fraud Notification email address is set in the API Settings menu under the Notifications tab. You can add multiple email addresses to the fraud alert subscription.

  • Can I receive other types of Fraud Alerts or set my own Fraud Alert thresholds? Further alert types and improved alert resolution will be added incrementally once they become available.

  • Can I create multiple Alert Actions to notify at one threshold but block at a higher threshold? In this release a single Alert Action per traffic type (voice/sms) is supported. The ability to set multiple alerts will be added in a future release.

  • How do alert thresholds work? The alert action threshold enables you to control how Fraud Defender responds to an incoming Fraud Alert by specifying what action to take based on the Action Threshold and Time Interval

    • Action Threshold is the minimum threshold at which the alert action will be triggered. For example, increasing the action threshold from the default of 1,000 to 5,000 would result in Fraud Defender ignoring smaller fraud alerts. This may be useful if Fraud Defender is generating too many email alerts based on normal ‘high burst’ usage patterns. Raising the limit to a more appropriate level would ignore expected spikes in your traffic, and only alert on a larger attack. Alternatively if choosing to auto-block traffic, you may choose a much higher threshold to avoid accidental blocking under normal usage conditions. Note: setting higher limits increases your risk exposure to fraud.
    • The Time Interval controls the grouping of incoming alerts to avoid sending too many notification emails when multiple alerts are raised. New fraud alerts received during the specified interval for the same product & country/prefix will be grouped together and will not result in a further email until the time interval expires. At that point a new alert group is created and another notification may be sent based on your Alert Action preferences.

  • I only need to send traffic to a limited number of countries. How do I block traffic to all countries except these without creating hundreds of rules? A "block all" rule is not supported in this release, but there is a simple workaround.

    • Firstly, create ALLOW rules for the countries you wish to send traffic to. Please ensure these are in place before proceeding to create block rules, else traffic will be dropped as soon as the subsequent BLOCK rules are created.
    • Secondly, creating 9 BLOCK rules will achieve a global "block all" (BLOCK 1, BLOCK 2, …., BLOCK 9).

In case you didn't find answer to your question, please reach out to Vonage support

Navigation

Releases
Release 1.2 (August 2024)
Release 1.1 (June 2024)
Release 1.0 (July 2023)