Fraud Defender Onboarding

This guide will explain how to configure your account for use with Fraud Defender, allowing you to limit your exposure to fraudulent activity.

Please note: If you manage several API keys, you'll need to set Fraud Defender up for each API key.

Review & Manage Fraud Notifications Recipients

Make sure you receive Fraud Defender notifications and manage additional recipients.

  1. Log in into your Vonage account

  2. Go to API Settings

  3. Click on the Notifications tab. Only the account's primary user (i.e. user/email address who created the account) is able to access the Notifications tab.

    Notification tab

  4. Scroll to Subscription Configuration (1), expand the Fraud section (2), and ensure the flag is enabled (3).

    Subscription

  5. To see and manage notification recipients, click on the pencil icon.

    Subscription edit

  6. Review and manage fraud notifications recipients in the email text box or set up a Webhook URL.

    Create a fraud defender subscription

Block all the destinations and channels you don't have business with (FD Standard)

Fraud Defender Traffic Rules allow you to prevent fraudulent activity impact by blocking traffic (Voice and/or SMS) going to countries/prefixes you don't have business with.

To prevent being impacted by fraudulent activity, you should completely block for all countries the channels you are not using (Voice or SMS) — in other words make sure you only allow Voice or SMS traffic to the countries you do have business with.

High-risk countries are blocked by default for Voice traffic. It is necessary to override the default block by creating an allow rule.

If your product is present worldwide, you should create a block rule for every country you don't have business with. On the other hand, If you have business with only a few countries and need to block the rest:

  • First, create ALLOW rules for the countries you wish to send traffic to. Ensure these are in place before proceeding to create block rules, otherwise traffic will be dropped as soon as the subsequent BLOCK rules are created.
  • Next, create 9 BLOCK rules (BLOCK 1, BLOCK 2, …, BLOCK 9).

You can access traffic rules from the Fraud Defender Dashboard, click here for additional documentation.

Spot fraudulent activity with Volumetric Alerts (FD Standard)

Volumetric Alerts are automatically raised per country/prefix once our algorithm detects a potentially abnormal traffic increase.

Important: A minimum traffic volume per country is required; countries with less than 1,000 SMS / Calls in the last 12 hours won't generate Volumetric Alerts.

You can proactively check for Volumetric Alerts in the Manage Alerts section.

To receive an email notification once the Fraud Defender generates a Volumetric Alert, make sure you have an alert action correctly set up:

  1. Go to the Alert Actions section and ensure you have an Alert Action with Volumetric changes type (1), and for both SMS (2) and Voice (3), and the notification is "Notify" (4). You can edit the alert action by clicking on the pencil icon (5) or create it by clicking on the Add button (6).
Alert acttions

  1. Click on the pencil icon to review and adjust the setup of your Alert Actions to meet your expectations.

    • Action Threshold: If you set a value for action threshold, Fraud Alerts with a traffic volume lower than the configured value won't trigger an Alert Action (i.e., a notification won't be sent). For example, if you set a value of 2,000, every Volumetric Alert with a volume below 2,000 SMS / Calls in the last 12 hours won't trigger the Alert Action; hence, you won't be notified.
    • Time Interval: The time interval allows you to suppress triggering an Alert Action for consecutive alerts for the same country. Once a certain Alert Action triggers, it won't trigger again unless the time interval has passed. The time interval is considered on a per-country basis: actions won't trigger only if the consecutive alerts happen for the same country.
    • Actions: If you choose the "Block" option, as soon as the Alert Action triggers, a block traffic rule will automatically be created for the country prefix that generated the alert (unless there are conflicting rules or a rule is already created). The "Review" option allows you to create a block rule with a single click.

Set Up the AIT Protection to block fraudulent traffic (FD Advanced)

The AIT Protection automatically blocks SMS going to potentially fraudulent destinations. Visit the developer guide and follow the instructions to set up the protection.

Set Up AIT Protection notifications

The AIT protection generates alerts ONLY when potentially fraudulent traffic is not blocked: AIT Fraud Alerts are only generated when you select protection levels "None" or "Standard".

It is necessary to set up an AIT Protection Alert Action to ensure you will be notified once you are under attack and, to prevent too many notifications, you need to define how much potentially fraudulent traffic is concerning.

The AIT Protection may generate every minute a per-country Fraud Alert indicating the amount of potentially fraudulent unblocked SMS in a 1-minute window (if any). You need to define how many potentially fraudulent SMS per 1 minute becomes worrying so an email notification is sent to you: that will be the Action Threshold for your AIT Protection Alert Action.

Alert action edit

Trusted Numbers: Prevent blocks to legitimate traffic (FD Premium)

All numbers you flag to us as trusted won't be blocked by the Fraud Defender protections you set up: Traffic Rules, AIT Protection, and SMS Burst Protection. Take a look at the developer guide for additional details.

If you are not an FD Premium customer, you can prevent blocks to numbers you trust through Traffic Rules:

Create an allow rule for the numbers you trust to prevent undesired blocks by AIT Protection.

Traffic rules

SMS Burst Protection: Set up traffic limits to mitigate impact of AIT Attacks (FD Advanced)

The SMS Burst Protection allows you to limit the impact of AIT attacks by automatically rejecting all traffic above the limit you define.

Take a look at the developer guide for additional details and follow the provided steps to set up the protection.

Custom Fraud Alerts: Receive alerts once certain traffic amount is reached (FD Premium)

Define traffic limits for several time intervals. Once the limit is reached, an alert will be generated. You can use Custom Fraud Alerts to control your spend per country and to automatically block abnormal traffic increases.

Take a look at the developer guide for additional details and follow the provided steps to set up the protection.