Setting up alert triggers

Once you've implemented the API connection and successfully started sending data to SEON, it is time to set up alert triggers and rules to detect suspicious behavior.

Go to the Alert triggers tab of the Alert page and click on New trigger. This will prompt a new alert once a transaction or a series of transactions meets the set conditions. 

Tip: Alert triggers use the same logic as the rule editor. Check our detailed guide on creating custom rules and parameters.

By clicking the New trigger button or opening an existing alert trigger, you'll be taken to the Trigger details page. 

On the top of the screen, you can add/edit the name, description and deadline for the alert trigger and use the toggle to turn on/off existing alert triggers.

To save changes, use the Save trigger button in the top right corner of the screen. 

You  can set up alert triggers based on four different types of conditions:

Setting up an alert based on custom parameters

Similar to the rule editor, you can define parameter types: 

• Data match: Compare two values in the same transaction. For instance, check for IP and card country mismatches.
• Compare: Compare a data field to a predetermined value using your chosen logic operator. For instance, you can create a trigger for any transaction exceeding $10,000. This is significant because financial institutions are required to report any transaction over $10,000 to the authorities.
• Velocity: This term refers to the comparison of historical values of a data field with a set value over a certain period. For example, a velocity rule can flag attempts at structuring by identifying numerous small transactions meant to avoid reporting thresholds. If a user has performed six transactions, each over $9000 within the past 24 hours, this rule will be triggered.

Setting up alerts based on transaction state

Another effective method for setting up an alert system within the SEON ecosystem is to establish rules in the rule editor with state actions. This action categorizes transactions into review or decline states. Subsequently, you can create alert triggers for these states.

Setting up alerts based on transaction score

Similarly to the state-based alert triggers, you can utilize the risk score generated by the Scoring Engine. This configuration allows you to establish risk score thresholds for triggering alerts. 

With this setup, you can implement multiple rules that may be triggered by minor traces of suspicious behavior, contributing to an aggregated score that is sufficient for triggering an alert requiring thorough investigation.

Setting up alerts based on applied rule

You can select a previously setup rule to be the condition of your alert trigger. Just click Add applied rule and select the rule you'd like to use from the popup window.