Lists & Flagging
Updated on 22.11.21
5 minutes to read
Lists & Flagging
This page allows you to manage all blacklisted, whitelisted and flagged values in your account. In order to add new values to the blacklist or whitelist, you can either enter the fields and values manually or upload a CSV file for faster action.
In both cases, when you press ‘Load’, you will see a list of the items that are to be added to the respective lists. You can then review the values and press the ‘Add to list’ button to finalise the black/whitelisting; comments and expiration dates can be added too.
Values can only be flagged from the transaction details, however you have the option to have every blacklisted value get flagged automatically.
This function allows you to overview your blacklist / whitelist rules for quality checks or reporting reasons. In addition to inputting data points manually you may also set overwrites, setting a preference in case two different states should apply to a transaction. This can be done through the Settings page, as described above.
Blacklisting a value will set the score to 100 for every transaction in the future containing the given data field. Only blacklist anything if you are certain that all related transactions are suspicious.
We recommend blacklisting browser hashes, IPs for a limited time (90 days maximum recommended) as well as user ids, emails, phone numbers and cookie hashes.
Whitelisting a value will set the score to 0 for every transaction in the future containing the same data field.
As with the blacklist, we suggest only whitelisting values that are more specific, such as User IDs, email addresses, card hashes, etc., as some more general data points can cause false negatives (such as an ISP or card’s bank name).
With Custom Lists, you can watchlist certain transactions and interactions without creating new rules with layers of parameters. Use this tab to monitor accounts, transactions, or users and test assumptions before making any changes.
Monitor suspicious activity: When you notice a sudden spike in suspicious behavior from a certain location, you can create a watchlist that monitors IPs from that specific area.
Test assumptions: No need to comb through the logs manually when you need to check something. Filter customers and transactions using the available data fields and save your search as a Custom List.
Update rules: Once you validate your watchlist, you can easily add a new rule to SEON and assign a risk score to these transactions automatically.
How to use it
1. Open SEON and head to Lists.
2. Click the Custom List tab.
3. Click + Add new Custom List.
4. Name your list.
5. Click Add.
6. Click the + Plus sign right of the data fields.
7. Now, you’ll be redirected to the Add New tab, where you can import a list from a CSV file or enter the data points manually.
8. Once you’re done, click Add to list on the right.
You’re all done! Now you can reference this list when you set up Custom Rules.
Flag as suspicious
If flagging is turned on, you can flag the email address, the IP address and the browser hash from the Transaction Details page by clicking the “Flag as suspicious” label under the value.
Flagged values are shared across SEON clients (like a shared pool of suspicious data-points) and can be seen when the value appears in a transaction. Rules can be set up based on these values.