Rules Overview

Rules enable you to detect account fraud and prevent risky access to your systems. Each rule can contain one or more signals (or expressions) to determine whether the data associated with an account is valid or risky. Verosint provides several templates that you can implement, or you can create your own.

For example, you may want customers to sign up for your company’s new service. Registration may require a username, email address, and phone number. To be safe, you want to make sure each email address is valid, not found in any known breaches, and not from countries your company has restricted. You could create two types of rules to perform these safety checks.

Valid Email Rule - Create a rule and add the following signals for to check the validity of each incoming email address:

signals.email.malicious
Is this email a known malicious account?

signals.email.disposable
Is this email disposable?

signals.email.breachInfo.count
Is this email present in any current breaches?

If any of these are true for an incoming email, you can set the outcome of the rule to deny access, or you could have the outcome trigger additional security checks in your registration flow.

Country Access Rule - Create a rule and add the following signals to determine if the IP address is associated with an account coming from a country with which your company does not do business:

signals.ip.location.country == 'RU'
Is the IP address is coming from Russia?

signals.ip.location.country == 'CN'
Is the IP address is coming from China?

If it is determined that an account is coming from a restricted country, you can set the outcome of the rule to deny access and prompt for a customer-friendly message about service area restrictions.

Rules can be created, imported, and exported in the Verosint interface or through the Rules API. Rules defined in the Verosint interface can be exported and evaluated with the verosint tool. Imported and exported rules are in JSON format.