Software analytical platform has two operational modes:
1. Immediate decision-making. Immediate rejection of payment upon the excess of scoring setpoints.
2. Delay of decision-making. All the payments are conducted. the decision on the payment has being made with a delay. The payment is marked as a suspicios. The remuniration on such payments are deducted in the course of settlement with the partners. A partner does not know which transaction is marked as suspicious until a calculation and reconciliation.
There is no ideal protection mechanism,any protection can be circumvented. Therefore, our task is to complicate and to make impractical an attempt to develop the algorithms to bypass the protection. Therefore, the recommended mode is the mode number 2. Since, if during the paymentan attacker immediately sees a mistake, he realizes that protection tripped. He immediately begins to look for the options to bypass the filters.
The most rational way to complicate the access violation is to circumvent the criminal whether he passes the security tests or not. For the trespasser, the transaction seems to be accepted, but on the side of the payment system the payment is marked as a suspicious one. Afterwards, in the course of payment, the suspected sums are deducted, and the balances of affected users might be refilled.
The circumscribed approach makes the access violation a time-consuming and tedious process, since the time laps between an attempt of abuse of the system and a visible result of it can be significant ( depending on the particular payment system, it takes from a day to several months). Moreover, the delay in the decision-making allows to accumulate the information about the course of the previous activity of the violators and to provide consequently the much more accurate results.