Zuora Fraud Protection
Zuora Fraud Protection is an AI-driven service integrated with Zuora Payments, designed to evaluate transactions in real time to reduce fraud losses and protect customer experience.
Zuora Fraud Protection is an opt-in,payment fraud detection service powered by LexisNexis® ThreatMetrix®. It is fully integrated into Zuora Payments and evaluates transactions in real time .
The service uses identity intelligence, device fingerprinting, behavioral analytics, and transaction context to assess fraud risk. Based on the evaluation, Zuora assigns a fraud decision determines whether a transaction should proceed to processing or be blocked.
Zuora Fraud Protection helps you:
-
Reduce fraud losses and chargebacks
-
Maintain consistent fraud decisioning across gateways and payment methods
-
Minimize false declines
-
Protect customer experience
How Zuora Fraud Protection works
When Zuora Fraud Protection is enabled,transactions and payment method activity are evaluated in real time beforeauthorization.
In Zuora, you can configure whether fraud screening applies to:
-
Transactions initiated through Zuora Hosted Payment Method (HPM) pages
-
Transactions created through the Zuora UI, APIs, or payment runs
WhenWhenever a payment method is added or a payment is initiated, Zuora sends the relevant transaction data to LexisNexis ThreatMetrix for evaluation. Each interaction is treated as a transaction and classified by an event type that reflects the action being performed. For example:
-
addpi — Add payment instrument
-
mit — Merchant-initiated transaction
ThreatMetrix evaluates each transaction using identity, device, behavioral, and contextual signals.
Based on the risk assessment returned by ThreatMetrix, Zuora assigns one of three fraud decisions:
-
Pass
-
Review
-
Reject
This decision determines whether the transaction proceeds to the payment gateway, requires further review, or is blocked before authorization. This process ensures that fraud controls are applied consistently during both payment method creation and payment processing, without disrupting the standard Zuora payments workflow.
Review status and payment gateway behavior
ThreatMetrix evaluates each transaction and returns one of three review statuses: Pass, Review, or Reject. Zuora maps this response directly to a fraud decision that determines how the transaction proceeds.
| ThreatMetrix Review Status | Zuora Fraud Decision | Payment Gateway Behavior |
| Pass | Pass | Transaction is submitted |
| Review | Pass Review | Transaction is submitted |
| Reject | Reject | Transaction is blocked before authorization |
If the decision is Reject, Zuora creates a payment record and sets the payment processing status to Error.the transaction is not submitted to the gateway.
If the decision is Review or Pass, Zuora submits the transaction to the payment gateway for authorization. A decision of review means an inconclusive result from Zuora Fraud Protection was received.
Zuora Fraud Protection and security measures for HPM
For transactions initiated through hosted payment method pages (HPM), in addition to the evaluation from Zuora Fraud Protection, security settings enabled in Zuora for your hosted pages are also applied, such as rate limiting checks, token expiration, 3D Secure, and bot validation. For more information on the security measures for HPM, see Security measures for Payment Pages 2.0 .
Zuora Fraud Protection in Multi-Org and Multi-Entity hierarchy
Multi-Org manages all Org units within a single Zuora tenant. A single Multi-Org tenant corresponds to a single Zuora Fraud Protection environment.
Multi-entity oversees multiple Zuora tenants under an umbrella. Each entity has its own Zuora environment. The parent Zuora Fraud Protection environment can be used to extend rules, velocities, lists, and settings to the child environments and the children cannot override these configurations. Alternatively, each child environment can have its own set of rules, velocities, lists, and settings that are independent of other environments. Configurations in a child environment cannot be extended upward.