Assess card transactions and plan risk strategy

Q: Assess card transactions and plan risk strategy

This is a Analytics & Experimentation interview question from PayPal for Data Scientist roles. View the full question and solution on PracHub.

Q: How do I approach Analytics & Experimentation interview questions?

Analytics & Experimentation questions require understanding of core concepts and practice. PracHub provides solutions with explanations to help you master analytics & experimentation interviews.

Question

Card Fraud Decisions and Cold‑Start Risk Strategy

Context

You are designing the first version of card risk controls for an online checkout platform. You have no production ML model yet and must rely on rules, step‑up authentication, and manual review. You receive feature summaries for two example card‑not‑present transactions.

Assumptions:

Liability for confirmed fraud is borne by the platform/merchant (no chargeback protection).
Features available at authorization time: merchant category (MCC), amount, velocity signals (per account/device/IP/card), geolocation comparisons, device fingerprint reputation, account tenure/behavior, merchant historical approval/chargeback rates.

Data: Two Example Transactions

Transaction A
- MCC: 5732 (Electronics)
- Amount: $1,199
- Account tenure: 1 day; 0 prior successful payments
- Velocity (last 10 min): account = 4 attempts; device = 19 attempts across 12 cards; IP = 35 attempts across 25 cards
- Geolocation: IP country = GB; card BIN country = US; shipping address = Miami, FL to a known freight‑forwarder ZIP range
- Device fingerprint: first seen yesterday; seen on 6 distinct accounts in 24h; 2 prior confirmed frauds tied to this fingerprint
- Merchant history: sitewide approval rate 92%; chargeback rate 0.8% overall, 1.5% for electronics >$500
Transaction B
- MCC: 5816 (Digital services/subscriptions)
- Amount: $29
- Account tenure: 3 years; 24 prior successful payments; no chargebacks
- Velocity (last 10 min): account = 1 attempt; device = 1 attempt; IP = 1 attempt
- Geolocation: IP city within 25 miles of billing ZIP; card BIN country matches IP country
- Device fingerprint: seen 60+ times over 3 years for this account only; no prior fraud associations
- Merchant history: approval rate 98%; chargeback rate 0.1%

Tasks

Decisioning
- For each transaction (A and B), decide Approve or Decline and justify using the features.
Cold‑Start Risk Strategy
- Propose concrete rules: velocity checks, geo‑velocity, MCC/amount limits, block/allow lists, step‑up authentication.
- Include specific thresholds and escalation paths (auto‑approve/decline → step‑up → manual review).
- Discuss the loss–friction trade‑off and expected direction/magnitude of impact on approval rate, chargeback rate, and false positive rate.
Adversary Modeling
- Enumerate likely fraudster tactics (e.g., card testing, mule addresses, BIN attacks, device spoofing, enumeration).
- Explain how you would detect adaptation over time and update rules or models accordingly.

Assess card transactions and plan risk strategy

Card Fraud Decisions and Cold‑Start Risk Strategy

Context

Data: Two Example Transactions

Tasks

Solution

Comments (0)