Vendor Selection (Operator Field Manual)

Pick tools by problem and volume tier, not by brand fame. Start with built-ins, then add only what you can measure.

What Matters (5 bullets)

• Define the problem first (fraud guarantees vs IDV vs alerts vs chargeback ops).
• Match tool model to volume: guarantees for low-capacity teams; rules/decisioning for control.
• Start with processor-native fraud tools; upgrade when false positives or losses justify it.
• Run a scoped pilot with a clean A/B split; measure auth, fraud, chargebacks, support tickets.
• Contract for exit: data export, token portability, and notice periods.

Minimum Viable Stack by Volume

• Under $100k/mo: Processor fraud tools (Radar/RevenueProtect/etc.), AVS/CVV, 3DS for high-risk only, enrichment (Order Insight/Consumer Clarity).
• $100k–$1M/mo: Add alerts (RDR + Ethoca/CDRN), consider guarantee vendor pilot on a segment, start IDV for high-risk flows.
• Over $1M/mo: Dedicated fraud tool (rules + ML), alert automation, IDV orchestration, dispute vendor if volume-heavy.

Tool Categories and When to Use

• Fraud guarantees (Signifyd/Forter/Riskified): If you lack headcount and want liability off your plate; watch approval impact and fees.
• Rules/decisioning (Sift/Kount/Fraud decision APIs): When you want control and tuning; requires analyst time.
• Processor-native rules (Stripe Radar, Adyen Risk, Braintree): Use first; tune before buying anything else.
• IDV/KYC (Persona, Sardine, Alloy): For account creation/ATO issues; not for card-present fraud.
• Alerts/Enrichment (Verifi RDR/CDRN, Ethoca, Order Insight, Consumer Clarity): For chargeback deflection and statement clarity.
• Chargeback management vendors: For high dispute volume; insist on win-rate by reason code and CE3.0 capability.

Pilot Plan (2–4 weeks)

• Scope: one segment (country/method/traffic slice). Keep a clean control.
• Metrics: auth rate, fraud rate, chargeback rate, false positives, customer support tickets.
• Success: net revenue lift (approved-good – fraud/fees) with stable CX (tickets flat/down).
• Exit: documented rollback; keep original routing ready.

Ask Before You Buy

• Pricing: per tx, % of GMV, or % of “approved/fraud covered”? Any minimums?
• Data ownership: Can you export decisions, scores, device data?
• Portability: How to turn off, and how fast? Any penalties?
• Coverage: Brands/regions supported? 3DS support? CE3.0 data support?
• SLA: Uptime, response latency, support response times.

Where This Breaks

• No control group: you can’t prove lift.
• Blended traffic in a “pilot” hides false positives.
• Guarantee vendors driving lower auth to reduce their liability.
• Overlapping tools (processor rules + vendor rules) double-blocking good orders.

Next Steps

Picking your first vendor?

1. Check minimum stack by volume - What you actually need
2. Understand tool categories - Guarantees vs rules vs alerts
3. Plan your pilot - Scoped test with control

Evaluating a specific tool?

1. Ask before you buy - Pricing, data, portability
2. Watch for pitfalls - No control group, double-blocking
3. Run clean A/B - Measure auth, fraud, chargebacks

Need detailed evaluation?

1. Review selection guide - Full process
2. Explore vendor landscape - Market overview
3. Set up experimentation - Testing framework

---

Related

• Processor Rules Configuration - Native fraud tools
• Vendor Selection Guide - Detailed selection criteria
• Vendor Landscape - Market overview
• Chargeback Alerts - RDR, Ethoca, CDRN
• Processor Reporting Checklist - Data requirements
• Risk Scoring - Score-based decisioning
• Identity Verification - IDV tools
• Buying Payments - Processor selection
• Processor Management - Ongoing relationships
• Rules vs. ML - Detection approaches
• Benchmarks - Performance targets
• Experimentation - Pilot testing