F5 Logo MyF5
Search
  1. MyF5 Home
  2. F5 Fraud Protection Service: BIG-IP Configuration
  3. Detecting Automatic Transactions
  4. Overview: Detecting Automatic Transactions
  5. Customizing Automatic Transaction default settings
Manual Chapter : Customizing Automatic Transaction default settings

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Customizing Automatic Transaction default settings

Customize the Automatic Transaction default settings if you want to change one or more of the automatic transaction alert scores or modify settings that determine if a transaction is bot-originated.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the relevant profile.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    URL List
    .
    The URL List opens.
  4. Click the URL or view on which you want to customize Automatic Transactions default settings (or click
    Add URL
     or
    Add View
     if you want to define a new URL or view with Automatic Transactions detection).
    The URL Properties (or View Properties) screen opens.
  5. In the URL Configuration (or View Configuration) area, select
    Automatic Transactions
    .
    The Automatic Transactions configuration options appear.
  6. Ensure that the
    Enabled
     check box for
    Automatic Transactions
     is selected.
  7. Click
    Advanced
    .
    The Automatic Transactions advanced settings are listed.
  8. For
    Bot Score
    , type a number to add to the total risk score of the anti-fraud profile if the system determines that the client is a bot and not human.
  9. For
    Suspected Bot Score
    , type a number to add to the total risk score of the anti-fraud profile if the system suspects (but has not verified) that the client is a bot and not human.
  10. For
    Minimum Mouse Movements
    , type the minimum number of mouse movements needed (per page load) for the system to consider the transaction to be of human origin.
  11. For
    Button User Interactions
    , type the minimum number of times the mouse should be placed on the
    Submit
     button on a web form for the system to consider the transaction to be of human origin.
    If the mouse moves over the
    Submit
     button and then moves away, the count returns to 0.
  12. For
    Score
     (for
    Minimum Mouse Movements
     and
    Button User Interactions
    ), type a number to add to the total risk score if mouse movements or button user interactions are determined to be bot-originated.
  13. For
    Page Read Time (sec)
    , type the minimum number of seconds needed from when a web form opens to when the
    Submit
     button is clicked. The default is 2 seconds.
  14. For
    Score
     (for
    Page Read Time
    ), type a number to add to the total risk score of the anti-fraud profile if the time between when a web form opens and the
    Submit
     button is clicked is less than the number of seconds assigned for
    Page Read Time
    .
  15. For
    Tampered Cookie Score
    , type a number to add to the total risk score of the anti-fraud profile if the system detects that the Transactions Data cookie was removed.
  16. For
    Data Manipulation Score
    , type a number to add to the total risk score of the anti-fraud profile if the system detects data manipulation in one of the following situations:
    • If the HTTP request sent or received by the URL is URL-encoded and one or more parameters have the
      Check Data Manipulation
       attribute, the BIG-IP system checks for a difference between the actual value of a parameter and the expected value of a parameter sent when a user clicks a web form’s Submit button. If a difference is detected the score entered here is added to the total risk score of the anti-fraud profile, for each parameter marked with
      Check Data Manipulation
      .
    • If the HTTP request is not URL-encoded and
      Check AJAX Payload for Data Manipulation
       is enabled, the BIG-IP system checks for a difference between the actual value of the Ajax payload sent by the client's browser and the expected value of the Ajax payload. If a difference is detected, the score entered here is added to the total risk score of the anti-fraud profile.
  17. For
    Data Manipulation Maximum Score
    , type a number to limit the total combined score that can be added to an alert score when the BIG-IP system detects that data manipulation occurred on two or more parameters.
    For example, if you set
    Data Manipulation Score
     to 20 and the value here is 50, if the system detects data manipulation on 3 parameters a value of 50 is added to the alert score instead of 60 (which is the actual combined value).
    Data Manipulation Maximum Score
     is only relevant if the HTTP parameters are in query string or form format and two or more URL parameters have the
    Check Data Manipulation
    attribute.
  18. For
    Minimum Score to Send Alert
    , type a number for the minimum total score required to send an alert to the FPS Dashboard.
  19. Click
    Save
    .
    The changes you made to the Automatic Transactions settings are saved.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information