How is fraud detected?

  • Updated

Who is this article for?
This article will be useful to you, if are a company on PartnerStack, looking to understand your Fraud Management tab.

Looking for step-by-step instructions on how to use your Fraud Management tab? Check out our Using fraud management support guide.

Getting started with fraud management

PartnerStack has partnered with Sift, an industry-leading fraud detection network, to provide channel managers and their compliance teams strong protection against fraudulent partner activity.

Sift is trusted by brands like Twitter, Box, Doordash, Zipcar, Zillow, Yelp, and many others to provide robust fraud detection across hundreds of millions of data points.

In this article, you’ll learn:

  • Which of your teammates can access the Fraud Management tab
  • The basics of your Fraud Management tab and how fraud is detected
  • What data is monitored

Who has access to fraud management?

All PartnerStack programs have access to the “Fraud Management” tab. The Fraud Management tab is located in your dashboard's left-hand menu in the "Performance and Commissions" section

image (1).png
*test data used, no relation to real partners or customers

You must have Admin-level access in your program or have "Fraud" permissions toggled on by an Admin in your program to access the Fraud Management tab.

For more information on how to enable specific permissions for your teammates please see our Configuring teammate permissions support guide.

How is fraud detected?

You can think of the Fraud Management tab as an ever-present guardian that watches your partner programs for suspicious activity.

When key events occur in any of your programs, Sift will check the event for indicators of fraud. If a partner is flagged as potentially fraudulent, you can review the partner in your Fraud Management tab.

Some elements of the fraud system depend on your integration. For example, anonymizing your email records will have an impact on fraud detection performance.

What's happening behind the scenes in Sift?

PartnerStack provides Sift data about observable events that occur on PartnerStack and through PartnerStack integrations.

Sift then builds a risk assessment around each partner, and notifies the PartnerStack fraud team and your program manager when there is a decision to be made. For security reasons, we can't fully detail the threat model.

What happens to commissions for potentially fraudulent partners?

When a partner is flagged as fraudulent, their commissions' status automatically changes to "on hold". Every 15 minutes a check is performed to see if any commissions should be placed on hold based on currently flagged partners. If you mark a partner as trustworthy their commissions will automatically be taken off hold. 

How is fraud displayed in my dashboard?

You can view fraud flags on partners in your Fraud Management tab, in your Applications > Flagged tab, and on the partner level in your All Partner tab. 

In your Fraud Management tab partners will be segmented into three tabs: Active cases, Marked as trustworthy, and Removed partners. 

Partners will first appear in your Fraud Management > Active cases tab for your review.

Once you have reviewed the partner's fraud flag and checked your internal systems for additional indicators of fraud you can choose to either mark the partner as trustworthy, which will approve them to continue in your program, or remove them from your program.


If you mark a partner as trustworthy or remove them from your program they will be moved to the Marked as trustworthy or Removed partners tab within your Fraud Management tab. 

For more information on reviewing and actioning flagged partners please see our Using Fraud Management support guide.

In your Application tab, you will see the flagged applicant and the reason they have been flagged as potentially fraudulent. 


For more information on reviewing your partner applications see our Using application forms support guide.

How is fraud detected?

Currently, PartnerStack monitors the following events for fraud:

  • A partner joins your program (partnership created)
  • A referred customer purchases your product (transaction created)
  • Ongoing user behavior across the PartnerStack network (account updates)

Fraud logic by event

Event Data Monitored Incidents that may raise an alert
Partnership created

- User email

- User session IP address

- User device fingerprint

- Partner status in PartnerStack network

- User country

- User address

- Email matching or similar to another existing address

- Email has a suspicious domain name

- User IP address associated with suspicious activity User IP address does not match with the reported country

- User device fingerprint matches another user's device fingerprint

- User's location is far from the reported address

User behaviour

- Behaviour in Partnerstack Portal

- User metadata, historical behaviour

- Unusual activity

- Clustering of lower threat behaviours and metadata

- Flagged behaviour on other platforms in the Sift network

Was this article helpful?

2 out of 4 found this helpful