Reviews

Overview

The Reviews queue contains transactions that have been flagged for manual investigation — either by PayMongo's default risk rules or by custom review rules you have configured. Transactions appear here after they have been processed (paid or failed), not before.

Your fraud team uses Reviews to inspect flagged transactions, understand what triggered the flag, make a judgment call, and close the review once it has been addressed.

What triggers a review

A transaction enters the review queue when it matches a review rule. The two default rules are:

review if risk_level: 'medium'
review if risk_level: 'high'

You can also create custom review rules based on payment amount, card country, billing email, IP address, or any other supported condition.

Investigating a review

Each review shows:

• The transaction details (amount, payment method, customer info)
• The risk score and risk level assigned by the machine learning engine
• The specific risk drivers that contributed to the score (e.g., unusual transaction amount, geolocation mismatch, suspicious email domain)
• The rule that triggered the review

Use this information to determine whether the transaction is legitimate or suspicious.

Closing a review

Once you've investigated a transaction, select Close Review. This marks the review as addressed and removes it from the active queue. Closing a review does not reverse or refund the transaction — it only clears it from the queue.

Best practices

• Clear your queue regularly. A large backlog makes it harder to spot genuinely urgent cases.
• Use filters to prioritize by risk score, risk level, or date range.
• Refine your rules if you notice patterns — for example, if a large share of reviews are clearly legitimate, consider adding an allow rule for that segment.
• Don't over-block. If customers are being unnecessarily flagged, use review rules instead of block rules while you gather more signal.