Non-payment, fraud, or misuse
- Partner Center
- Partner Center for Microsoft Cloud for US Government
- Partner Center for Microsoft Cloud Germany
You are financially responsible for fraudulent purchases by your customers and/or customers' non-payment of purchased services. Therefore, we strongly recommend that you put in place fraud prevention and detection risk mitigation controls.
Types of online risk
To avoid and/or address fraudulent activity or misuse, it's important to understand potential risks and to develop policies and practices that can reduce your exposure.
Risk exposure to be mitigated
Theft of service Customers who have no intention of paying for consumed services by using stolen payment instruments, providing false billing information, and/or defaulting on outstanding balances
Abuse of service Customers who use cloud services in violation of Microsoft’s acceptable use policy
Examples of possible fraud or service abuse
- DDOS attacks
- Bitcoin mining
- Malware distribution
- Resale of pirated subscriptions
Examples of online transaction risk
- "Credit card not present" transactions, i.e., transactions do not occur in person
- Misrepresented identities
- Services provisioned and used before initial payment are received
- Emerging markets/high-risk regions for online fraud
- The ability for bad actors to automate account creation and purchasing
Strategies for managing online risk
These recommendations can help you develop policies and practices that can reduce your exposure to online transaction risk through the lifecycle of your relationships with your customers.
When onboarding new customers
- Establish personal relationships with customers when possible, e.g. contact by phone
- Look for better ways to verify customers' credentials & background (credit bureaus/business commercial report agencies)
- Use SMS verification during sign-up to minimize exposure to robotic account creation and purchasing
- Identity management and tracking using services such as digital identity services
- Rigorous credit card fraud detection systems to assess customer financial strength
- Establish a clear collections policy that details your collections process and when access to subscriptions will be impacted (you can disable access or suspend a customer's subscriptions for non-payment)
Post-purchase customer account management
- Work with customers to understand their cloud usage business needs while setting appropriate monitoring thresholds >Note You can set a monthly Azure spending budget in Partner Center to monitor customer usage during the month and be notified when customers are close to their budget.
- Monitor customer activity logs regularly to help detect fraud early
- Take quick action when suspicious activities are detected
- Avoid giving customers full administrative access to subscriptions without first implementing risk mitigation controls
- Implement a process to quickly receive, review, act on, and respond to Microsoft notifications
Post-purchase customer billing management
- Request pre-payments prior to initial transactions and billing
- Don't accept high-risk payment instruments, e.g. pre-paid or stored-value cards
- Monitor customer payments and aging accounts receivables and aggressively enforce standardized dunning processes for late or non-payment
For more detailed strategies for mitigating online risk, see the Online transaction risk management guide.
If Microsoft detects partner or customer activity that we confirm or suspect violates the Acceptable Use policy, we will take enforcement steps. The customer could be immediately suspended, and you'll be notified of enforcement actions or updated on your requests by Microsoft.