Managing non-payment, fraud, or misuse in Partner Center
Applies to: Partner Center | Partner Center for Microsoft Cloud for US Government
Appropriate roles: Global admin | User management admin | Admin agent | Billing admin
You are financially responsible for fraudulent purchases by your customers and/or customers' non-payment of purchased services. Therefore, we strongly recommend that you put in place fraud prevention and detection risk mitigation controls.
To avoid and/or address fraudulent activity or misuse, it's important to understand potential risks and to develop policies and practices that can reduce your exposure.
Enforcement of Microsoft Acceptable Use Policy
If Microsoft detects partner or customer activity that we confirm or suspect violates the Acceptable Use Policy, we will take enforcement steps. The customer could be immediately suspended. You'll be notified of enforcement actions or updated on your requests by Microsoft.
Abuse of service risks
Abuse of service risks means customers who use cloud services in violation of Microsoft's Acceptable Use Policy.
Examples of abuse of service
Examples of these violations of Microsoft's acceptable use policy can include:
- Distributed denial-of-service (DDoS) attacks
- Bitcoin mining
- Malware distribution
- Resale of pirated subscriptions
Theft of service risks
Theft of service risks means customers who have no intention of paying for consumed services. This theft may involve using stolen payment instruments, providing false billing information, and/or defaulting on outstanding balances.
Examples of service theft
Examples of these online transaction risks can include:
- Transactions that don't occur in person ("credit card not present" transactions)
- Misrepresented identities
- Services provisioned and used before initial payment is received
- Emerging markets and/or high-risk regions for online fraud
- Automate account creation and purchasing by bad actors
Managing online risk
You can use the following recommendations to help you develop policies and practices to reduce your exposure to online transaction risks in the lifecycle of your customer relationships.
Onboarding new customers
Suggestions for reducing online risks when onboarding new customers include:
- Establish personal relationships with customers when possible (for example, contacting customers by phone).
- Verify customers' credentials and background through better methods (such as using credit bureaus or business commercial report agencies).
- Use multi-factor authentication (such as SMS verification) during sign-up to minimize exposure to robotic account creation and purchasing.
- Manage and track identities using services (such as digital identity services).
- Assess customer financial strength through rigorous credit card fraud detection systems.
- Establish a clear collections policy. Detail your collections process and when access to subscriptions will be impacted by non-payment. (You can disable access or suspend a customer's subscriptions for non-payment.)
Managing customer accounts
Suggestions for managing customer accounts post-purchase include:
- Implement a process to quickly receive, review, act on, and respond to Microsoft notifications.
- Work with customers to understand their cloud usage business needs while settings appropriate monitoring thresholds. (For example, you can set a monthly Azure spending budget in Partner Center. This understanding allows you to monitor customer usage during the month and be notified when customers are close to their budget.)
- Monitor customer activity logs regularly to help detect fraud early.
- Take quick action when suspicious activities are detected.
- Avoid giving customers full administrative access to subscriptions without first implementing risk mitigation controls.
Managing customer billing
Suggestions for managing customer billing post-purchase include:
- Request prepayments prior to initial transactions and billing.
- Don't accept high-risk payment instruments (such as pre-paid cards or stored-value cards).
- Monitor customer payments and aging accounts receivables. Aggressively enforce standardized dunning processes for late payments or non-payment.
For more detailed strategies for mitigating online risk, see the Online transaction risk management guide.