Managing nonpayment, fraud, or misuse in Partner Center

Applies to: Partner Center | Partner Center for Microsoft Cloud for US Government

Appropriate roles: Global admin | User management admin | Admin agent | Billing admin

You're financially responsible for fraudulent purchases by your customers and customers' nonpayment of purchased services. Therefore, we strongly recommend that you put in place fraud prevention and detection risk mitigation controls.

To avoid fraudulent activity or misuse, or to address them, it's important to understand potential risks and to develop policies and practices that can reduce your exposure.

Enforcement of Microsoft acceptable use policy

When Microsoft detects partner or customer activity that we confirm or suspect violates the acceptable use policy, we take enforcement steps. The customer could be immediately suspended. You're notified of enforcement actions or updated on your requests by Microsoft.

Abuse-of-service risks

Abuse-of-service risks are customers who use cloud services in violation of the Microsoft acceptable use policy.

Examples of abuse-of-service

Some examples of violations of the Microsoft acceptable use policy are:

  • Spamming
  • Hacking
  • Distributed denial-of-service (DDoS) attacks
  • Malware distribution
  • Resale of pirated subscriptions

Theft-of-service risks

Theft-of-service risks are customers who have no intention of paying for consumed services. This theft may involve using stolen payment instruments, providing false billing information, or defaulting on outstanding balances.

Examples of service-theft

Some examples of online transaction risks are:

  • Transactions that don't occur in person ("credit card not present" transactions)
  • Misrepresented identities
  • Services provisioned and used before initial payment is received
  • Emerging markets or high-risk regions for online fraud
  • Automated account creation and purchasing by bad actors

Managing online risk

You can use the following recommendations to help you develop policies and practices to reduce your exposure to online transaction risks in your customer relationships.

Onboarding new customers

Suggestions for reducing online risks when onboarding new customers include:

  • Establish personal relationships with customers when possible (for example, contacting customers by phone).
  • Verify customers' credentials and background through better methods (such as using credit bureaus or business commercial report agencies).
  • Use multifactor authentication (such as SMS verification) during sign-up to minimize exposure to robotic account creation and purchasing.
  • Manage and track identities using services (such as digital identity services).
  • Assess customer financial strength through rigorous credit card fraud detection systems.
  • Establish a clear collections policy. Detail your collections process and when access to subscriptions will be affected by nonpayment. (You can disable access or suspend a customer's subscriptions for nonpayment.)

Managing customer accounts

Suggestions for managing customer accounts post-purchase include:

  • Implement a process to quickly receive, review, act on, and respond to Microsoft notifications.
  • Work with customers to understand their cloud usage business needs while setting appropriate monitoring thresholds. (For example, you can set a monthly Azure spending budget in Partner Center. This understanding allows you to monitor customer usage during the month, and to be notified when customers are close to their budget.)
  • Monitor customer activity logs regularly to help detect fraud early.
  • Take quick action when suspicious activities are detected.
  • Avoid giving customers full administrative access to subscriptions without first implementing risk mitigation controls.

Managing customer billing

Suggestions for managing customer billing post-purchase include:

  • Request prepayment prior to initial transactions and billing.
  • Don't accept high-risk payment instruments (such as pre-paid cards or stored-value cards).
  • Monitor customer payments and aging accounts receivables. Aggressively enforce standardized dunning processes for late payments or nonpayment.

For more detailed strategies for mitigating online risk, see the Online transaction risk management guide.