# Why feedback and tuning matter

Mosaic's Fraud Prevention combines unsupervised AI-powered detection—which identifies emerging and previously unseen attack patterns—with supervised intelligence that learns from confirmed fraud and legitimate outcomes. This hybrid architecture enables organizations to detect both known and evolving fraud threats.

To improve fraud outcomes over time, you should implement a continuous feedback loop that connects detection results with labeling and tuning. This article explains how the feedback loop works and why each stage matters.

- For the mechanics of how each capability works, see [Risk labels](/guides/risk/labels), [Detection sensitivity](/guides/risk/fine-tune-detection-sensitivity), and [Risk rules](/guides/risk/rules).
- For guidance on building an effective labeling and tuning practice, see [Best practices](/guides/risk/feedback_loop_best_practices).


## Intelligence loop

Effective fraud protection operates as a continuous cycle.

div
```mermaid
flowchart TB
    A["<b>1. Risk Signals</b><br/>Mosaic collects device, network, and behavioral telemetry during every user interaction and identifies risk signals"] --> B["<b>2. Detection</b><br/>The predictive AI evaluates risk<br/>and returns a recommendation:<br/>allow · challenge · trust · deny"]
    B --> C["<b>3. Feedback (Labeling)</b><br/>Outcomes are confirmed through:<br/>manual review · chargebacks<br/>customer complaints · other tools"]
    C --> D["<b>4. Tuning (Optimization)</b><br/>Policies and thresholds adjusted:<br/>signal calibration using detection sensitivity · deny automation logic using rules"]
    D --> E["<b>5. Improved fraud outcomes</b><br/>lower fraud losses · fewer false positives · better customer experience"]
    E -->|"6. Continuous intelligence loop"| A

    classDef roundedRect rx:10,ry:10;
    class A,B,C,D,E roundedRect;
```

Fraud Prevention generates risk intelligence, feedback validates outcomes, and tuning transforms those outcomes into an improved fraud strategy. Together they create a self-improving fraud protection system.

To learn about the general risk detection and mitigation processing flow, see [Risk detection & mitigation flow](/guides/risk/risk_detection_mitigation_flow_f).

## Why feedback matters

Feedback establishes ground truth and provides business justification. Labeling does not replace [investigation](/guides/risk/risk-analytics)—it captures the outcome of investigation and makes it measurable and usable for optimization. It allows organizations to validate whether a recommendation was accurate and to provide additional context, such as the fraud scenario and the source of validation.

Common feedback sources include:

- Manual fraud investigations
- Chargebacks
- Customer complaints
- Input from other fraud or risk systems


By operationalizing feedback effectively, you can better understand:

- **Fraud capture**: How much fraud is being detected
- **Fraud leakage**: How much fraud is being missed
- **False positive rate**: How often legitimate actions are incorrectly flagged
- **Investigation efficiency**: Whether analysts are spending time on the right cases
- **Customer friction**: How often legitimate users are challenged or denied, measured through confirmed legitimate labels


Without feedback, fraud systems can generate recommendations and scores, but they cannot reliably measure or improve performance.

Note
For the mechanics of how labels work, how to assign them, and how they influence recommendations, see [Provide feedback with labels](/guides/risk/labels).

## Why tuning matters

Feedback alone does not improve outcomes unless it drives action. Tuning is the process of translating validated outcomes into a more effective fraud strategy. Mosaic provides three primary tuning mechanisms:

- **Label-driven ML refinement**: [Labels](/guides/risk/labels) feed back into Fraud Prevention's machine learning models, improving their accuracy over time as the system learns which outcomes were truly fraudulent or legitimate.
- **[Detection sensitivity](/guides/risk/fine-tune-detection-sensitivity)**: Adjust and calibrate the weight of individual risk factors so the risk score reflects your organization's priorities. For example, increase the weight of bot detection if automated attacks are your primary concern, or ignore a factor that generates noise in your environment.
- **[Rules](/guides/risk/rules)**: Create automation policies and enforce conditions that override or refine the system's default recommendations based on specific risk signals. For example, always deny transactions from a flagged IP range, or always allow actions from devices on your corporate network.


Together, these mechanisms help ensure Fraud Prevention recommendations stay aligned with:

- Fraud risk tolerance
- Customer experience goals
- Operational investigation capacity
- Evolving fraud patterns