Using AMDL

Every entity that is processed by Real-Time Decisioning in an event has its own AMDL state, which is that entity’s AMDL-specific storage area within the Real-Time Decisioning behavioral profile database. This state persists between events. For example, you could store a consumer’s registration time, which is then accessible when processing all future events with that consumer. Alternatively, you could build a history of all the transaction amounts of a merchant over the past month, and access that information in future events. All state variables can be updated by values in an event and in other state variables. AMDL state is automatically initialized by the system the first time it is needed per entity.

State variables are specified using an update expression—that is, an expression providing a single value that is then used to update that state variable. The state variable is updated with the value of the update expression on every event.

Every state definition requires a single update expression, but how the value of that expression is stored depends upon the type of the state variable. The default type of a state variable is a single value. The variable contains the last value it was updated with and, each time the state is updated, that value is overwritten with a new one.

Annotations can be used to modify the variable type, as described in Annotations.

Comparing an entity’s behavior to fixed threshold values is one way to detect anomalous events and assess fraud and financial crime risk. However, sometimes you need to compare against a background or average value that describes the behavior of the population as a whole. For example, in many cases there might be seasonal variations in average transaction values and volumes, so that comparing transaction values to a fixed threshold might generate a much higher volume of false positives during periods of increased spending such as the run-up to Christmas or Black Friday.

This is where global state becomes useful. A global state expression defines a single variable that is updated by events for any entity of a given type so that it stores information derived from the entire population of entities. One of the main uses of global state is to compare the activity of one entity with a threshold or comparison value derived from the behavior of the whole population.

Entity state uses the state scope, and global state uses the globals scope. The exact syntax for state and global expressions depends on whether you are defining this state in the context of business rules or workflows.

For business rules, the syntax for entity and global state is the same as for any other AMDL expression. For example, to store the timestamp of the last event for each entity:

This stores the state of entities of the type defined for this expression.

To refer to the stored value of this state expression for the entity of the relevant type in the current event, you can simply use the scope state and the expression name. For example, to refer to the time of the last event for the current entity:

Global state expressions are defined in a similar way—for example, to store a rolling average of transaction values across all merchants, this expression could be defined under the merchant entity type:

This expression uses the @rollingAverage annotation. See Annotations for more information on using annotations to modify how state is stored.

This annotation, applied to entity or global state variables, keeps a track of the rolling average within a specified time period. This time period must be specified. It cannot keep track of a mean value over all time because it is implemented as an exponential moving average for performance and storage purposes. In general, with global state you want to know about overall trends across the entity population.

For workflows, which relate to one or more event types, you can define state expressions for different entity types, enabling each workflow to update the state for any of the entities present in the relevant event type or types.

This means that you need to define the entity type that a state update expression relates to in the definition of the expression itself. The basic syntax for defining and referring to entity state in workflows is state.<entity type>.<state expression name>. For example, to store the timestamp of each event in the state for the customer entity type:

To refer to this state expression, you can use the same syntax, including the entity type:

Note the use of .single(). This is a method that takes a collection with a single element and returns that element as a single value. For a complete list of methods, see Methods in the AMDL Reference.

This is necessary because state.<entity type>.<state expression name> returns a collection containing the value of the state expression for each entity of the specified type in the event being evaluated. Usually there is only one entity of each type, so you can use the .single() method to flatten that collection to a single value. If there are multiple entities of a given type present in a particular event type, you may need to use other strategies to select the state of the appropriate entity. See Rule references.

Global state works differently. Because the globals scope returns a single value, there is no need to use the .single() method to select one value from the output. However, it is still necessary to define the entity type that the expression relates to within the expression itself—global state is referenced using the syntax globals.<entity type>.<name> to store a global variable for the specified entity type. For example, to store a rolling average of transaction values across all merchants:

This could then be referenced as globals.merchant.averageAmount.

A rule is an AMDL expression defined in the rules scope, and consists of a boolean expression that is evaluated for each event that passes through the system. When creating business rules, this the most important type of expression.

Each AMDL expression applies to one particular entity type, such as customer accounts or merchants, and is evaluated for each entity of that type in each event. If the expression evaluates to true, the rule has triggered on that event. The general syntax of a rule is as follows:

As an example, you might want to create a rule that triggers when the value of a transaction exceeds 100 units of your base currency. This rule could be written as follows:

In general it is good practice to give the AMDL definitions descriptive names. In this case, the rule is named greaterThan100. You could include additional conditions in the rule—for example, you could create a rule that triggers only for an accepted transaction where the amount is over 100 and the currency is USD or GBP:

In addition to detecting large transactions, you might want to detect test transactions, which are low-value transactions intended to test the payment method immediately before a large transaction. To detect a low-value transaction followed by a high-value one, you need to store some information about the first transaction.

To store the value of the most recent transaction, you can write a state expression:

The @eventType annotation is used here to limit the execution of this expression to transaction events.

The entity type against which you write this expression is important, because the state is stored for this entity type. For the following event, if the above expression were written against the customer entity type, the value 100 would be stored for this variable in the state of the entity Customer1:

You can then reference this state expression in a rule, provided that rule is written against the same entity type. This state expression is evaluated for each transaction event, and the transaction value stored against the relevant entity. However, this evaluation is performed after the evaluation of rules and other expressions, so when a rule is evaluated the value of the state expressions it references are the values as of the most recent event previously seen for that entity.

For example, this rule triggers if a customer makes a low-value transaction (value less than 10) and their next transaction event is a high-value transaction (value over 100):

You can also write state expressions based on one event type, which are referenced in rules written against another event type. For example, you might want to store some information about a customer when they register, and use that information in the rule.

For example, suppose the registration event contains the following data:

You can store any of this against the customer entity type—for example, you might want to store the customer segment code to determine whether they are a VIP customer when the rules are executed:

This might be used to ensure that the test transaction rule does not apply to VIP customers:

The previous example includes a rule that triggers if a customer makes a low-value transaction followed by a high-value one, but that rule makes no reference to the time elapsed between those two transactions. With a typical test transaction, a high-value transaction is usually made shortly afterwards; a transaction with a low value is unlikely to be a test transaction if the following high-value transaction takes place a week later. Times and durations are therefore important in business rules. For more information, see Dates, times, and durations. To store the timestamp of each transaction for each customer, use a state expression:

You can then refer to this state expression to determine the elapsed time since the previous transaction. This means that you can modify the rule from example 2 to take into account the elapsed time since the low-value transaction—for example, to make the rule trigger only if it has been less than 2 hours since the previous transaction:

Here, state.previousTransactionTime and event.eventTime are both fields that contain datetimes, and subtracting one from the other gives a duration representing the elapsed time between the two events.

In the example above, a rule was created that checks the value and time of the last transaction and triggers if a low-value transaction is followed by a high-value transaction within 2 hours. However, this could fail to detect a test transaction if a customer’s card has been compromised and the card details are being used by both the criminal and the genuine cardholder.

Consider the following sequence of events:

There are no events in this sequence that match all the conditions in the rule. A better approach might be to keep track of the time since the last low-value transaction, and trigger the rule if a high-value transaction occurs within 2 hours of a low-value one, regardless of whether there were any intervening transactions.

You can use conditional assignment to create state expressions that only store a value when a certain condition is true. This allows you to create an expression that stores the time of the last low-value transaction for each customer:

This expression stores the date and time only if the value of the transaction is less than or equal to 10; if the value is greater than 10, the state expression is not updated. You can then create a version of the rule that refers to this state:

Given the following sequence of events, the rule now triggers:

Note the N/A in the first row. This is because on the first transaction for a particular customer, the state expression has not yet been evaluated and therefore returns a null value. This causes the execution of the rule to stop when it reaches the reference to state.previousLowValueTransactionTime, meaning that the rule fails to execute and does not generate any output for this event. Whenever an expression refers to a state variable that has no value for the current entity, or references an event field that is not present in the current event, that undefined value can cause expression execution to stop.

In reality, many state and other variable references return a null value. In most cases, this is the intended behavior. It makes no sense for the test transaction rule to trigger on the first transaction a customer makes, so when the rule execution stops this does not cause any issues. However, in some cases, it may be important to deal with or prevent references to state variables, event fields, or other variables from returning null and causing the execution of the referring expression to halt.

The default value operator is one approach. You can also use the @defaultValue annotation to provide a default value when defining state and global expressions, so that when an entity or entity type is first seen, the state variable already has a value.

Consider the case where you want to create a rule that identifies anomalously high spending. If normal behavior indicated an average entity spend of about $100, you might be inclined to specify a static threshold to trigger a rule if a transaction has a value over 500, for example. However, this might cause problems during times when average spend tends to be higher—during periods of time such as the run up to Christmas or Black Friday. It might be better in this case to track the average entity spending and compare the single transaction amount to this moving threshold.

To do this, you can define a global expression that stores state from all customers' transactions—for example:

Here, use the @rollingAverage annotation to make the expression calculate an average value instead of storing a value that is overwritten each time a transaction is processed.

You can then define a rule that generates a tag message for any transaction with a value more than five times the rolling average:

As described in Collections, you can also create collections in an AMDL expression. These can be useful for storing multiple values or comparing a field in the event data against a list of possible values.

For example, you might want to generate a tag to decline a high-value transaction at a merchant within a high-risk category as indicated by the Merchant Category Code (MCC):

This rule uses the using the contains operator (~#) to generate a tag message if the transaction value exceeds five times the global average and the MCC is one of those listed in the array.

To use this list of high-risk MCCs in several expressions or to separate this definition from the business logic of the rule itself, you could store it as a static value using the values scope.

You could then reference this static array in the rule to achieve the same effect as above:

Note that the values expression above must be defined for the same entity type as this rule.

You can also create expressions that store collections in entity or global state. For example, you might want to store a list of all the payment methods used with a customer account over the last year, and use that to trigger a rule if you see a large transaction using a payment method not seen before over that time. To store that information, you would write a state expression using the @set annotation:

You can then write a rule that checks whether the payment method being used in the current transaction event is contained in that set:

Here you can use the does not contain operator (!#) so the rule triggers if the value is over 500 and the payment method is not contained in the collection of payment methods for the current entity.

In some cases, you may want to suppress the generation of tags for specific events—for example, to prevent customers on a VIP list from having their transactions held or blocked.

The @suppressTag annotation suppresses tag emission from all sources, including AMDL rules, models, risk score thresholds and aggregators. Suppressed tags are never shown in the dashboard, and are removed from the outputTags key in the JSON response. However, any tags assigned by models are still be listed under tags within the models section of the response.

Because business rules are defined for a specific entity type, and tag suppression only work within an entity type—that is, if you write an expression with the @tag annotation for one entity type, and an expression with the @suppressTag annotation against a different entity type, the second expression does not suppress the tag generated by the first, even if they both trigger on the same event.

Rules can be configured to output a score using the @score annotation. The score for each rule is supplied as an argument. Scores may be positive or negative. The total of all the scores from triggered rules for a specific event is output as the businessrules model score. This score is rescaled in the same way that model scores are—a total score of 1 is equal to 100%. For example, for an event with an MCC of 5678 and an amount of $200, the following rules would output a total score of 0.3 (30%):

If the businessrules model score exceeds the overall risk score generated by any other models for an event, it is displayed as the overall risk score in the dashboard for that event. This may result in risk score bars with a score in excess of 100%, or a negative score. While this is displayed appropriately in the dashboard, it may or may not be appropriate to assign events a risk above 100%.

An analytical workflow consists of rule sets, scorecards, support variables, and parameters.

This first example demonstrates the simplest way to implement an effect, such as add a tag, using an analytical workflow. This workflow generates an explanatory tag for any transaction with a value over 1000. In the AMDL block, create a transient variable that stores a value from the relevant event. Then create a scorecard that uses this transient variable, and within that scorecard, define match conditions that trigger effects. This workflow consists of a single rule set and is mapped to the transaction event type.

A single rule set can include more than one variable used to trigger effects, and some effects can override others. In this example, add another condition—if the customer making the transaction is a VIP, the transaction should not be declined (the ACTION="decline" tag should be suppressed).

Analytical workflows can store and make use of entity state—that is, behavioral profile data—for entities of all types. This enables data about individual entities to be stored on one execution of a workflow and used in a subsequent execution of the same workflow, or even by a different workflow. See State for more information about creating and referring to state expressions in analytical workflows.

In this example, a state expression is used to store the value of each transaction event in the behavioral profile of the customer entity. This means that when the rule set runs for a transaction, it can access the value of the previous transaction made by the same customer. This allows test transactions, which use a very small transaction followed by one with a larger value, to be detected.

The previous example showed a rule set that added a tag if a customer made a small transaction (value less than 10) followed by a large one (value over 500). This misses an important consideration when looking for test transactions—typically the higher-value transaction happens shortly after the small-value test transaction. A small transaction followed, days later, by a large one, is typically not a risk indicator, but the previous example does not take this into account.

This consideration could be incorporated in a several ways. One way is to split the previous rule set into two.

This rule set implements the test transaction logic introduced in Example 3, but with the addition of the same condition used in rule set 1.

Support variables are used in analytical workflows to calculate risk scores and other values that need to be updated or referenced by multiple rule sets. For example, support variables might be used to calculate risk scores for the various entities involved in an event, and then a final rule set might combine those individual risk scores into an overall risk score and trigger actions based on that score.

Support variables are defined when you create your workflow, and you must assign each one a default value. Support variables can then be referenced in your workflow AMDL using the support scope, but AMDL expressions cannot change the value of a support variable. To update a support variable, you must use effects in your scorecard.

In this example, two support variables are used to calculate a risk score for the customer and the merchant in a card transaction. These risk scores are then combined into an overall risk score in the final rule set of the workflow, and the final effects—that is, tags—are based on the value of this overall risk score.

This rule set looks at transaction value and the risk associated with the customer. If the value is over 5000, it adds 400 to the customer risk score, or if the value is between 1000 and 5000, it adds 200. If the previous transaction for this customer was a low-value transaction within the last six hours (possibly a test transaction), it adds 300. It combines the transaction value and test transaction logic from the previous example (using two separate scorecards—see below). Note that the logic that checks whether this is a VIP customer has been moved to Rule set 4:_finalRiskScore.

This rule set looks at the merchant category of the merchant involved in this transaction, and checks whether it is contained in a list of high-risk or medium-risk merchant categories. These lists are provided as arrays of strings within the expression itself, and each condition uses the contains (~#) operator to check whether the MCC of this merchant is contained in each list. For more information, see Collections).

This expression also uses the conditional assignment syntax described in Conditional assignment.

If the merchant category code (MCC) is in a list of high-risk MCCs, it sets the merchant risk score to 375, or if the MCC is on a list of medium-risk MCCs, it sets it to 250.

A simpler version of this check could be implemented by only checking against a single list of high-risk MCCs, as in the following AMDL block:

This contains a single conditional operator, and simply assigns the transient variable the value 375 if the MCC is on the list at the beginning of the condition, and 0 otherwise. However, the AMDL block shown below enables you to set the merchant risk score to a different value depending on whether the MCC is high- or medium-risk, using nested conditional operators. If the first condition is true the variable is set to 375; if it is false, the part of the expression after the second colon is evaluated. This starts with another condition, and if this condition is true, the variable is set to 250; otherwise, it is set to 0.

This rule set calculates the final risk score for a transaction by adding the customer risk score and the merchant risk score, with the merchant score multiplied by a weighting of 0.8. If the total risk score is over 700, it adds a tag to trigger a decline; if the total score is between 300 and 700 it also generates a tag. The rule set also outputs the total score for display in the dashboard, using the Overall Score effect.

This rule set prevents VIP customers' transactions from generating a tag or being declined, but only if the customer risk score is low. It has been moved to the end of the list of rule sets to ensure that it overrides decline tags from all other rule sets in the workflow, and so that it can reference the customer risk score support variable set by rule set 1.

The basic principle of AMDL unit tests is to check what the results would be of running a specific AMDL expression (in business rules) or AMDL block (in analytical workflows) against your test event.

You can create positive test cases—that is, cases where an event should cause a rule to trigger, or a state variable or support variable to be set to a certain value—and negative test cases where a rule should fail to trigger or a variable should not be set or updated.

Tests are saved alongside the expressions for which they are written, and can be exported and imported alongside your business rules and workflows.

The most important component of any unit test is the input event. This is the event that your AMDL will be evaluated against. The input event panel must contain JSON event data, and the event must have an eventType field and be of a type that is defined in your schema.

However, the event is not validated against the schema, enabling you to use minimal events containing only the necessary fields, and even test potential schema changes.

The dashboard event generator tool that forms part of the AMDL unit tester enables you to generate events that match your schema, and set the values of optional and mandatory fields to create appropriate test cases.

Select the Lightning button at the top of the Input Event panel to generate a test event. This is the best way to create routine unit tests for your AMDL code, as it ensures that the test event closely approximates the real events that your AMDL will be evaluated against in production.

Each test must define the expected outcome or outcomes, so that the result of the test evaluation can be compared to the expected result to determine if the test passed or failed. These are set in different ways depending on whether you are testing rules or other kinds of expression in business rules or testing analytical workflows. See Testing business rules and Testing analytical workflows.

The Initial State panel allows you to define values for any other expressions referenced by the AMDL you are testing. Your unit tests have no access to real entities or live state, or the values of any other AMDL expressions. Therefore, you must define values for any referenced state or global variables, transient variables, static values, data lists, support variables, or workflow parameters that you want to have a value in your test.

State and other variables are defined in exactly the same way they are in normal AMDL code, but instead of an expression that evaluates to a value, in the Initial State panel you must set any variable to a fixed value. For example, you could set the value of a transient variable as follows:

For static values (the values scope), you can simply copy and paste the values expression into the Initial State panel. For more information, see Static values.

You can set the value of multiple different variables in different scopes by simply placing each expression on a separate line—for example:

If you have expressions that refer to the state of multiple different entities or entity types, you can set values for these state expressions in the Initial State panel using an annotation specific to unit tests, @entitytype.

This annotation takes two named arguments, the entity type (type) and the entity ID (id), although the entity ID is optional. Any state expressions defined below such an annotation in the Initial State panel will belong to the entity specified in the @entitytype annotation.

For example, to specify the value of the state expression avgTxValue for a merchant entity with the entity ID merchant1:

This is useful for cross-entity state references in business rules and for testing analytical workflows. For more information, see Cross-entity state references and Testing analytical workflows.

In business rule tests, the entity the expression is being evaluated for always has the ID testEntity. For example, if a business rule is written against the customer entity type, and an event contains two consumer entities, the one the rule is being evaluated for would be identified by having the ID testEntity. Unless you explicitly set the appropriate field in the input event, this entity ID does not match any entity ID fields in the event data, so to test an AMDL expression that checks the value of an entity ID field against the ID of the entity being evaluated against, you must set the value of the appropriate field to testEntity. See Entity meta-variables for an example of expressions where this might be necessary.

In unit tests of workflows, one entity of each type is assigned the ID testEntity. As with business rules, other test entities can be defined using the @entitytype annotation.

For a positive test case, consider the following rule, which is similar to one introduced in Example 3: Timestamps and durations and conditional state.

There are a number of test cases you might want to create to ensure that this rule works correctly. The simplest is the positive case—a transaction event where the value is greater than 100, the previous transaction value was less than 10, and the previous transaction was less than two hours ago.

The first thing to do when creating a test is to create the input event. For the positive test case, this means a transaction event where the value of amount.baseValue is greater than 100—for example, 150. The event is automatically generated with an eventTime equal to the current time. This example uses placeholder values in all the other fields, providing a test event shown below.

To create the positive test case, you also need to specify the values of the state expressions referenced in the rule. You can do this in the Initial State panel.

The correct value of state.previousTransactionValue is simple—it just needs to be less than 10. For this example, state.previousTransactionTime is set to a datetime less than two hours ago. The simplest way to do this is to copy the datetime from the input event, which is 9:55 am on 13th Apr 2022, represented in ISO 8601 format as 2022-04-13T09:55:56.922Z.

By reducing the hour by one, you can set the previous transaction time to 08:55 on the same day, and create a case in which the rule should trigger.

The final step in creating this test is to set the expected outcome. In this case, the rule should trigger, which is set by selecting Check triggers from the Check rule dropdown at the top-right of the tests pane. You can now name this test and run it.

For negative test cases, while it’s important to test that your rule triggers when it should, it’s perhaps more important to test that a rule doesn’t trigger in conditions where you believe it shouldn’t generate a decline tag. This is why negative test cases are important. While it’s often difficult to cover all the possible cases where the rule shouldn’t trigger, it’s important to test some of the more likely, and to identify edge cases that could potentially cause unintended behavior.

For the rule above, you can identify three obvious cases to test:

The simplest way to create a negative test case, once you’ve created your first positive test case, is to duplicate that first test and then edit it. By duplicating the positive test case described above, you can create each of the three negative test cases by:

For each of these tests, you also need to change the Check rule setting to Check does not trigger.

One other kind of situation you might want to test is the case where one or more of the state expressions referred to in the rule has no value—for example, when this is the first transaction for this particular entity, or, in the case of an optional field, where the event data field referred to is not present.

You can create a simple test case of this kind by duplicating the initial positive test case, and deleting the expressions state.previousTransactionValue and state.previousTransactionTime from the Initial State panel. This simulates the rule’s behavior on the very first transaction for any given customer entity. Again, the Check rule setting needs to be changed to Check does not trigger, since the rule should not trigger when these state variables are undefined.

In this case, the rule stops executing when it reaches the reference to an undefined state. This results in a case where the rule doesn’t trigger, and hence the test passes, but the test results also contain a warning that the rule did not execute. While this is expected behavior, a rule that fails to evaluate returns null when referred to in another expression. For more about this behavior, see Rule references.

It is also possible to test that state and global expressions are updating as expected. For instance, you might want to test the state expression introduced in Example 3: Timestamps and durations and conditional state, which stores the datetime of the most recent low-value transaction:

There are two cases to test with this expression—does it store the datetime of the transaction if the value is less than 10, and does the stored value remain the same if the value is greater than or equal to 10?

As with rule testing, some initial state and an event are provided. When testing state and global expression, however, rather than using the Check rule dropdown list, you can instead use the Expectations panel. The Expectations panel must contain one or more AMDL rules, which are evaluated after the input event is processed. These rules are used to check that the final state is equal to the expected value - if all the rules in the Expectations panel trigger, the test passes; if any of these rules fail to trigger, the test fails. The names of these rules must be unique within the scope of a specific test, but can be repeated across multiple tests for the same entity.

For the first test case, you might set an initial value for the state you are testing, or simply leave the Initial State blank. The input event should be a transaction with a value less than 10.

In the Expectations panel, you then write a rule that tests whether the final value of the state is what you expect it to be—in this case, the same as the datetime of the input event. You can copy the datetime directly from the input event JSON when creating the rule, giving something like this:

In the test results, the name of this rule is displayed, and if the rule triggers, a green checkmark is shown next to it. The final value of the state you are testing is also shown. Using a single expectation rule is by far the most common case, but it is possible to add additional rules to this panel to check other conditions to ensure the state was updated correctly.

You can also add another test to test the second case, where the transaction value exceeds 10. You can do this by duplicating the first test, changing the transaction value in the input event, and changing the expectation rule to check that the value of the state remains unchanged.

Unit tests of analytical workflows are used to test the outputs from a rule set. Each rule set can have one or more associated tests, each of which can contain multiple test expressions that check various different outputs and results of evaluating the rule set, including the values of transient variables used in scorecards and values stored in entity and global state.

Like all AMDL unit tests, each test must have an input event. The event must be of a type that is mapped to the workflow you are testing.

As an example, you can create tests to ensure that rule set 1 in the workflow described in Example 6: More complex state and using overridable parameters functions as intended. There are a number of positive and negative test cases to address, and for each, you might want to test a number of outcomes. These are described in the table below, with the highlighted portions indicating where a test is different from the first test case:

The rest of this section walks through the process of creating the last of these test cases. First, an input event must be created. This is a transaction that has a non-zero value (for example, 100), a datetime of 12:00 on 11th April 2022 (2022-04-11T12:00:00.000Z), and for which the mobile device ID field (deviceData.deviceId) is device1.

In a situation where a variable can take multiple values, you might want to create an expression that evaluates differently depending on the value. You could do this by chaining multiple conditional statements together (see Conditional assignment). However, more readable expressions can be created using the AMDL switch case operator, as in this example:

Here, the ~? operator initiates the switch on the value of the country field. Each case is terminated by a semicolon. The values switched on must be either a fixed value or default.

The default value is optional. The default keyword means that if the rule evaluation gets to the end of a switch case execution without detecting a match, it uses the default case. If no default is included and a matching case is not found, AMDL execution of the expression stops.

You can use the exists operator ~ to query whether the result of an expression exists or not. This allows you to create conditions that are true if an optional event field exists within the specific event being processed, or if a specific state variable, transient variable, or values expression has a value. For instance, you can check whether a field exists in the event by using something like this:

The inverse—a condition that is true if a field does not exist—can be constructed using the does not exist operator, !~.

If a reference within an AMDL expression cannot be found—for example, an event field which is not present, or a state that hasn’t been updated yet—it returns a null value. If the null value is not handled in the logic of the expression, AMDL execution of the expression stops and the value of the expression being evaluated also becomes null. If the expression is a rule, it does not trigger. If the expression is a variable update expression such as a state, global or transient variable, that variable is not updated. This may be the desired behavior; however, it is important to be careful how you handle such possibilities in some cases. In particular, be aware that AMDL execution does not short-circuit boolean operators and always evaluates all references; if any of these references evaluate to null, expression execution stops.

For example, even if the field accepted has a value in the event being processed, if var.acceptedTransaction is undefined, evaluation of this rule stops and does not trigger:

The default value operator ?? automatically replaces a preceding reference with the value following it, if that reference is found to be null during execution. For example, to ensure that the rule above executes even if the accepted field is not present:

This ensures that the evaluation of the field accepted always returns a value. If the field is missing, the default value false is returned. The parentheses in this example ensure that the components of the expression are evaluated in the correct order. For more information, see Operator precedence.

Often you might want a state to capture something once and not be updated again. For instance, you might want to store the first login date of a user. This can be done using the exists operator and the ternary operator, but because it is a relatively common occurrence a special annotation is provided, @firstValue.

When this is applied to an AMDL expression, once the expression evaluates to a value, it maintains that value and is not updated any more.

Arrays and sets store all values they are updated with for the duration. When a large number of values is expected to update the collection in the period of the duration, this could produce excessive storage requirements and adversely affect engine performance. For instance, globally storing the value of all transactions over a month could result in a very large collection.

To facilitate analysis of such time-series data, AMDL provides a histogram type. A histogram consists of a group of buckets, each of which represents a group of updated values that occurred during a specific time window. It is granular on the level of the buckets, not the values, so can be a powerful approximation to expedite performance. Any state-like AMDL expression can be given a histogram annotation which has the form:

@histogram(historyLength=<duration>, bucketSize=<bucket duration>)

The duration indicates the period for which the histogram should store buckets before expiring them. The second argument determines the number of buckets in the histogram and is optional. If left unspecified, a default is chosen to ensure at least 10 buckets are used. More buckets mean more accurate summary figures but a greater storage and performance impact. Bucket size is limited to a series of acceptable durations. If the specified bucket size is not one of those listed below, the nearest acceptable bucket size is used to ensure that at least the expected number of buckets are used. The following are acceptable bucket sizes:

Bucket durations expressed in months—for example, 6 months, 12 months—use M as their unit. For example, 6 months is represented as 6M.

Histogram buckets align with calendar time periods. Monthly buckets align with calendar months, so the first relevant event that occurs after midnight (UTC) on the first day of the month contributes the first data point to that month’s bucket. Buckets with a shorter duration—expressed in days, hours, minutes or seconds—align with calendar days. All non-monthly histogram buckets align at midnight (UTC) each Monday, so buckets with a duration of 7 days start at midnight on Monday; buckets with a duration of 1 day start at midnight each day; and buckets with a duration of 6 hours start at midnight, 6am, noon, and 6pm each day.

As with arrays, you can call the size, total, and mean methods on a histogram state. For instance, if you define a global histogram that stores transactions over the last week as follows:

Then you could write a rule that triggers if an entity performs a transaction of amount greater than 1000, but normalized for the day’s global average transaction amount in relation to the week’s:

In this case, you have added a duration argument to the mean method. This limits the values of the histogram to those within that elapsed period, so far as the granularity of the bins allow. In the example above, the mean(1d) method returns the mean of values from today; the mean(7d) method returns the mean of values from today and the previous six days.

Monthly durations—for example, 1 month, 6 months—use calendar months, which may be of different durations. To avoid issues when comparing histogram data between months of different lengths, normalized versions of these methods are also provided that normalize the total, size, or mean to a month length of 30 days: normalisedSize, normalisedTotal, and normalisedMean.

Used in this way, these methods can access data from the most recent bucket, or from that bucket and previous buckets. However, for comparison purposes or for defining a baseline, you may want to refer to previous buckets. This can be done in one of two ways.

Providing a datetime as an argument to the size(), mean(), or total() method allows you to access the bucket that contains that datetime. This datetime can be derived from event data through subtraction of a duration, to return data from the bucket from a specified duration in the past. For example, the expressions below enable you to compare the total value of a customer’s transactions this week with the total value from last week.

This example rule triggers a decline tag if the total value of a customer’s transactions so far this week is greater than three times the total value of the customer’s transactions last week. Data is returned for last week’s bucket instead of for the latest bucket by passing the datetime exactly 7 days ago (event.eventTime - 7d) as the argument to the total() method.

However, this approach only allows you to access data from a single bucket. To access data from multiple previous buckets, you can use the atTime() method. This method only applies to histograms, and takes a datetime as an argument. Again, this datetime can be derived by subtracting a duration from a datetime.

For example, you can modify the rule in the previous example to generate a decline tag when the total value of a customer’s transactions this week is greater than the total value of a customer’s transactions over the previous two weeks.

In this example, the atTime() method with an argument seven days in the past, in combination with total(14d), is used to access data—in this case, the total value—in two buckets, not including the current one. These are the bucket that includes the datetime supplied as an argument (seven days ago) and the previous bucket, since the bucket size is seven days and the duration supplied as an argument to the total() method is twice that.

A map is a lookup table—given a value, it maps that value to another and returns the other value. This enables you to store key-value states. For instance, in a transactional system, every entity may have several different payment methods, and you might want to keep track of the number of transactions made using each method. Each method identifier could be used as the key, and the count of the number of transactions would be the value—that is, what each key is mapped to. The data in this map might be represented as something like this:

Here, given method1 as a key, transactionCountByPaymentMethod would return the value 10.

AMDL can be used to define both static maps (using the values scope) and dynamic maps that can be updated and modified with each incoming event, stored in entity or global state.

Static maps can be used to store lookup tables such as a currency conversion table, or a dictionary of country codes mapped to country names. For example, you might want to store a list of threshold values for different merchant categories, and raise a decline tag when the value of a transaction exceeds the threshold for the appropriate MCC. This could be implemented using nested conditional statements, although this would be very long and difficult to read, or a switch case statement. For more on switch case statements, see Switch case operator.

However, using a static map can simplify this kind of expression by removing the thresholds into a different expression from the business logic of the rule itself. The map would be defined as follows:

A rule (in AMDL business rules) or a transient variable (in analytical workflows) can then reference this map using the syntax <scope>.<map expression>[<key>]—for example, values.MCCSpecificThresholds["7999"] would return 300. This rule would generate a decline tag if the value of a transaction exceeds the threshold for the relevant MCC:

This expression could be written using a switch case statement, which would allow you to provide a default value. A map does not provide a way of specifying a default, but you can use the default value operator. This enables you to provide a default value, which is returned if the key referenced is not present in the map. For example, to specify a default threshold of 500:

Maps can also be stored dynamically in state or global expressions. For example, you might want to store the timestamp of the last time a customer used the transaction method in the current transaction—a specific payment card or alternative payment method. If each payment method has a unique ID in the event field event.paymentMethod.methodId, you could define a state expression that would store the timestamp of the last transaction for each unique method ID:

state.lastTimeMethodSeen[ event.paymentMethod.methodId ]: event.eventTime

In this example, each time a transaction is received with a particular method ID, the timestamp is stored as the value, with that method ID as the key. After receiving the transactions shown in the table below, the map is stored in state in method2 as shown in the example below the table:

If you then receive another transaction with the method ID method2, at 15:26:41 on 11th Dec 2021, that overwrites the existing value for that key, and the resulting map changes as follows:

You could then write a rule or other expression referencing this state. You might want to reference the time a particular payment method was last seen, or check whether a payment method has been seen within a certain period of time. The following transient variable stores true if the payment method in the current event has not been seen in the last 180 days: