User Guide
Table Of Contents
- Intended Audience
- Revision History
- Introducing Fraud Management Filters
- Setting Up Fraud Management Filters
- Using Fraud Management Filters
- Customizing Websites to use Fraud Management Filters
- Fraud Management Filters Summary
- Fraud Management Filters Operating Principles
- Index
Fraud Management Filters June 23, 2009 45
Fraud Management Filters Summary
Advanced Fraud Management Filters
IP Address Range Filter
This filter screens for payments from IP addresses with historically high instances of fraud. IPs
are checked against a “Risk List” maintained by PayPal. Historically, fraud is more likely to
originate from compromised networks because fraudsters launch attacks from compromised
computers or networks. To use this filter, you must send the customer’s IP address along with
the rest of the transaction information. The IP address range filter applies to Direct Credit Card
and Virtual Terminal payments.
Transaction Data Filters
You can filter transactions based on transaction data.
Large Order Number Filter
This filter screens for payments based on the number of items a customer purchases by
identifying transactions that exceed the specified number of items purchased at your business.
Fraudsters usually try to purchase as much as they can before the stolen cards they use are
cancelled. An unusually high item count may indicate potential fraudulent activity. Fraudsters
frequently attempt to order large numbers of attractive items that can be easily resold. The
large order number filter applies to Direct Credit Card and Virtual Terminal payments.
Total Purchase Price Minimum Filter
This filter overrides other filter actions if the transaction falls below a minimum total
transaction amount, including tax, shipping, and handling fees. If the transaction amount is
below the amount set for this filter, the payment is automatically accepted, overriding any
other filter that would have set aside this transaction for your review.
Merchants with an especially high transaction volume can use this filter to reduce the number
of transactions that their staff must review. Transactions below the amount you specify are
accepted without further analysis. This filter applies to Direct Credit Card and Virtual
Terminal payments.
IP Address Velocity Filter
This filter screens for multiple payments that originate from the same IP address by checking
for repeated transaction attempts from the same computer or network. A high number of
orders from a single IP address may be associated with a fraudster making repeated purchases
on your website. A fraudster may repeatedly attempt transactions through an automated script
that tests unknown card numbers or may attempt to make many small purchases through
multiple stolen cards to bypass other filters.
Legitimate customers typically don’t perform multiple transactions in quick succession;
however, some Internet Service Providers (ISPs) may use a single IP address for all of their
customers’ computers. You can choose to ignore IP addresses from these ISPs so that
payments originating with them will not be filtered. The IP address velocity filter applies to
Direct Credit Card and Virtual Terminal payments.