User's Guide
Table Of Contents
- Payflow Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Deactivating Fraud Protection Services
- Index
Content
4
Acting on Transactions that Triggered Filters . . . . . . . . . . . . . . . . . . . . . . 24
Rejecting Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Fine-tuning Filter Settings—Using the Filter Scorecard . . . . . . . . . . . . . . . . . . . 25
Ensuring Meaningful Data on the Filter Scorecard . . . . . . . . . . . . . . . . . . . 26
Re-running Transactions That Were Not Screened . . . . . . . . . . . . . . . . . . . . . 26
Chapter 5 Activating and Configuring the Buyer Authentication Service
27
Building Customer Confidence. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Enrolling in the Buyer Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . 27
Downloading the Payflow SDK (Including APIs and API Documentation) . . . . . . . . . . 28
Configuring Buyer Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Generate Transaction Request Software . . . . . . . . . . . . . . . . . . . . . . . . 29
Testing and Activating the Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Chapter 6 Performing Buyer Authentication Transactions Using the
SDK33
Testing the Buyer Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Buyer Authentication Transaction Overview . . . . . . . . . . . . . . . . . . . . . . . . . 33
Buyer Authentication Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Buyer Authentication Server URLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Detailed Buyer Authentication Transaction Flow. . . . . . . . . . . . . . . . . . . . . . . 35
Call 1: Verify that the cardholder is enrolled in the 3-D Secure program . . . . . . . . 35
Call 2: POST the authentication request to and redirect the customer’s browser to the ACS
URL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Call 3: Validate the PARES authentication data returned by the ACS server . . . . . . 38
Call 4: Submit the intended transaction request to the Payflow server . . . . . . . . . 38
Example Buyer Authentication Transactions. . . . . . . . . . . . . . . . . . . . . . . . . 39
Example Verify Enrollment Transaction . . . . . . . . . . . . . . . . . . . . . . . . . 40
Example Verify Enrollment Response . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Example Validate Authentication Transaction . . . . . . . . . . . . . . . . . . . . . . 40
Example Payflow Authorization or Sale Transaction . . . . . . . . . . . . . . . . . . 41
Buyer Authentication Transaction Parameters and Return Values . . . . . . . . . . . . . 42
Transaction Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Verify Enrollment Transaction Name-Value Pairs . . . . . . . . . . . . . . . . . . . . 42
Validate Authentication Transaction Name-Value Pairs . . . . . . . . . . . . . . . . . 44
Standard Payflow Sale or Authorization Transaction . . . . . . . . . . . . . . . . . . 46
ECI Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47