User's Guide
Table Of Contents
- Payflow Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Deactivating Fraud Protection Services
- Index
Fraud Filter Reference
High-risk Payment Filters
A
80 Fraud Protection Services User’s Guide
If AVS information is not submitted with the transaction, then the response is NN.
AVS checks only for a street number match, not a street name match, so 123 Main Street
returns the same response as 123 Elm Street. The “USPS Address Validation Failure Filter”
on page 85 validates the address information
NOTE: .
The specified action is taken whenever the AVS response does not meet the criterion that you
specified.
IMPORTANT:The AVS Failure filter performs the action after the transaction is processed.
This means that, if set to reject, the filter rejects the transaction after the
transaction is authorized by the processor. To charge the customer for such a
transaction, you must resubmit the transaction data.
Specifying the Level of AVS Checking
Specify one of the AVS settings:
Full: Take action if a transaction returns any value other than YY (Y for street address and
Y for ZIP code).
Medium: Take action if a transaction returns values other than these: XX, XY, YX, and
YY.
Light: Take action only if NN is returned.
This table summarizes AVS levels:
TABLE A.1 AVS responses
Result Meaning
Y The submitted information matches information on file with the account holder's bank.
N The submitted information does not match information on file with the account holder's
bank.
X The account holder's bank does not support AVS checking for this information.
(Null) In some cases banks return no value at all.
T
ABLE A.2 AVS responses
AVS Setting Allowed Responses
Full (Y, Y)
Medium (X, X), (X, Y), (Y, X), (Y, Y)
Light (X, X), (X, Y), (Y, X), (X, N), (N, X), (N, Y), (Y, N), (Y, Y)