User's Guide
Table Of Contents
- Payflow Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Deactivating Fraud Protection Services
- Index
Fraud Protection Services User’s Guide 81
Fraud Filter Reference
High-risk Payment Filters
A
How does the filter protect me?
Buyers who can provide the street number and ZIP code on file with the issuing bank are more
likely to be the actual account holder.
AVS matches, however, are not a guarantee. Use card security code and Buyer
Authentication in addition to AV S to increase your certainty.
Card Security Code Failure Filter
What does the filter do?
The card security code is a 3- or 4-digit number (not part of the credit card number) that
appears on credit card. Because the card security code appears only on the card and not on
receipts or statements, the card security code provides some assurance that the physical card is
in the possession of the buyer.
IMPORTANT:The Card Security Code Failure filter performs the action after the
transaction is processed. This means that, if set to reject, the filter rejects the
transaction after the transaction is authorized by the processor. To charge the
customer for such a transaction, you must resubmit the transaction data.
About the Card Security Code
The card security code is printed on the back of most cards (usually in the signature field). All
or part of the card number appears before the card security code (567 in the example). For
American Express, the 4-digit number (1122 in the example) is printed on the front of the card,
above and to the right of the embossed account number. Be sure to explain this to your
customers.
The card security code check compares the number provided by the customer with the number
on file with the issuer and returns one of the following responses:
TABLE A.3 Card security code responses
Result Meaning
Y The submitted information matches information on file with account holder's bank.
N The submitted information does not match information on file with the account holder's
bank.