User's Guide
Table Of Contents
- Payflow Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Deactivating Fraud Protection Services
- Index
Fraud Protection Services User’s Guide 85
Fraud Filter Reference
High-risk Address Filters
A
ZIP Risk List Match Filter
What does the filter do?
This filter compares the Ship To and Bill To ZIP codes (US only) against the high-risk list.
High-risk ZIP codes are determined based on analysis of millions of e-commerce transactions.
The specified action is taken whenever a submitted ZIP code appears in the risk list.
NOTE: Fraud tends to correlate to densely populated areas like major cities. For this reason,
ZIP codes on the risk list will likely correlate to major cities.
How does the filter protect me?
Matching a ZIP code on the risk list does not necessarily indicate a fraudulent purchase, but
that you should evaluate these transactions more closely than other transactions.
USPS Address Validation Failure Filter
What does the filter do?
This filter screens the Ship To and Bill To addresses (street number, street name, state, and
ZIP code) against the United States Postal Service database of existing addresses. The USPS
updates the database continually.
The specified action is taken whenever the address cannot be validated (it does not exist or is
incorrect in some way).
NOTE: The filter does not validate that the person named in the transaction data lives at that
address or even that the address is currently occupied—only that the address exists in
the database.
How does the filter protect me?
To trick a merchant’s filters, fraudsters sometimes deliberately misspell or make up street
names. This enables the fraudster to spoof AVS, geo-location, and high-risk address filters.
You can identify this basic form of spoofing by using the USPS Address Validation filter to
determine whether an address really exists.
NOTE: One useful side effect of the filter is that mis-keyed addresses of legitimate customers
can be identified before shipping.
IP Address Match Filter
What does the filter do?
This filter screens the IP address from which a transaction originates against a list of high-risk
IP addresses. An IP (Internet protocol) address is a unique identifier for a computer on a
TCP/IP network that can identify a particular network and a particular computer on that
network.
NOTE: IP Addresses are not always fixed like the addresses to physical buildings. Some
computers get a new IP address each time they connect to a network. The most general