User's Guide
Table Of Contents
- Payflow Fraud Protection Services User’s Guide
- Preface
- Overview
- How Fraud Protection Services Protect You
- Configuring the Fraud Protection Services Filters
- Assessing Transactions that Triggered Filters
- Activating and Configuring the Buyer Authentication Service
- Performing Buyer Authentication Transactions Using the SDK
- Testing the Buyer Authentication Service
- Buyer Authentication Transaction Overview
- Buyer Authentication Terminology
- Buyer Authentication Server URLs
- Detailed Buyer Authentication Transaction Flow
- Call 1: Verify that the cardholder is enrolled in the 3-D Secure program
- Call 2: POST the authentication request to and redirect the customer’s browser to the ACS URL
- Call 3: Validate the PARES authentication data returned by the ACS server
- Call 4: Submit the intended transaction request to the Payflow server
- Example Buyer Authentication Transactions
- Buyer Authentication Transaction Parameters and Return Values
- ECI Values
- Logging Transaction Information
- Screening Transactions Using the Payflow SDK
- Downloading the Payflow SDK (Including APIs and API Documentation)
- Transaction Data Required by Filters
- Transaction Parameters Unique to the Filters
- Existing Payflow Parameters Used by the Filters
- Response Strings for Transactions that Trigger Filters
- Accepting or Rejecting Transactions That Trigger Filters
- Logging Transaction Information
- Responses to Credit Card Transaction Requests
- Fraud Filter Reference
- Testing the Transaction Security Filters
- Good and Bad Lists
- AVS Failure Filter
- BIN Risk List Match Filter
- Country Risk List Match Filter
- Email Service Provider Risk List Match Filter
- Geo-location Failure Filter
- International IP Address Filter
- International Shipping/Billing Address Filter
- IP Address Match Filter
- Shipping/Billing Mismatch Filter
- Total Item Ceiling Filter
- Total Purchase Price Ceiling Filter
- Total Purchase Price Floor Filter
- USPS Address Validation Failure Filter
- ZIP Risk List Match Filter
- Deactivating Fraud Protection Services
- Index
Fraud Filter Reference
High-risk Address Filters
A
86 Fraud Protection Services User’s Guide
level of the IP address indicates the region or country from which the computer is
connecting, and is thus relatively fixed. Therefore the IP Address risk list is most
effective as a screen for overseas fraud.
The specified action is taken whenever a submitted IP address appears in the risk list.
How does the filter protect me?
A customer’s IP address identifies a country, region, state, or city. As with ZIP codes, these
addresses can be associated with higher or lower likelihood of fraud. This is especially true
with high-risk countries that are known to be associated with especially high rates of fraud.
Required Transaction Data
You must send the customer’s IP address to use this filter.
Email Service Provider Risk List Match Filter
What does the filter do?
This filter compares the e-mail service provider used by the customer against a list of high-risk
e-mail service providers.
NOTE: Fraudsters most often use free services at which they do not need to provide traceable
billing information. (Free services are also popular among legitimate shoppers—
because they are free.)
It is therefore a good practice to check whether the billing name appears in some form
in the e-mail address. For example, Tina Johnson should have an e-mail address of
TinaJohnson@hotmail.com or Johnson42@hotmail.com, or some similar variant. Such
an e-mail address is less suspicious than xy12@hotmail.com.
The specified action is taken whenever the e-mail service provider is found in the risk list.
How does the filter protect me?
Online merchants rarely talk to their customers. The customer’s e-mail address is a critical
communications channel between the merchant and customer. For example, e-mail is often
used to confirm a purchase and to notify the customer that shipment has been made.
It is therefore important for merchants to determine how reliably the e-mail address is tied to
the identity of the customer. Some e-mail service providers make it especially easy to open and
close e-mail accounts without ever providing personal information, enabling fraudsters to use
false identities to cover their tracks.
You should examine any transaction in which a high-risk e-mail service provider is involved.
Geo-location Failure Filter
What does the filter do?
This filter compares the IP address of the customer’s computer (captured in real-time when the
transaction is submitted) and compares its geographical location to the billing and shipping