Fraud Management
Selling online enables you to grow and scale your business substantially. However you need to be aware that when selling online a fraud risk exists that can result in goods being shipped that you may not get paid for.
This risk can be mitigated by:
- Executing 3D Secure for all online transactions. This shifts most fraud liability from you, to your customer or your customer’s bank. It is usually mandated by your acquiring bank to use 3D Secure for all online transactions.
- Checking the Security Code and Address Verification (AVS) results for transactions. Ensure you are sending in the correct data to properly use these features and are also interpreting the results of these checks.
- Using Global Payments Fraud Management to automatically Pass, Hold or Block transactions.
What rules can I set up to get started with Fraud Management?
This guide recommends an initial set of Fraud Management rules new merchants can configure who have little experience of selling online and managing fraud risk. Configuring these rules ensures an additional layer of protection on top of 3D Secure, Security Code and AVS and gives you a better understanding of the Global Payments Fraud Management product. This understanding will enable you to cater the rules to best suit your own business needs.
It’s important to say this guide is a recommendation only. You must take ownership of your own Fraud Management rules. Take a look at the other available rules to see if you feel any other rules would help you mitigate fraud.
Fraud Management Rule Creation
Fraud Management is a Global Payments product that executes a series of rules, configured by you, at the time the transaction is authorised that can PASS, HOLD or BLOCK transactions automatically. It helps you identify suspected fraudulent transactions. It may be difficult for you to know what rules to configure, before you commence processing online transactions for the first time, so here are some recommendations to get started with.
Please note that all the recommended rules result in a HOLD or PASS result. These rules will not automatically BLOCK transactions. Using HOLD ensures you never lose a sale automatically. A PASS result means the transaction is accepted, while BLOCK means that the transaction is stopped and will never be processed. A HOLD result means that if the transaction is authorised, you will not receive funds for that transaction until the transaction is reviewed and released by you. Please do not ship goods until a held transaction is reviewed by you and released.
If you are uncomfortable with Fraud Management automatically holding transactions that you subsequently need to review, you can set Fraud Management to PASSIVE MODE. Passive mode means that the Fraud Management result is for information only and no automatic action, such as holding the transaction, is taken. See “What are PASSIVE and OFF modes used for?” section later in this document.
Here are 7 rules we would recommend that you enable before you start processing transactions.
To configure these rules log in to RealControl and go to Fraud Management -> Create A New Rule.
You can give each rule a name that means something to you. Your rule names appear in RealControl when you view detailed information about a transaction.
Amount
“I want to hold transactions when the amount is greater than £x. Otherwise I want to pass transactions.”
You need to determine the amount, once exceeded, for which transactions will be held. We recommend to look at your average sale amount and then choose a larger amount where, if seen, you would want to review before accepting.
Customer
“I want to hold transactions when the cardholder name is marked as medium risk in my cardholder name data list. Otherwise I want to pass transactions.”
You need to add cardholder names to your data list as Medium risk for this rule to trigger. It’s unlikely you will have any cardholder names when you first start processing transactions. Over time you can easily add names from previous transactions via RealControl. This should be done if you ever get a transaction that results in a fraud chargeback.
See “How do I block/hold transactions based on the data in my data list?” Fraud Management Guide.
Geographic
“I want to pass transactions when the issuer country is marked as low risk in my issuer country data list. Otherwise I want to hold transactions.”
You will need to add countries to your payment method country list that you want to accept.
See “How do I restrict transactions to a set list of countries?” Fraud Management Guide. Alternatively you can reverse this rule to HOLD transactions for a known list of countries and PASS for all other countries.
Note: Holding transactions where the Billing and Shipping Countries or Billing and Issuing Countries do not match are also popular. To use these rules please ensure you are submitting Shipping and Billing Countries to Global Payments in your transactions.
Card Number
“I want to hold transactions when the card number has been used more than x times with a different cardholder name. Otherwise I want to pass transactions.”
You need to replace x with a number indicating how many times you are comfortable with a card number being used with a different name before you want to hold the transaction for review
See “How do I block/hold transactions based on a particular pattern?” Fraud Management Guide.
“I want to hold transactions when the card number is marked as medium risk in my card number data list. Otherwise I want to pass transactions.”
You need to add card numbers to your data list as Medium risk for this rule to trigger. It’s unlikely you will have any card numbers when you first start processing transactions but over time you can add them securely from previous transactions via RealControl, especially if you ever get a chargeback.
See “How do I block/hold transactions based on the data in my data list?” Fraud Management Guide.
“I want to hold transactions when the card number has been authorised more than x times in the last 24 hours. Otherwise I want to pass transactions.”>
“I want to hold transactions when the card number has been authorised more than x times in the last week. Otherwise I want to pass transactions.”>
You need to decide how many times you want to see a card number authorised in the past 24 hours and in the past week, before holding it.
See “How do I block/hold transactions based on recurrent use of a card number within a defined period?” Fraud Management Guide.
The above rules are a recommendation only. Enabling these rules will give you a good sense of how to use Fraud Management. You can easily configure additional rules based on the data you send to Global Payments. For example, if you are submitting a customer number unique to your business, customer IP address or email address you can build useful rules relating to this data.
FULL LIST OF FRAUD RULES
"I want to Pass/Hold or Block transactions when ..."
All categories |
…the data list data* is marked as high/medium/low risk |
---|---|
Card number |
…the card number has been used more than a number of times in the last 24 hours |
Geographic |
…the shipping and the billing country is different or the same or missing one information |
Amount |
…the amount in a currency is greater than an amount |
Customer |
…the cardholder name has been used more than a number of times with a different card number |
Product |
…the variable reference has been used more than a number of times with a different card number |
Third party |
...the Decision Manager response is (accept/reject/review/error). |
* The data list allows you to specify values that should trigger an action should they appear within a particular transaction field. The fields for which data can be listed are:
Card number |
Cardholder name |
Product ID |
Variable Reference |
Customer Number |
Customer IP Address |
Shipping Area |
Shipping Country |
Billing Area |
Billing Country |
BIN range |
Issuing Country |
How to log in and create a new rule?
Step 1
To configure rules you need to log in to Ecommerce Portal (RealControl).
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu and click Create New Rule button.
Note: You must have sufficient privileges to access this functionality. You must be a Fraud Manager or an Administrator. Fraud Analysts can review and manage Fraud Filter transactions but not change rules.
Step 3
Select the relevant category.
Step 4
Give the rule a name. This is a name that will be re-used throughout the application. In our example type in “card-holder name and card number”.
Create statement - each rule is made up of one or more statements, and each statement has an action and one or more conditions.
Step 5
Click Review and Activate button. Review the rule that you have just created and edit or activate it.
It is important to note that activating, deleting or editing Fraud Filter Rules, will result in a change to the transaction response that is returned by Global Payments to your system, either via XML or via the Hosted Payment Page. Please ensure your system is capable of handling changes to the Fraud Filter response from Global Payments to prevent any impact to your transaction processing. For full details of the changes see the Fraud Management Developer Guides.
What do I do once I have my rules configured?
Firstly, send in a few test transactions to trigger the rules you have set up to hold the transactions. Then look at those test transactions in RealControl and understand how to review, release and void transactions.
When you start processing real transactions you must monitor them in RealControl.
Go to the Fraud Management -> Fraud Filter in RealControl to ensure the transactions that are Held are reviewed and either released or voided.
See “How do I review, release or void a suspected fraudulent transaction?” Fraud Management Guide.
Over time if you feel you are spending too much time reviewing transactions you can tweak the rules to let more transactions Pass or Block automatically.
If you find you are getting fraudulent transactions, for example via the chargeback process, then look at those transactions and identify rules which can be added or modified to Hold or Block similar transactions. Add card numbers, cardholder names or other data from chargebacked transactions in RealControl to your fraud data lists. Future transactions with that card number, cardholder name or other data will be actioned automatically once the corresponding rule for that data is active.
See “How do I add transaction data to my data list?” Fraud Management Guide.
See “How do I block/hold transactions based on the data in my data list?” Fraud Management Guide.
What are the PASSIVE and OFF modes used for, and how do I switch between modes?
What are the PASSIVE and OFF modes used for?
By default, Global Payments’ Fraud Management tool is in ACTIVE mode. This means that as soon as you create your rules, they will be applied to all your transactions on all your subac-counts and the relevant action will be applied.
PASSIVE mode can be used to test your rules before you use them in ACTIVE mode. When the Fraud Filter is in PASSIVE mode, the rules that you have set up will be applied but the actions associated with them (Pass, Hold or Block) will not be executed. However, you will be able to see the action that would have been taken had your Fraud Filter been in ACTIVE mode.
Once you are confident that your rules are working as expected, you can then switch to ACTIVE mode.
When the Fraud Filter is in OFF mode, your rules will be not executed but they will be retained in case you want to change to PASSIVE or ACTIVE mode in the future. For security, you will be required to enter your password in order to set the Fraud Filter mode to OFF.
How do I switch between modes?
You can access the PASSIVE and OFF mode from the “More Actions” button on the top right of the Fraud Dashboard screen.
How do I add transaction data to my data list?
What is a data list?
The data list allows you to specify values that should trigger an action if they appear within a particular transaction field. For example, you can use your data list to block transactions from a particular country or a specific card number.
Note: You will need to set up a rule in order to define the action that should take place for a listed value.
The data list includes the following list types:
Card number |
Cardholder name |
Product ID |
Variable Reference |
Customer Number |
Customer IP Address |
Shipping Area |
Shipping Country |
Billing Area |
Billing Country |
BIN range |
Issuing Country |
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Add Data to Data List Panel
There are two ways to add some data to a data list:
1. From the Transaction Details page
This panel shows the data collected from this transaction. You can review that data and add or edit its risk by clicking on “add” or “edit”.
2. From the Data List tab
If you know the data that you want to add, select the “Data List” tab from the Fraud Filter screen and select the relevant list type.
On the list type page, input the data that you want to add to the list.
If that data does not already exist in this list type, it will be added straight away. You must assign a level of risk to the item (low, medium or high).
If the data already exists, it will be highlighted in the list and you can edit its risk level if required.
How do I block/hold transactions based on the data in my data list?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Add Data to Data List Panel
This user guide assumes that you have already added a card number to your data list. Please see the user guide “How do I add transaction data to my data list?” for more information.
Step 4
Create new rule by clicking “Create A New Rule” button on the Fraud Management Dashboard Screen.
Step 5
Select the relevant category, for example “Card Number”.
Step 6
Give the Rule a Name. This is a name that will be re-used throughout the application. In our example type in “Card number data list”.
Step 7
Create your statements. Each rule is made up of one or more statements, and each statement has an action and one or more conditions.
In this case:
I want to block transactions (action)
When the card number is marked as high risk (condition)
You can add another condition by clicking on the plus icon
For example, if you also want to block the transaction when the card number is marked as medium risk, you can add the condition:
When the card number is marked as medium risk
You can add another statement to the rule by clicking on the button. For example:
I want to pass transactions
When the card number is marked as low risk
Step 8
Click on the “Review and Activate” button.
Step 9
Review the rule that you have just created and edit or activate it.
It is important to note that activating, deleting or editing Fraud Filter Rules, will result in a change to the transaction response that is returned by Global Payments to your system, either via XML or via the Hosted Payment Page. Please ensure your system is capable of handling changes to the Fraud Filter response from Global Payments to prevent any impact to your transaction processing. For full details of the changes see the Fraud Management Developer Guides.
How do I review, release or void suspected fraudulent transactions?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Access the Fraud Filter Screen.
The first part of this screen gives you an overview of the transactions that have been recent-ly held or blocked and their overall value.
To access the Fraud Filter page, click on the link “View All Fraud Filter Transactions”
Step 4
Review, Void or Release from the Fraud Filter
List of all transactions held or blocked.
This screen shows the list of all the transactions that were held or blocked by the Fraud Filter tool as a result of the rules that you have in place.
The “Held” transactions for the last 30 days will be listed. To remove a transaction from this list, you must release or void it. You can do this directly from the Fraud Filter Transaction listor on the individual Transaction Details screen.
The “Blocked” transactions from the last seven days will be listed. You cannot remove these but you can review the transaction details and data from the transaction to your data list.
Held transactions needs your attention you must void or release them.
Failed transactions that were flagged as Held by the Fraud Filter but also failed authorisation are listed.
They do not require any action but you might want to review and add transactional data to the data lists.
Step 5
Fraud Panel
In the fraud panel of the Transaction Details screen, you will be able to see the rule (or rules) that caused the transaction to be held or blocked.
At the top of the page, you are given the option to release or void the transaction.
How do I manually hold a transaction?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Manually hold a transaction
You have the ability to manually hold a transaction that has not yet settled.
Give it a reason of Fraud and this adds the transaction to your Fraud Filter for future review. Please see the user guide “How do I review, release or void transactions?” for more information.
Select a transaction that you want to hold.
Go to the Transaction Details screen and click on the “Hold Transaction” button and give it a reason of “Suspected Fraud”.
How do I block/hold transactions based on a particular pattern?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Create new rule by clicking “Create A New Rule” button on the Fraud Management Dashboard Screen.
Step 4
Select the relevant category, in our example select “Customer”.
Step 5
Give the Rule a Name. This is a name that will be re-used throughout the application. In our example type in “card-holder name and card number”.
Step 6
Create your statements. Each rule is made up of one or more statements, and each statement has an action and one or more conditions.
In this case:
I want to block transactions (action)
When the cardholder name has been used more than 5 times with a different card number (condition)
For this condition, the number of times the card has been used can be changed if you require.
You can add another statement to the rule by clicking on the button. For example, for a lesser number of reoccurrences, you may choose to hold the transaction rather than blocking it:
I want to hold transactions when the cardholder name has been used more than 3 times with a different card number.
In this case, the number of times the card is used should be lower than in the previous statement.
Step 7
Click on the “Review and Activate” button.
Step 8
Review the rule that you have just created and edit or activate it.
It is important to note that activating, deleting or editing Fraud Filter Rules, will result in a change to the transaction response that is returned by Global Payments to your system, either via XML or via the Hosted Payment Page. Please ensure your system is capable of handling changes to the Fraud Filter response from Global Payments to prevent any impact to your transaction processing. For full details of the changes see the Fraud Management Developer Guides.
How do I restrict transactions to a set list of countries?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Create new rule by clicking “Create A New Rule” button on the Fraud Management Dashboard Screen.
Step 4
Select the relevant category, in our example select “Geographic”.
Step 5
Give the Rule a Name. This is a name that will be re-used throughout the application. In our example type in “Issuing Country Exclude”.
Step 6
Create your statements. Each rule is made up of one or more statements, and each statement has an action and one or more conditions.
In this case:
I want to pass transactions (action)
When the cardholder name has been used more than 5 times with a different card number (condition)
When the issuing country is marked as low risk (condition)
Set the default statement
The default statement determines what will happen if none of the other statements apply for this rule.
In this case, we would set the default statement to:
Otherwise I want to block transactions
Step 7
Click on the “Review and Activate” button.
Step 8
Review the rule that you have just created and edit or activate it.
It is important to note that activating, deleting or editing Fraud Filter Rules, will result in a change to the transaction response that is returned by Global Payments to your system, either via XML or via the Hosted Payment Page. Please ensure your system is capable of handling changes to the Fraud Filter response from Global Payments to prevent any impact to your transaction processing. For full details of the changes see the Fraud Management Developer Guides.
How do I block/hold transactions based on recurrent use of a card number within a defined period?
Step 1
Access your test account https://realcontrol.sandbox.realexpayments.com
Access your live account https://realcontrol.realexpayments.com
Enter your Client ID, Username and Password and click “Sign In”.
Step 2
Access the Fraud Management Page by clicking on “Fraud Management” on the left hand side menu.
Step 3
Create new rule by clicking “Create A New Rule” button on the Fraud Management Dashboard Screen.
Step 4
Select the relevant category, in our example select “Card Number”.
Step 5
Give the Rule a Name. This is a name that will be re-used throughout the application. In our example type in “Card number last 24 hours”.
Step 6
Create your statements. Each rule is made up of one or more statements, and each statement has an action and one or more conditions.
In this case:
I want to pass transactions (action)
When the cardholder name has been used more than 5 times with a different card number (condition)
When the card number has been used more than 5 times in the last 24 hours (condition)
For this condition, the number of times the card has been used and the time period can be changed if you require.
You can add another statement by clicking on the “Add Statement” button For example,
I want to hold transactions
When the card number has been used more than 3 times in the last 24 hours
Step 7
Click on the “Review and Activate” button.
Step 8
Review the rule that you have just created and edit or activate it.
It is important to note that activating, deleting or editing Fraud Filter Rules, will result in a change to the transaction response that is returned by Global Payments to your system, either via XML or via the Hosted Payment Page. Please ensure your system is capable of handling changes to the Fraud Filter response from Global Payments to prevent any impact to your transaction processing. For full details of the changes see the Fraud Management Developer Guides.