PayXpert - User documentation

Frauds

Owned by Technical Writer
Aug 21, 2024
6 min read

One advantage of processing payments with us is built-in protection against fraud. These types of transactions are growing in number every day, increasing the financial strain on merchants.

We maintain a global blacklist in order to protect all our merchants from known fraudulence. A consumer with a credit card number (or other flagged parameter) on the blacklist will not be allowed to complete the initial transaction, which will be declined:

In Processing > Transactions, we can see these declined transactions. As shown above, result code 500 means “Card is blocked”. Related error codes are: 501 - E-mail is blocked; 502 - Customer IP is blocked; 584 - Country in blacklist

We also set up other anti-fraud measures for you, like transaction velocity rules. Many more error codes are associated with those, like 585 - Too many rejected transactions in a row.

But these are declined transactions we’re talking about, they’re not fraud alerts. Fraud alerts are transactions that have been processed successfully, and are only later reported as fraud.

You see, there are those consumers that haven’t been flagged yet: perhaps a credit card number was just stolen, or maybe a veritable customer intends to commit “friendly fraud”. In these cases, the initial transaction does not appear suspicious, and therefore it is let through. And we won’t know it’s a “fraud” until the consumer complains to their card issuer, who then informs your bank, who then informs us.

We receive regular updates from your acquiring banks that tell us when frauds have occurred. The good news for you is that receiving fraud alerts is free, and some fraud alerts are just alerts: they are flagged as fraud and “end of story”, your acquiring bank does not do anything. The bad news is that for some frauds, chargebacks can result.

Just like chargebacks, fraud alerts have the same Transaction ID as their original sale/rebill/capture operation:

Our fraud has the same Transaction ID as our rebill. A chargeback doesn’t always result, but if one does, as in this case, then it will also share this Transaction ID

We register every single instance of fraud that has passed through your Originator(s), listing them in a dedicated area of the Backoffice:

You can drill down on a fraud alert to see shopper details and any transactions related to the fraudulent one, if any exist. This will help you decide whether or not to blacklist the shopper’s parameters, so that any future transactions by the card number, email or IP address will not be let through.

We encourage you to monitor your transactions daily, if possible, and blacklist any suspicious credit cards, emails, or IP addresses you may see. See the related articles linked below for instructions.

Please note that we also reserve the right to (globally) blacklist any shoppers that we see are affecting our merchants, on their behalf. This is to protect everyone involved.

Understanding fraud alerts

There are different responses to fraud alerts that you should consider depending on what comes with / what does not come with a particular fraud alert. These are discussed here. First, however, let’s see how to read into a fraud alert.

To find out more about a fraud alert, click the View button in the Actions column for a particular fraud alert:

In the window that appears, the Main information tab gives you the sequence of events for this fraud alert:

The Related transactions tab will tell you if a chargeback has been processed in response to this fraud:

In this example, there is nothing we can do: a chargeback has already been processed. We can, however, blacklist the shopper, to prevent any rebills from going through. This would be the safest thing to do: it would prevent any more chargebacks from occurring, and it would prevent the shopper from performing a brand new transaction with us via this Originator.

Now let’s take a look at another example. We open another fraud alert:

In the window that appears, the Main information tab gives us the timeline of events:

We check the Related transactions tab. Here we can see that the transaction that was later classified as a fraud was a rebill. Luckily, no chargeback has been processed yet (we can tell because there is no chargeback information):

However, we want to drill down on our rebill to see the original operation connected to it, in order to find out more. We click the View button in the Actions column to drill farther down. And now we see an older, authorization operation:

In the above example, we can see that our shopper probably complained upon being rebilled; he or she did not have a problem with the original authorization. In this case, we would wait to see if we receive a request for information. If we do, and no chargeback process has been initiated, we would give the customer a refund. We would also cancel this shopper’s subscription immediately (please see the related article for instructions) so that he or she is not rebilled again, or better yet, blacklist his or her details, so he or she cannot conduct any further transactions with us.

Can you fight “friendly fraud”?

Yes. If a “fraud” has resulted in a chargeback, and you have proof that the entire process was legitimate (if you can confirm that the person who made the purchase was the cardholder and that the service was provided correctly), then you may have a chance of recovering the chargeback (transaction) amount. The outcome of the dispute will depend on the bank: some are stricter than others.

Related articles

© PayXpert Services Ltd, 2024