The fraud check analyses all transactions processed on your account and assigns a numerical fraud rating, which indicates the level of risk based on a number of pre-defined criteria.
- Before the fraud checks have been processed, the fraud rating will be “-1”.
- Following the processing of the fraud checks, a fraud rating of “0” indicates that no suspicious characteristics were detected.
- Every suspicious attribute found by the fraud checks will increment the fraud rating. A higher fraud rating indicates a higher likelihood of fraud.
- All transactions with a fraud rating of “2” or higher are collated into a daily email notification sent to the email address associated with your account.
- By default, we will suspend all transactions with a fraud rating of “5” of higher.
You can configure the thresholds that trigger these actions (e.g. in order to reduce the occurrences of false-positives) by contacting our Support team.
Trust Payments performs the following checks on authorised transactions in settlestatus “0” against records for the previous 7 days. If any of the following criteria are met, the fraud rating for the transaction will be incremented. A higher fraud rating indicates a greater chance of fraud, and as such transactions with high fraud ratings may be suspended in line with your Security Policy.
If matched, these criteria will raise the fraud rating:
The following increment the rating by 1:
- X – Same card number has been declined before with different expiry dates.
- E – Email address has been used with different declined cards or expiry dates.
- N – Cardholder name has been used with different declined cards or expiry dates.
- C – Card details are associated with a very high number of successful transactions.
- V – Cardholder name believed to be randomly-generated (e.g. “ghghghghg”).
- P – Postcode entered did not match that on the customer’s bank’s records.
The following increment the rating by 2:
- S – Security code entered did not match that on the customer’s card.
The following increment the rating by 10:
- G – Card number or billing address has been found in our negative database
The character on the left represents what we call the reason code. Following fraud checks, you can view which of the checks failed (if any), by matching the resulting reason codes with the list above. If any of the criteria are met, we will increment the fraud rating by the number shown above.
Viewing fraud rating and reason codes in MyST
You can view the fraud rating and reason codes (if any) for each transaction in MyST.
Select “Fraud rating” and “Fraud reason” in the optional “Fields” tab when performing a search on the “Transaction Search” page.
This allows you to compare fraud ratings/reasons of multiple transactions that meet your search criteria.
Single transaction view
The fraud rating and reason(s) are also visible in the single transaction view, as shown below.
Updating affected transactions
Sign in to MyST, search for the transaction and click “Update”. Modify the settlestatus of the transaction and click “Update”.
You can also update the settlestatus by submitting a TRANSACTIONUPDATE request.
Allowing transactions to settle
If you have manually investigated a transaction that has been flagged with a particular fraud rating and would like to instruct us to settle the transaction, you can manually override a transaction by updating the settlestatus to “1”. Settlement is performed once a day and all transactions with settlestatus “1” are settled regardless of their fraud rating.
If you believe a transaction to be suspicious but it has not been automatically suspended, you can manually suspend a transaction by updating the settlestatus to “2”. Suspended transactions can later be re-enabled for settlement by updating the settlestatus to “1” (as described above). They can also be permanently cancelled by updating the settlestatus to “3”.
If you have manually investigated a suspended transaction and would like to cancel the payment, you can manually cancel a transaction by updating the settlestatus to “3”.
Cancelled transactions can never be settled by Trust Payments.
Trust Payments’s internal negative database is a record of card numbers and billing email addresses previously associated with suspicious transactions.
When any transaction receives a fraud rating of “10” or higher, we will automatically add the card number and billing email address to the database.
When you process a transaction that includes a card number and/or billing email address that has been stored in the negative database, the fraud rating is increased by “10”, which immediately suspends the transaction under default configuration. (This requires fraud checks to be enabled on your account) If a transaction is suspended due to an entry in the negative database, it is shown with the reason code “G” in MyST.
Bypassing fraud checks
You can manually flag transactions to bypass the results of fraud checks by including a settlestatus of “1” in the payload submitted within your JWT.