9 secrets of online payments. Part 7: Fraud Monitoring System

Why are payments declined? How are online stores protected from fraudsters? How to determine whether this card you get paid or stolen? What protects e-commerce from fraud? Answers to these questions can be found in the seventh part of the series of author's articles "9 secrets of online payments" from PayOnline .

An online store, a bank, and the card holder itself may suffer from a card fraud. In the event of a data card leak, attackers try to withdraw the maximum amount of money and leave no trace, so that online stores can deal with banks, who should still compensate for the lost amount. It is impossible to keep track of the cardholders - the online store cannot know who is on the other side of the screen: an attacker or a respectable customer. There is always a risk, but to bring its value to zero, there are many tools for verifying payments and verifying payers. One of them, the monitoring system of fraudulent transactions, or the “antifraud system”, will be discussed further.

Part 1. Setting up 3D Secure
Part 2. Recurring payments
Part 3. Payment selection page
Part 4. Payment Form
Part 5. Mobile payments
Part 6. Payment in one click
Part 7. Fraud monitoring system
Part 8. Returns and how to avoid them.
Part 9. Payment service settings for the type of business

What is an antifraud and how does it work

The general scheme of operation of virtually any fraud monitoring mechanism is as follows: at the time of making a payment using a bank card, several indicators are collected (each system has different antifrauds), starting from the computer’s IP address and ending with the payment statistics on this card. The number of filters may exceed one hundred (for example, PayOnline has more than 120 electronic payments). The system has a set of rules, that is, the limits of security filters. Each of the filters checks the user - his personal and card data. The purpose of the system is to make sure that the user is the real cardholder making a purchase on the site. In case of detection of suspicious activity, that is, if any parameter is exceeded, the filter automatically blocks the possibility of making a payment with this card. Consider the process of working antifraud system step by step.
')
The user will make payment on the site. Information about the payment goes into the fraud monitoring system. At this moment, the antifraud has two information packages: information about this unit payment and the profile of the average payer of this online store. The algorithms of the fraud monitoring system allow us to evaluate a number of factors, among which the main ones are:

• The country from which the payment is made.
• Country of the bank that issued the card.
• Amount of payment.
• The number of payments from the card.
• Payment history of a bank card.
• Profile of the average payer of the store.

The transaction passes the primary analysis based on these and other factors. Based on the analysis, it is assigned a “label” that characterizes the way the transaction is processed. There are three types of tags. Green marks transactions with a low likelihood of fraudulent transactions. “Yellow” tags indicate transactions in which the chance of a fraudulent transaction is above the average, and additional attention will be required to effect a payment. “Red” marks transactions that are most likely to be fraudulent, and they will require documentary evidence of the cardholder's authenticity.

The “fate” of each tag is individual. In graphical form, we presented the life cycle of all three types of transactions in Figure 1. Next, with a few simple examples, we consider typical transactions of all “colors” and describe what checks are determined by fraud monitoring system depending on the risk level of fraud.


Figure 1. “Life cycle” of transactions with different levels of risk of fraudulent transactions

With “green” transactions, everything is as simple as possible: for example, the payer makes payments from Russia, with a card issued by a Russian bank. The amount of payment does not exceed the average store receipt.

The monitoring system assigns a green label to the transaction. Then the transaction is sent for authorization using 3-D Secure. And if the card is not subscribed to the one-time password service or the issuing bank does not yet support this service, a request for authorization of this transaction will be sent to the processing center of the paying bank in the usual way - directly.

The average level of fraud risk determines a different way to check payment for legitimacy. A “yellow” color label is assigned to transactions with medium and above average risk levels for fraudulent transactions. For example, in a Russian online store, the purchase is paid for with a bank card issued in Russia, but the size of the average check significantly exceeds the average for the hospital.

The system marks this transaction with a “yellow” tag, and additional steps may be required by the payer to authorize it. If the card is subscribed to 3-D Secure, then the transaction (as in the case of the “green” tag) will be authorized with a one-time password. However, if the payer cannot use this method of payment authorization, his bank card will be automatically sent for online validation or manual verification.

The fraud monitoring system automatically assigns a “red” label to transactions with a high level of risk of fraudulent transactions. For example, payment in the Russian online store is carried out by a card issued in the USA, and the payer is in Spain.

If payments with this bank card were not previously made through PayOnline, the fraud monitoring system will mark the transaction with a “red label” and transfer it from automatic authorization to manual mode. Such payment will be sent for manual moderation to specialists of the risk department. To authenticate the owner of a bank card will require documentary evidence - a scanned image of a bank card and an identity document of the owner. After providing the correct document scans, the operation is transferred from “red” to “green” color and is sent for authorization to the processing center of the bank. Questionable transactions that have not undergone manual moderation are rejected in order to avoid the risk of fraudulent transactions.

Thus, the transaction analysis is automatically carried out by the fraud monitoring system at once on three levels: a single bank card; e-commerce enterprise profile; total transaction flow processed by IPSP. Coupled with the constantly improving algorithms for the automatic collection, processing and analysis of data on payments made, multi-level transaction analysis allows the fraud monitoring system to change in a timely manner, increasing the level of security for making payments on customer sites and reducing the risks of all types of fraud inherent in Internet commerce.

What makes the fraud monitoring system alarming?

What might cause suspicion of antifraud system? Here are some parameters that are likely to make the fraud monitoring system.

• Payment on one card comes from different devices identified by different IP addresses.
• The opposite situation - from the same device (IP address) operations are performed using a large number of cards.
• Several unsuccessful payment attempts are made from one card (the user is probably not able to go through the confirmation procedure).
• One customer registers under multiple accounts using different email addresses and pays with one card.
• The name of the payer indicated on the payment form is different from the name of the cardholder.
• Different countries register the online store, the card issuing bank and the buyer.

This list of "controversial situations" can give you a general idea of ​​the logic of the system. Risk specialists and business analysts are trying to take into account all the nuances, adding new filters that protect the business of Internet companies from intruders. It is worth noting that, depending on the payment service provider, the logic of the fraud monitoring system and its parameters change.

Manual setting: why and who needs it

Fraud monitoring system settings vary by business type. It is necessary to take into account a whole list of parameters:

• average payer profile,
• average check size
• the level of risk in the segment
• features of the goods and services sold (digital or physical).

Sometimes a business has very narrow specifics, and without individual adjustment, some payments simply will not be able to go through the standard anti-fraud settings, although they will not be fraudulent.

For example, restrictions on the geography of payments are critical for online tourism: the client may need to purchase a plane ticket while on a business trip abroad, and the system will block such a payment, as it is not from the country where the payer card is issued.

In this case, fine-tuning filters is applied: you can set the conditions according to which the payment will be skipped, even if the condition is not met, the geography of the payment. Such changes are made to the system only after analyzing possible risks, under the supervision of specialists and after coordinating the changes with a representative of the online store.

Personal intervention in the system can lead to large losses - with the approval of fraudulent transactions, the online store will be obliged to return the money to the card holder, even if the goods have already been shipped to the imaginary buyer. Moreover, the store may be fined depending on the volume of fraud, and if such situations are repeated, special sanctions from international payment systems (MPS) will be imposed.

Pros and cons of antifraud system

The advantages of the fraudulent monitoring system are obvious - automatic rejection of suspicious transactions, protection of the online store from subsequent proceedings with banks, payment systems and real cardholders. And, of course, minimizing reputational and financial risks. The reputation of the store will not suffer, and users will trust such a resource, which means their loyalty will grow.

But, like any service, the fraud monitoring system has its “production costs”. Rejection of payments can lead to loss of customers, and thus profits. Without proper configuration, the filters may not allow transactions significant for the online store to be missed by customers.

When choosing a payment service provider, you should pay attention to the declared conversion to successful payments: services that guarantee “100% successful payments” most likely either intentionally overestimate their functionality or put clients at risk of becoming a victim of intruders. For example, the level of conversion to successful payments after a “manual” setting (or at standard online stores with a standard client audience) of PayOnline electronic payment system varies within 93-96% - and this is a very good indicator for the market.

Another unpleasant, but important point that will be faced when developing a fraud monitoring system on the side of an online store, will be the protection of user data, both personal and payment. You will need to be certified for compliance with the requirements of the PCI DSS standard, as well as take into account restrictions on data storage and processing that are regulated by law. This refers rather to those who still undertake the independent development of the antifraud, so we will not go into detail in this article.

Who provides antifraud services and why only a few are worth investing in their own development

Monitoring fraud - the need for modern e-commerce realities. For a bank, the cost of supporting and developing an antifraud system is more than an acceptable amount that will pay for itself many times over in the process of use.

For the payment service provider, the fraud monitoring system is one of the key services that it provides to client companies.

For small and medium businesses, the development of their own antifraud is a very heavy project that does not pay off. The requirements for such mechanisms are growing every year, they learn to refine the information they receive, taking into account statistics and behavioral factors. For the system to work efficiently and meet modern requirements, it requires a staff of qualified specialists and significant technical capacity. In the overwhelming majority of cases, e-commerce players cannot afford such fixed costs — and the monitoring of fraudulent transactions is delegated to payment service providers specializing in the analysis and processing of payment transactions. So, for example, the Fraud Management System (FMS) system developed by our specialists performs monitoring of fraudulent payment transactions in PayOnline. It allows you to fine-tune the security of 140 filters. If you are interested in accepting payments on the website or in a mobile application protected by an antifraud system, feel free to contact , advise and connect.

In the next part of “9 secrets of online payments” we will discuss another very important topic for any seller - charge back: What if the service is provided or the goods are shipped, and the customer or the bank needs to return the money back to the payer card? How can I avoid refunds? What requirements are usually imposed on the site of an online store? Soon in our blog.