worldline Direct
Sign up

Take a look at our newest state-of-the art fraud prevention tools featuring

  • AI-powered risk scoring.
  • Continuous machine learning optimisation.
  • Device fingerprinting.

We offer both a plug-and-play version (Fraud Prevention Silver) or a highly adaptable solution (Fraud Prevention Gold). Refer to our dedicated guide to enroll for this exceptional service!

Introduction

Fraud Expert Scoring is your answer to reduce any fraud risk. Our advanced technology provides you with a complete set of tools to overcome fraudulent activities.

Fraud Expert Scoring uses technology from Fraud Expert Checklist and takes it a step further by allowing you to create extensive rule combinations that are uniquely adapted to fulfil your business needs. We do this by using a scoring system to assess the risk associated with a transaction. Based the score, you can automatically decide to block or accept a transaction. You can even add another round of detailed review for the same transaction through another automated procedure that determines whether you will ultimately block or accept it! If you are not sure how to handle particular transactions, our fraud experts can even assess and process for you. Thanks to our years of expertise, we will always be able to predict malicious behavior patterns and beat fraudsters before they strike.

The image above shows a graphical representation of how the three components merchant rules/Fraud Expert Score/Payer authentication and verification are combined to the Fraud Expert Scoring.



This guide covers the functionalities that we offer our Fraud Expert Scoring solution.

If you would like to know more about our Fraud solutions, get in touch with us.

Before we begin

Fraud Expert Scoring is also sometimes referred to as Fraud Detection Module Advanced Scoring (FDMAs).

To get started, make sure Fraud Detection Module Advanced Scoring (ID: CAP 2) has been activated. You can do this by going to Configuration > Account > Your options in your account. If it has not been activated, get in touch with us.

Manage 3DS settings

3-D Secure (3DS) is an anti-fraud protocol designed to enhance security for both you and your customers.

Define 3DS settings

Once your fraud subscription is active, you can now configure your 3DS settings. Go to Advanced > Fraud Detection. 3DS has to be configured individually for each payment method. Under 3-D Secure, select a payment method by clicking on EDIT.

The image above shows the 3-D secure settings table in the Back Office.

You will see a list of actions that you can choose from.

The image above shows the list of available actions for 3-D Secure settings.

The table below provides an overview on actions listed on the page and what they mean.

Actions Explanation

Continue/interrupt the transaction if a technical problem prevents connection to the directory during the 3D-Secure registration check.

You may want to do configure this option if 3-D Secure is unavailable for any of these reasons.

Choosing "Continue" will significantly reduce your conversion rate due to SCA regulations. Read our dedicated guide to learn more.

Continue/interrupt the transaction if the cardholder identification service is temporarily unavailable.

Activate/deactivate 3D-Secure for all cards.

Choosing "Deactivate" will significantly reduce your conversion rate due to SCA regulations.

Read our dedicated guide to learn more.

Process 3-D Secure after the Global Fraud Score.

3-DS will be processed based on your fraud settings and our Fraud Expert assessment if it has been activated.

Set conditions for Merchant Fraud lists

Merchant Fraud lists are lists that allow you to set conditions for your payments. For example, you may want to block illegitimate transactions based on their IP addresses or even the card’s country of issue. In this chapter, you will learn how to manage these lists.

There are three types of lists.

  • Whitelists allow you set conditions for when a transaction should be accepted.
  • Blacklists allow you to set conditions for when a transaction should be blocked.
  • Greylists allow you to set conditions for when a transaction should be reviewed or undergo another process.

The individual effect of a match in any of these lists is defined by Merchant Fraud Rules. This means that you will have to manage both:

Only then will your settings take effect

View lists

View these lists by going to Advanced > Fraud Detection in the your account. Under Blacklist / Greylist / Whitelist, select an item that you would like to configure and click EDIT.

The image above shows an overview of blacklists/greylists/whitelists available in the Back Office.

Manage whitelists

You can use whitelist to set conditions for when transactions should be accepted. Whitelists overrides blocking (blacklist) and review (greylist) settings if a match has been detected.

Depending on the action that you choose to take, you might need to send some parameters with the transaction to our platform. Below is an overview of the list types (i.e the conditions you can set), what they mean and parameters that would need to be sent.

List type Explanation Parameter to be sent

IP address whitelist

Our system will accept both specific IPs or IP ranges according to the formatting a.b.c-d.0-255 or a.b.c-d.* or a.b.c.d-e.

fraudFields.customerIpAddress

This property is deprecated. Use order.customer.device.ipAddress instead

Unique customer identifier whitelist

Customer Unique Identifier is an identifier allocated to your customer such as their name, client number, email address.

order.customer.merchantCustomerId

Email whitelist

Add a range of email addresses or if you need to add all email addresses from the same domain (Example: john@abc.com), add an asterisk ‘*’ symbol in front of the @ sign. (Example: *@abc.com)

order.customer.contactDetails.emailaddress

Manage blacklists

Blacklists apply blocking or review if a match is detected.

Depending on the action that you choose to take, you might need to send some parameters with the transaction to our platform. Below is an overview of the list types (i.e the conditions you can set), what they mean and parameters that would need to be sent.

List type Explanation Parameter to be sent

Card Blacklist

to add items you will need the full credit card / bank account (For Direct debits) number.

cardPaymentMethodSpecificInput.card.cardNumber

BIN blacklist

A Bank Identification Number (BIN) consists of the first six digits of a credit card linked to an issuer in a specific country. This allows you to block all credit cards that share the same BIN.

cardPaymentMethodSpecificInput.card.cardNumber

IP blacklist

Our system will accept both specific IPs or IP ranges according to the formatting a.b.c-d.0-255 or a.b.c-d.* or a.b.c.d-e.

fraudFields.customerIpAddress

This property is deprecated. Use order.customer.device.ipAddress instead

E-mail blacklist

Add a range of email addresses or if you need to add all email addresses from the same domain (Example: john@abc.com), add an asterisk ‘*’ symbol in front of the @ sign. (Example: *@abc.com)

order.customer.contactDetails.emailaddress

Name blacklist

Generates two versions of the name: the “Cleaned name” and the “Partial match”

cardPaymentMethodSpecificInput.card.cardholderName

Phone blacklist

Generates two versions of the name: the “Cleaned number” and the “Partial match”

order.customer.contactDetails.phoneNumber

Generic blacklist

Personalise this list with any data that is desirable

fraudFields.blackListData

Manage greylists

Greylists allow you to set conditions for when a transaction should be reviewed if a match is detected.

Depending on the action that you choose to take, you might need to send some parameters with the transaction to our platform. Below is an overview of the list types (i.e the conditions you can set), what they mean and parameters that would need to be sent.

List type Explanation Parameter to be sent

Card greylist

to add items you will need the full credit card / bank account (For Direct debits) number.

cardPaymentMethodSpecificInput.card.cardNumber

BIN greylist

A Bank Identification Number (BIN) consists of the first six digits of a credit card linked to an issuer in a specific country. This allows you to block all credit cards that share the same BIN

cardPaymentMethodSpecificInput.card.cardNumber

IP greylist

Our system will accept both specific IPs or IP ranges according to the formatting a.b.c-d.0-255 or a.b.c-d.* or a.b.c.d-e.

fraudFields.customerIpAddress

This property is deprecated. Use order.customer.device.ipAddress instead

E-mail greylist

Add a range of email addresses or if you need to add all email addresses from the same domain (Example: john@abc.com), add an asterisk ‘*’ symbol in front of the @ sign. (Example: *@abc.com)

order.customer.contactDetails.emailaddress

Name greylist

Generates two versions of the name: the “Cleaned name” and the “Partial match”

cardPaymentMethodSpecificInput.card.cardholderName

Phone greylist

Generates two versions of the name: the “Cleaned number” and the “Partial match”

order.customer.contactDetails.phoneNumber

Generic greylist

Personalise this list with any data that is desirable

fraudFields.blackListData

Add new items to a list

If you would like to add items to one of the list types above, select the respective list type and click EDIT.

The image above shows how to add new items in a blacklists/greylists/whitelists.

To add items to a list:

  1. Enter data in the Enter the item.
  2. Select either Actual Fraud / Commercial Dispute / Suspicion of Fraud.
  3. Optional: Add some information in the Comment field if you have any.

Manage existing list items

The image above shows how to manage existing items in a blacklists/greylists/whitelists.



If you would like to manage items in a list, you can either:

  • Delete: Remove one or more items by flagging All.
  • Fraud type: Modify the original entry to FRA (Actual Fraud) / COM (Commercial Dispute) / SOF (Suspicion of Fraud).
  • Comment:Delete or change the original comment of your item by clicking on "...".

Our platform also allows you to put already processed transactions to this list. To do so, follow these steps:

  1. Log in to the Back Office. Go to Operations > View transactions and look up the transaction.
  2. In the table displaying all maintenance operations for this transaction, click on any Pay ID button.
The image above shows the Pay ID button in the Back Office.
  1. On the maintenance operation overview page, click on the “DISPUTE” button.
  2. In the table, select either “Add to the blacklist” / “Add to the greylist” for any of the selectable transaction parameters. Flag then transaction as either "Actual fraud” / “Commercial dispute" / "Suspicion of fraud". Confirm your selection by clicking on the "Save" button.
The image above shows how to link a transaction to either "Actual fraud" / "Commercial dispute" / "Suspicion of fraud".

Configure Merchant Fraud scoring

This chapter will teach you how you can set and manage fraud scoring.

The principle of fraud scoring is to allocated a score for each transaction based on various parameters that their respective weighting that you have set! The final score will be categorised:

  • Green: Transactions with a green score are considered to have low fraud risk. They are considered to be safe and will be accepted, provided that the acquirer/issuer will not reject it for any other reason.
  • Orange: Transactions with an orange score are considered to have medium fraud risk. This means that some rules have been triggered and it might be suspicious. We recommend that you verify transactions that fall under this status before dispatching your goods/services.
  • Red: Transactions with a red score are considered to have high fraud risk and will be blocked.

Configure your fraud scoring by going to Advanced > Fraud Detection your account. Under Fraud detection activation and configure, select a payment method that you would like to configure and click EDIT.

You can define a transaction as low, medium or high risk by setting a score for medium transactions at the bottom of the table.

The image above shows the element that is used to define a score for medium transactions.

Define the scoring

The image above shows an overview of available settings of a blacklists/greylists/whitelists.

On same page, you will see criteria that you can define freely. Each criterion requires you to define one or more of the following settings:

  • None (the criteria is ignored and no assessment will be made)
  • Review (a 3-D Secure check will be performed if Selective 3DS is active)
  • Override blocking / review
  • Block
  • Whitelist / greylist / blacklist management
  • Edit usage limit

Depending on the criteria that you wish to define, you might need to send some parameters with the transaction to us. Below is an overview of the most important criteria, their respective parameters and our possible settings to define to effectively optimise your fraud protection.

Category Criteria Parameter(s) to be sent

Trusted data / whitelists

3-DS Secure identification OK

> Override blocking & review

> Block / Review /
except card blacklist rule

3-D Secure properties

CUI whitelist identification

> Override blocking & review
> Edit whitelist: CUI

order.customer.merchantCustomerId

E-mail on whitelist

> Override blocking & review
> Edit whitelist: E-mail

order.customer.contactDetails.emailaddress

Card data

Card country high / medium risk

> Review
Configure Card country groups

Max amount / card high / medium threshold

> Block / Review

Edit usage limits (Maximum utilization per card, per period x day(s) / Total amount of transactions per card / Number of transactions per card)

cardPaymentMethodSpecificInput.card.cardNumber

IP data

IP country high / medium risk

> Configure IP country groups

> Block / Review

fraudFields.customerIpAddress

This property is deprecated. Use instead order.customer.device.ipAddress

Anonymous proxy

> Block / Review

fraudFields.customerIpAddress

This property is deprecated. Use instead order.customer.device.ipAddress

IP cty differs from CC cty

> Block / Review

fraudFields.customerIpAddress

This property is deprecated. Use instead order.customer.device.ipAddress

cardPaymentMethodSpecificInput.card.cardNumber

Unauthorised card country / IP country combination high / medium risk

> Edit IP/CC country pairs

> Block / Review

fraudFields.customerIpAddress

This property is deprecated. Use order.customer.device.ipAddress instead

Max utilisation / IP

> Block / Review

> Edit usage limits (Maximum utilisation per IP address, per period x day(s) / Number of successful transactions per IP address / Number of transactions (accepted or refused) per IP address)

fraudFields.customerIpAddress

This property is deprecated. Use instead order.customer.device.ipAddress

Contact data

Max e-mail utilisation

> Block / Review

> (Maximum utilisation per e-mail address, per period of x day(s)
/ number of utilisations for the e-mail address)

fraudFields.customerIpAddress

This property is deprecated. Use order.customer.device.ipAddress instead

Address data

Invoicing address different to delivery address

> Review

order.additionalInput.shipping.addressIndicator

Miscellaneous data

Number of different countries

> Block / Review

-

Amount lower / higher than range

> Edit min max amount

> Block / Review

order.amountOfMoney

Time of order high - / medium risk period

> Review

> Edit risky periods

-

Shipping Method

> Block / Review

> Edit risky shipping methods

Send values in

order.shipping.method.type

you have defined via "Edit risky shipping methods"

Product Category

> Block / Review

> Edit risky product categories

Send values in

fraudFields.productCategories

you have defined via "Edit risky product categories"

Data in generic blacklist / greylist

> Block / Review

> Edit blacklist / greylist: generic data

fraudFields.blackListData

Automatic address verification by the acquirer

Result OK / KO
ZIP KO, Address OK
ZIP OK, Address KO
Result not received or unknown

> Block (Review if in Direct Sale) / Review

order.customer.billingAddress
order.customer.billingAddress.zip

Card verification code check

Result OK / KO

> Block (Review if in Direct Sale) / Review

cardPaymentMethodSpecificInput.card.cvc

Configure travel data (for airline industry only)

If your business model involves handling airline data, you will also need to send the following parameters need to be sent to us along with the transaction to be taken into consideration:

order.additionalinput.airlineData.passengers
order.additionalinput.airlineData.flightLegs
     originAirport
     arrivalAirport
     stopoverCode
     date

For more information on these parameters, you can refer to our API reference.

Apply list items as Merchant Fraud Rules

Once you have managed items in your white/grey/black lists, you need to instruct our platform once a match occurs.

To do so, follow these steps:

  1. Log in to the Back Office. Go to Advanced > Fraud Detection. Select the payment method for which you want to configure Merchant Fraud Rules via "Fraud detection activation and configuration".
  2. Select any of the settings in column "Action" to define how a match should impact the scoring of the transaction in question.
  3. You may edit the list corresponding to the setting by selecting the option "Edit list xxx" on the right hand-side of the setting.

Send Fraud parameters in transaction requests

Once you have set the conditions for the Fraud lists and the Fraud rules in the Back Office, you are now ready to link them to transaction requests you send to our platform.

The actual Fraud check covers two steps:

  1. Add the properties in the fraudfields object that are relevant to either of the list(s) and/or rules to a CreatePayment/CreateHostedCheckout request. A typical request looks like this:
    
    {
      "cardPaymentMethodSpecificInput": {
        "card": {
          "cvv": "451",
          "cardNumber": "4012005616165343",
          "expiryDate": "1221",
          "cardholderName": "Wile E. Coyote"
        },
        "isRecurring": false,
        "paymentProductId": 1,
        "transactionChannel": "ECOMMERCE",
        "threeDSecure": {
          "externalCardholderAuthenticationData": {
            "cavv" : "AAABBEg0VhI0VniQEjRWAAAAAAA=",
    "cavvalgorithm": "0",
            "directoryServerTransactionId" : "f25084f0-5b16-4c0a-ae5d-b24808a95e4b",
            "eci" : "7",
            "threeDSecureVersion" : "2.1.0"
        }
        }
      
    },
    "fraudFields": {
    "customerIpAddress": "5.204.5.55"
    },
      "order": {
        "amountOfMoney": {
          "currencyCode": "EUR",
          "amount": "100"
        },
        "customer": {
          "billingAddress": {
            "countryCode": "NL"
          }
        },
        "references": {
          "merchantOrderId": 123456,
          "merchantReference": "oGPc8xJURfpFitBa6ORrpkBuPoGpvD"
        }
      }
    }
    


  2. Our platform compares the fraudfields properties with what you have configured in the Back Office. If there is a match, our platform will block or accept the transaction.
  • A blocked transaction due to (suspected) Fraud reaches statusCode=2.
  • Object CardPaymentMethodSpecificOutput.FraudResults of a GetPayment requests contains detailed information about why a transaction has been accepted/blocked.

Manage Fraud Expert settings

Fraud Expert is a machine learning system that provides you with a second expert opinion through an additional layer of security. It uses the pooled data of historical transactions from all of our customers across various industries and sectors. The data is then used to create accurate fraud predictions and evaluate the legitimacy of every transaction that passes through your webshop with these predictions. This means that transactions will not only be verified with the rules that you have manually set, but it will also go through an additional barrier of protection. Fraud Expert is responsive. As new customer transactions are made, Fraud Expert continuously adapts its predictions and responds to new threats in the payment ecosystem.

It can:

  • Detect fraud at an earlier stage and ensure that your business is protected from complex fraud attacks from the get go!
  • Remove human error and prevent the rejection of valid orders.
  • Outsource the manual review of dubious transactions as well as freeze dubious transactions that you want to review yourself.

This chapter will teach you how you can activate and configure Fraud Expert settings.

Define activity sector and review modes

Firstly, you will need to define your activity sector. Based on your activity sector, our Fraud Expert tool will formulate predefined scoring rules and criteria that is for your industry. Go to Advanced > Fraud Detection > Your Activity Sector. Click EDIT.

The image above shows an overview of available settings in the "Your Activity Sector".

On the same page, you can also decide if you want to automate or manually review your transactions. You can do so for all your payment methods. This means that if you select

  • Automatic: Transactions that go through your webshop will either be released or blocked automatically.
  • Manual Review: Transactions that go through your webshop will be manually reviewed by experts at Direct.

Define Fraud Expert behavior

Once you have defined your activity sector, we can now define what actions can be taken with Fraud Expert. Transactions that go through your webshop will be defined by a Global Fraud Score.

A Global Fraud Score is a score (either green, orange or red) made up of the combination of your own configuration (also known as FDMA checklist) that you have set in Chapter 4 and the Fraud Expert. By taking these two factors into consideration, a Global Fraud Score is created for each transaction that passes through your webshop.

  • Green: Transactions with a green score are considered to have low fraud risk. They are considered to be safe and will be accepted, provided that the acquirer/issuer will not reject it for any other reason.
  • Orange: Transactions with an orange score are considered to have medium fraud risk. This means that some rules were triggered and the transaction might be suspicious. We recommend that you verify them once more before dispatching your services/goods to the customer.
  • Red: Transactions with a red score are considered to have high fraud risk and will be blocked.

To start, go Advanced > Fraud Detection. Select a payment method that you want to configure, and click EDIT.

The image above shows where to select the payment method to configure for the "Fraud Expert" tab.

Once a payment method has been selected, you will see two tabs on the top of the screen. Select the Fraud Expert tab.

The image above shows an overview of available settings in the "Fraud Expert" tab.

On the page, you will see your Global Fraud Score matrix. You can define what action or behavior that you would you like to do, based on the Global Fraud Score of your transactions.

For instance, a transaction may receive a green score (low fraud risk) based on your FDMA settings (as you had defined in Chapter 4). However, our Fraud Expert system may score the same transaction as red (high fraud risk). You can then decide what action you want to take if such a scoring is denoted on a transaction.

Manage orange transactions

As we had stated earlier, transactions that have an orange score are considered to have medium fraud risk. With the Global Fraud Score matrix, you can “freeze” orange transactions for manual review. This means that you have the opportunity to review the transactions yourself before making a final decision.

Recommendation: We recommend that you do not wait to take a decision. If no action is made after the freeze period is over, the payment will automatically be processed!

The image above shows where to configure the "Transaction freeze for orange transactions".

You can decide the length of your freeze period by going to the Fraud Expert tab of each payment method.

Once you have decided on a freeze period, you can view all impacted orange transactions by going to Operations > View Transactions. Select ADVANCED SEARCH CRITERIA. Look up the transactions with the filter Risk Category and Fraud Expert Manual Review.

The image above shows where to choose search criteria "Risk category"/"Fraud Expert Manual Review" in Operations > View Transactions > ADVANCED SEARCH CRITERIA.

In the list of transactions displayed, you will see symbols under the Global Fraud Score column.

  • Hand symbol: Click on this symbol to either release or block transactions.
The image above shows a typical example of a transaction to be either released or blocked.
  • Hourglass symbol: Transactions with this symbol are awaiting to be released or blocked based on the results of our Fraud Expert review.
The image above shows a typical example of a transaction waiting to be released or blocked based on the Fraud Expert review result.

Was this page helpful?

Do you have any comments?

Thank you for your response.