FraudGuard

Fraud Guard

Fraud Guard helps detect and block fraud for your business. Fraud Guard performs checks on Internet transactions and suspends those it deems suspicious. It's built into QuickStream and integrated into the REST API and QuickWeb payments flow. You can start using Fraud Guard without any extra development time.

Features

Fraud Guard, QuickStream's fraud detection engine, has the following features:


Risk-based evaluations on your Internet card payments.

Default rule settings based on common thresholds.

Rules to automate fraud detection for your business.

Facility and business-level rule configurations.

Lists to automatically suspend customers.

Review of suspicious transactions.

Active and passive modes.


Getting started

To use Fraud Guard your application must use one of the following:

Please note you may need to update your privacy policy to tell your customers about the collection of their IP addresses and any other details collection.

You can then sign-in to the QuickStream portal and manage your Fraud Guard rules.

Configuration

Fraud Guard provides a set of default rules and thresholds when you first turn it on. QuickStream lists the rules in the order they run. Depending on your business needs you may want to configure these thresholds and change which rules are toggled on.

Fraud Guard allows you to adjust the default thresholds and active rules for which payments are suspended in your Facility Settings -> Manage Fraud Guard. Changing these settings will automatically apply the activated rules and thresholds at which payments are suspended, so that everything stays in sync.

Activating rules and setting the thresholds at which you suspend payments requires you to consider a tradeoff between how much fraud is suspended and how many payments are allowed. As you change the Fraud Guard settings you may:

  • allow more payments but you may also allow more fraud risk, or
  • suspend more fraud but also suspend more payments.

To test the impact of changing your rules you can set Fraud Guard to run in Passive mode. Fraud Guard can operate in an Active mode where transactions are suspended, or a Passive mode where unusual transactions are processed normally but the Fraud Guard processing result is recorded for later reporting.

In Production, you may set the Fraud Guard mode to Passive before switching to Active mode. Export your transactions periodically to test how your rules are performing before making changes in Active mode.


Fraud Guard allows you to create your own lists of information that can be used to suspend matching payments. Lists can be easier to manage as you learn more about how your customers are making payments. For example, you may have payers that are travelling in common countries but their cards should be issued from the countries you do business.

An image of two lists country-based lists in Fraud Guard settings.


As your business changes, it's important that you re-evaluate your rules. If you have multiple businesses in your facility, you may set up different rules for each business.

A list of businesses that have Fraud Guard rules at a business-level.

Any business-level configuration will override the facility-level configuration for that business. When you view the rules for that business, QuickStream displays difference between each rule at the business and facility levels.

An image showing Fraud Guard business rule settings and an indication of the rule setting at the facility-level.

Chargebacks

Online payments fraud involves someone obtaining someone else's card number and then using it to make unauthorised payments. Eventually, the real cardholder will discover the transaction and initiate a chargeback with their bank. When tuning your Fraud Guard rules, keep costs in mind:

  • the cost of taking the transaction;
  • the cost of the item sold; and
  • the cost your business will incur as a result of a chargeback.

Read more about Electronic chargebacks and how to retrieve a feed of this data.

Reviewing transactions

A transaction is suspended when Fraud Guard has deemed it suspicious based on your rules and configuration. You can review the queue of transactions that were suspended by Fraud Guard.

The Suspended Transactions view lists the transactions by month and business.

You can:

  • hover over the Status to view more details about which rule suspended the transaction; or
  • hover over the row and view the context menu which shows you the actions you can take on the transaction; or
  • click on the transaction to see a detailed view.

You'll see more information about the payment. This includes the customer's IP address, the Fraud Guard result and the history of transactions using the same card.

Review Suspended Transactions


Once you've reviewed a transaction, you can remove it from the queue by taking one of the following actions:

  • Complete: The transaction is attempted. You can still void or refund the payment after it is approved. Once a transaction is voided or refunded, the action cannot be undone and a new transaction must be taken.
  • Cancel: The transaction is voided and not attempted. Once a transaction is voided , the action cannot be undone and a new transaction must be taken.
  • Ignore: You may choose not to take any action and the queue will continue to grow. QuickStream shows 6 months of suspended transactions.

Human reviews can add an additional layer to your fraud prevention strategy. These reviews provide additional insight and control. They may also be a burden for operational resources or become hard to manage in peak times. Using the QuickStream REST API Toolbox you can request:

GET /transactions/suspended?supplierBusinessCode={code}&month={YYYY-MM} and list the suspended transactions in the queue.

GET /transactions/{receiptNumber} to inspect the details of the transaction.

POST /transactions/{receiptNumber}/void to cancel transactions and shorten the queue.

Testing

  • You can test a subset of rules in the test environment. You may not be able to test every rule because of the reliance on your payer's IP address.
  • Fraud Guard sets the transaction response code to 34 - Suspected Fraud for suspended transactions.
  • Use the table below to try test card numbers and IP addresses used by different countries.
Country Card numbers IP addresses
Australia 5163200000000008
4862700000000004
1.120.0.0
1.159.255.255
Brazil 4027613300000008
5304544700000002
2.16.224.0
2.16.255.255
Croatia 5209442400000008
4120588600000005
31.147.0.0
31.147.255.255
Egypt 4588329200000003
5303618600000006
41.32.0.0
41.47.255.255
Japan 4538680300000009
5305901200000008
1.72.0.0
1.79.255.255
New Zealand 4055470700000004
5366730900000000
23.5.176.0
23.5.191.255

Your strategy

Your fraud prevention strategy should not start and end with Fraud Guard. There are some simple things you can do to make your solution robust:

  • Validate information about your customer. Include customer numbers, invoice numbers, billing addresses and shipping addresses.
  • Validate disposable email addresses using online services.
  • Require your customer to authenticate with your system. Your customer should sign-in with a strong password or another authentication mechanism.
  • Add a CAPTCHA.
  • Turn on 3D Secure.
  • Add minimum and maximum payment amount limits before sending a transaction to QuickStream. Set a global payment amount limit in your QuickStream facility settings.
  • Require the Card Verification Value (CVV). QuickStream requires payers to enter this for Internet card payments.
  • Create blacklists for specific customer IP addresses, customer numbers and other details. Do not send matching payments to QuickStream.
  • Void or refund card payments after you have reviewed against your own business rules.
  • Receive electronic chargebacks for your merchant facility.

Read more about: