Fraud Scoring

Our eCommerce merchants who primarily perform card-not-present transactions can now take advantage of our Fraud Scoring feature through our APIs, Hosted Payment Forms, and iFrames. Our comprehensive suite of fraud solutions allows a merchant to protect a business by identifying online threats proactively.

We will be leveraging state-of-the-art machine learning models and established rules to identify good customers, reduce manual reviews, analyze patterns and data, highlight risky transactions and perform comprehensive reporting.

Fraud Scoring will be available through all our processors and help merchants score transactions based on rules. Transactions will be screened within milliseconds using the best possible set of data and decision-making models.

How would you like to integrate?

Whether you integrate with us via the APIs, iFrames or Hosted Payment forms, the checkout process remains the same.

Let's get you started

Our team of experts will analyze your business needs and build a strategy that will help you grow by driving down the total cost of fraud, simplifying business processes, and ultimately increasing revenue.

Direct API Integration

For merchants who would like to integrate via API, below is an example of the QSAPI request.

curl --location --request POST '<PAYCONEX_URL>/api/qsapi/3.8' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'account_id=<YOUR_ACCOUNT_ID>' \
--data-urlencode 'api_accesskey=<YOUR_API_ACCESSKEY>' \
--data-urlencode 'response_format=JSON' \
--data-urlencode 'transaction_type=SALE' \
--data-urlencode 'tender_type=CARD' \
--data-urlencode 'card_number=4124932222222223' \
--data-urlencode 'card_expiration=1222' \
--data-urlencode 'card_verification=123' \
--data-urlencode 'currency=USD' \
--data-urlencode 'transaction_amount=1.00' \
--data-urlencode 'device_trans_id=<THE_DEVICE_TRANSACTION_ID_RETURNED_FROM_THE_JAVASCRIPT_CALL>' \
--data-urlencode 'payment_type=ECOMMERCE'
curl --location --request POST '<PAYCONEX_URL>/api/qsapi/3.8' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
    "account_id":"<YOUR_ACCOUNT_ID>",
    "api_accesskey":"<YOUR_API_ACCESSKEY>",
    "response_format":"JSON",
    "payment_type":"ECOMMERCE",
    "transaction_type":"SALE",
    "tender_type":"CARD",
    "card_number":"4124932222222223",
    "card_expiration":"1222",
    "card_verification":"123",
    "transaction_amount":1.00,
    "currency":"USD",
    "device_trans_id":"<THE_DEVICE_TRANSACTION_ID_RETURNED_FROM_THE_JAVASCRIPT_CALL>"
}
'

For merchants integrating via API, we recommend you install code for inAuth. InAuth prevents fraud by analyzing devices and associated identities transacting across digital channels. This will help you verify identity, assess and mitigate risk in real-time, and optimize your customer experience.

Install Javascript code for enabling inAuth
The collection code below highlights the placeholder variables which must be addressed for each page on which the code is deployed.

<script src="https://prod.accdab.net/cdn/cs/<client_id>.js" id="bcn" dvc="a" dvct="500" dvci="<device_trans_id>" sid="<session_id>"></script>

client_id = provided by Bluefin.
device_trans_id = value generated by the merchant. Must not be a duplicate (best to use guid for every page refresh). The value used must be sent in QSAPI API call.
session_id = an ID that the merchant can tie to the transaction. Used for debugging.
dvct = This is a timeout in milliseconds for any additional calls within the cc.js. Note: It is best practice to set this value for defensive programming to avoid device data collection for taking an excessive amount of time.

Integration URL: https://test.accdab.net/cdn/cs/<client_id>.js
Production URL: https://prod.accdab.net/cdn/cs/<client_id>.js

Reporting Merchants who are integrated via APIs can also have the Fraud Recommendation code set for each record through the Reporting Service API under Payconex Manage Settings> RSAPI Options> Include Fraud Recommendation Code.

Please refer to our API-Only integration here.

iFrame Integration

When merchants want to integrate through Tokenized iFrame and Anti Fraud Scoring is enabled, “Device Transaction ID” is automatically retrieved from PayConex and returned inside the “Payment iFrame” object present in the JavaScript of the call.

The response from the object for the inAuth call would be antiFraud.device_trans_id

The element that must be included in the QSAPI call when AntiFraud is enabled is device_trans_id. If you already have an iFrame integration, just include device_trans_id. If you would like to learn more about PayConex iFrame Integration click here.

curl --location --request POST '<PAYCONEX_URL>/api/qsapi/3.8' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'account_id=<YOUR_ACCOUNT_ID>' \
--data-urlencode 'api_accesskey=<YOUR_API_ACCESSKEY>' \
--data-urlencode 'response_format=JSON' \
--data-urlencode 'transaction_type=SALE' \
--data-urlencode 'tender_type=CARD' \
--data-urlencode 'custom_id=<THE_CUSTOM_ID_RETURNED_FROM_THE_IFRAME_JAVASCRIPT_CALL>' \
--data-urlencode 'etoken=<THE_ETOKEN_RETURNED_FROM_THE_IFRAME_JAVASCRIPT_CALL>' \
--data-urlencode 'device_trans_id=<THE_DEVICE_TRANSACTION_ID_RETURNED_FROM_THE_JAVASCRIPT_CALL>' \
--data-urlencode 'currency=USD' \
--data-urlencode 'transaction_amount=1.00' \
--data-urlencode 'payment_type=ECOMMERCE'
curl --location --request POST '<PAYCONEX_URL>/api/qsapi/3.8' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
   "account_id":"<YOUR_ACCOUNT_ID>",
   "api_accesskey":"<YOUR_API_ACCESSKEY>",
   "response_format":"JSON",
   "payment_type":"ECOMMERCE",
   "transaction_type":"SALE",
   "tender_type":"CARD",
   "custom_id":"<THE_CUSTOM_ID_RETURNED_FROM_THE_IFRAME_JAVASCRIPT_CALL>",
   "etoken":"<THE_ETOKEN_RETURNED_FROM_THE_IFRAME_JAVASCRIPT_CALL>",
   "transaction_amount":1.00,
   "currency":"USD",
   "device_trans_id":"<THE_DEVICE_TRANSACTION_ID_RETURNED_FROM_THE_JAVASCRIPT_CALL>"
}
'

Hosted Payment Forms Integration

Fraud Scoring will be enabled at an account level in consultation with our Solutions Engineering and Integrations teams. It will then be turned on per Hosted Payment form through the HPF settings page > Security Features.

Agents/Merchants can check the ‘Transaction Detail’ to see if the transaction was an accept or reject.
Agents/Merchants also have the ability to run reports with transactions that were scored for fraud.

Get Fraud Scoring through PayConex

If you're curious and want to learn more about this product, click here to get started. Our team is ready to help you configure Payconex fraud scoring.