Authorize.net recently made some adjustments to its fraud settings to further safeguard your transactions. As a result, you may notice a slight increase in transactions being temporarily pended for additional verification.
Please rest assured that this is simply a proactive measure to enhance the security of your transactions and protect your accounts from potential fraudulent activities. However, if any transaction triggers the following filters, it can result in suspended invoices in the software. To provide further clarity, below is a breakdown of each fraud filter and its specific purpose.
Card Testing Settings
These filters help protect your account from abuse by fraudsters who are testing credit cards, and let you identify high-volume fraud attacks.
Daily Velocity Filter
This filter allows you to specify a threshold for the number of transactions allowed per day. All transactions exceeding the threshold in that day will be flagged and processed according to the filter action.
Hourly Velocity Filter
This filter allows you to specify a threshold for the number of transactions allowed per hour. All transactions exceeding the threshold will be flagged and processed according to the filter action.
Suspicious Transaction Filter
This filter triggers on highly suspicious transactions using proprietary criteria identified by Authorize.net. All transactions that meet this criteria will be flagged and processed according to the filter action.
Transaction IP Velocity Filter
This filter allows you to specify the maximum number of transactions allowed from the same Internet protocol (IP) address per hour. All transactions that meet this criteria will be flagged and processed according to the filter action. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.
Transaction Settings
These filters let you identify high risk transactions through Address Verification, Card Code Verification, and setting a maximum order amount.
Enhanced AVS Handling Filter
The Address Verification Service (AVS) is a standard feature of the payment gateway that compares the address submitted with an order to the address on file with the customer's credit card issuer. Merchants can then choose to reject or allow transactions based on the AVS response codes. AFDS includes an AVS filter that assists the decision process by allowing merchants the additional options of flagging AVS transactions for monitoring purposes, or holding them for manual review.
Enhanced CCV Handling Filter
Like AVS, Card Code Verification (CCV) is a standard feature of the payment gateway. CCV uses a card's three- or four-digit number to validate customer information on file with the credit card association. Like the AVS Filter, the CCV Filter allows merchants the additional options of flagging CCV transactions for monitoring purposes, or holding them for manual review.
Amount Filter: Set lower and upper transaction amount thresholds to restrict high-risk transactions often used to test the validity of credit card numbers. Transactions that are submitted with an amount less than your lower limit or greater than your upper limit will be flagged and processed according to the filter action selected. Be careful when setting an upper limit amount, as any combination of higher priced items may be purchased. You may want to search your transaction history for the highest transaction amounts you've processed in the past to determine an appropriate upper limit.
E-Commerce Settings
These filters help prevent common e-commerce fraud scenarios by verifying and comparing billing addresses, shipping addresses, and IP address locations.
Shipping Address Verification Filter
Verifies that the shipping address received with an order is a valid postal address.
IP Shipping Address Mismatch Filter
Compare the shipping address provided with an order to the IP address of where the order originated from. This helps to determine whether or not the order is shipping to the country from which it originated. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.
Regional IP Address Filter
Flag orders coming from specific regions or countries. You can choose to customize the filter actions based on an entire geographic area, or select country by country how to process transactions flagged by the filter.
Shipping-Billing Mismatch Filter
Identify high-risk transactions with different shipping and billing addresses, potentially indicating purchases made using a stolen credit card. If the two addresses do not match, the transaction is flagged and processed according to the filter action selected. This filter does not consider extra white spaces (the space key) at the end of the address information and is not case sensitive when checking for a mismatch. You may want to keep in mind that address mismatches are common with gift transactions and do not always indicate suspicious transactions. In order to use this filter, you must require both shipping and billing address information on your website's payment form; otherwise the filter cannot compare information.
IP Address Administration
These filters let you block specific customers’ IP addresses to prevent known sources of fraud. If you use our APIs, you may also specify which server IP addresses should be trusted by the payment gateway.
Authorized API IP Addresses
Configure a list of authorized server IP addresses from which API transactions will be accepted by the payment gateway. Any API transaction submitted from an IP address not included on this list will be rejected.
IP Address Blocking
IP Address Blocking allows you to block transactions submitted from IP addresses known to be the source of suspicious or fraudulent transactions. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.
Below, we've outlined the available options for handling transactions triggered by each filter. Please be aware that any action other than 'Process as normal and report filter(s) triggered' or ‘Decline the transaction’ may result in missing invoices in the MyRec.com software. You'll then have the opportunity to manually review the transactions if they are triggered by the filters.
Process as normal and report filter(s) triggered
When this action is selected, transactions that trigger this filter are processed as normal, but are also reported in the Merchant Interface as triggering this filter. This action is useful if you want to "test" your filter settings.
Authorize and hold for review
When this action is selected, transactions that trigger this filter are sent for authorization, and upon successful authorization are placed in the Authorized/Pending Review state. Once in Authorized/Pending Review, you will have 30 days to manually review and either approve or void the transaction. If no action is taken in the 30-day period, the transaction will expire. This action is useful if you want to review authorized transactions prior to submitting for settlement.
Do not authorize, but hold for review
When this action is selected, transactions that trigger this filter are placed in the Pending Review state prior to being sent for authorization. Once in Pending Review, you will have 5 days to manually review and either approve or decline the transaction. Once you approve the transaction, it is sent for authorization. If no action is taken in the 5-day period, the transaction will expire. This action is useful if you want to review transactions prior to authorization to avoid incurring any associated authorization fees.
Decline the transaction
When this action is selected, transactions that trigger the filter will be declined automatically prior to authorization. This is the most severe action you can take for a transaction.