Risk Tools are available. The Statistics for Risk Tools will return in conjunction with the overall Store Statistics functionality. Visit here for its current status and ETA for return.
Things to be aware of
- You must have your online payment processing set to perform real-time authorizations to use AVS and CVV rules to reject, flag, or accept orders based on response codes. Without real-time authorization, Risk Tools can't check the address and card verification value provided by customers during checkout.
- The issuing bank for the credit card entered determines which response code will be sent - not FDMS (the store payment processor) or store. As such, one issuing bank may send a decline response code while another may send an invalid response code. This can lead to certain orders being declined from certain issuing banks. Since this happens before Risk Tools rules are applied, there's nothing you can do as a merchant except suggest another card type.
- If you have auto-charge enabled, and get AVS or CVV responses that are flagged, the order won't charge. You'll need to manually review and process the order or cancel it.
How it works
You can set AVS rules to reject, flag, or accept orders based on address and ZIP/postal code matches or when the system or AVS is unavailable or not supported for the card. Likewise you can set CVV rules to reject, flag, or accept orders based on if the card security code matches or if the system or CVV is unavailable or not supported for the card.
CID (Card Identification) codes used by American Express credit cards are also supported. If you accept American Express as a payment method and want to activate CID verification for your store, you'll need to first contact your American Express account manager.
Rule
Action | What happens to the order
|
|---|
| Reject | Customer will be asked to correct the information and resubmit the order. |
| Flag | Order will appear as Pending Review on the Order page. |
| Accept | Order will submit. |
Authorization handling for rejected orders
With Risk Tools enabled, a full or $0 authorization will be sent through the payment gateway to the issuing bank. Authorizations must be performed in order to generate AVS/CVV responses. If you reject orders based on AVS/CVV responses, your can choose to authorize cards using either of the options described below. If you don't reject orders based on AVS/CVV responses, your store will authorize transactions in the full order amount.
- Zero dollar authorization - If $0 authorization succeeds, then your store attempts an authorization on the order total. If the $0 authorization fails due to an AVS/CVV mismatch, no charges are seen on the consumer's statement. You'll likely incur a higher charge from your bank with this type of authorization.
- Full order amount authorization - The authorization is reversed automatically if an AVS/CVV mismatch you have chosen to reject occurs. This doesn't result in any additional authorization fees for transactions beyond those already applicable for the authorization.
Note: PayPal Pro and Braintree integration do not support zero dollar authorization. Full order amount authorization will be performed on orders processed through your PayPal Pro or Braintree account.
In some cases, shoppers may see authorization holds on their accounts even after a reversal is performed. This varies by card type, issuer, and bank. The authorization holds will expire with time.
Failed Authorizations Report
Receive real time reports for failed authorizations. These reports will give detailed information if an order is marked as rejected by Risk Tools or if a customer's card was declined.
Learn more about Failed Authorizations Report.
reCaptcha Rules
To help prevent fraudulent orders, customers will see a reCaptcha on the payment page when there is a given number of AVS/CVV mismatches in a given period of time. Once triggered, the reCaptcha will be required for all customers for the period of time indicated in the Risk Tools Settings page.
reCaptcha is required and can't be turned off. However, you can set limits that would likely never be reached to get the same effect as disabling it. Learn more about reCaptcha.
Ready to get started?
Note: Turbify provides Risk Tools to you for informational purposes only, and doesn't represent or warrant that using Risk Tools will reduce or eliminate fraudulent or bad credit or debit card transactions initiated by your store customers.
