Fraud Management System
Built on security rules, the system will analyze the provided transactional data and will recommend one of the actions:
Pass the payment as inconspicuous
-
Pass the payment, but pay special attention to it, because some of its characteristics may be indicative of fraud
-
Reject the payment
You set the rules, and beProtected gives recomendations based on the analysis of the current transaction, the payer’s details and the device ID, comparing this information with the data on previously processed transactions.
beProtected operation principle
The best way to protect yourself from a fraudulent transaction is to identify one before it is sent to the acquiring bank. To do this, you need to give beProtected two groups of data:
1. Transactional data:
- Payment means identifier (card number, e-wallet number, bank account number, etc.)
- Transaction amount and currency
- Payer’s name
- Payer’s postal address
- Payer’s e-mail address
- Payer’s IP address
2. Digital fingerprint of the device used to attempt a payment
The data of the first group are collected from the corresponding fields on the merchant’s payment form or from their database.
The second group data are collected by a special script installed on the merchant’s payment page: information about the operating system of the device, the browser and other parameters based on which a unique identifier of the payer’s device is created.
Next, the beProtected system checks the payment means identifier, the payer’s e-mail address and their IP address lest they be blacklisted at each level (Payment Service Provider, merchant, store).
If any of the parameters is blacklisted, the system recommends rejecting the payment.
If none of the parameters are blacklisted, the system continues to analyze the transaction and checks the same parameters in the white lists at each level.
If at least one of the parameters is present in a white list, the system immediately recommends passing the payment
as not suspicious.
If none of the parameters are present in a white list, the system goes over to the next step of the transaction analysis
and checks all the data according to the set of pre-created security rules.
Risk management system
Each security rule is a condition under which the beProtected system recommends either to reject a transaction, or to pass it but with further manual verification.
Examples of rules
If the transaction amount exceeds EUR 500 – reject
the transaction.
If the number of payment means identifiers for one e-mail address is greater than or equal to 4 within 7 days, – pass the transaction, but recommend additional verification.
If the number of e-mail addresses per device is greater than or equal to 2, – reject the transaction and recommend checking all transactions initiated from this device.
The beProtected system will not completely replace a risk manager, but will significantly help them with automatic detection of suspicious transactions. Where people might overlook something, the system works flawlessly: it will notice suspicious factors and give a recommendation. However, the final decision will always remain with the human employee.
beProtected for Payment Service Providers and Merchants
-
At the merchant level (common to all their stores)
-
At the store level (for one of the stores)
-
At the PSP level (common to all merchants and all their stores)
-
At the merchant level (for a single merchant, common to all their stores)
-
At the store level (for a single store)
beProtected system as SaaS or licensed copy
You can get the beProtected system as SaaS infrastructure, as licensed copy on your
own servers or to purchase a licensed copy.
Please contact eComCharge managers to find out about the cost of beProtected. For tenants of white label payment gateway beGateway, the system of risk management and protection from fraudulent payments is provided free of charge.