
Custom payment solutions
Unlock business growth with custom payment solutions tailored to your needs. Discover secure, flexible options for seamless transactions today.
Monitoring and controlling transactions of online merchants connected to a payment processing platform is an integral part of the daily routine of any payment service provider who cares about the safety of their business. And by this we don’t mean protection of online merchants from fraudulent payments which is also very important in itself.
We mean security measures undertaken by the company, for protection against intentional or unintentional actions of their online merchants that might cause minor or major troubles.
The world is not perfect. And, despite the fact that most Internet merchants are honest entrepreneurs, e-commerce is still full of adventurers, swindlers, and simply irresponsible individuals who willingly receive money from buyers, but don’t always fulfill their obligations.
Providing services of online payment accepting and processing to such Internet merchants can result for a payment service provider in financial losses, severance of relations with acquiring partners and unpleasant conversations with law enforcement authorities.
Naturally, most dubious and suspicious Internet merchants are barred at the stage of their applying for the service owing to the well-known rule in payment industry “know your customer”. But no matter how well your risk manager exercises due diligence, you still need to monitor carefully and check each merchant connected to the system later on.
When one deals with cash flows, one should always be slightly paranoid. The payment service provider should constantly monitor their merchants throughout the service to detect as soon as possible if something goes wrong and to take timely corrective measures.
The payment service should begin exercising control over their Internet merchants with monitoring their transactions. Believe us, the constantly growing array of data constituted by payment transactions, refunds and chargebacks of an Internet merchant, is a great source of information about their current activities, provided you know what to look for.
Attempts by an Internet merchant to accept a relatively large number of payments over a short period from different customers holding different cards issued by the same bank (determined by the card's BIN). Typically, this means that:
Of course, there is a chance of a legitimate promotion, but until you know for sure, the situation requires special attention.
A real-life example:
Carders once tried to use a bunch of credit cards issued by a British Bank in one small online store from Estonia.
You can and should track such situational patterns not only by BIN, but also by many other transactional characteristics: the buyer’s email, name, phone number, IP address, and so on.
In reality, there are many more transaction behavioral patterns that might signal a potentially dangerous situation. It is simply impossible to track and locate them manually. That is why modern, advanced processing systems have built-in tools to monitor and analyze transactions automatically in real-time and notify the risk manager immediately in case of detecting anything suspicious.
Transactional pattern analysis is only a part of the measures available. Another important component is the ability of the processing system to detect, block or decline unwelcome transactions of their online merchants based on predefined characteristics.
The characteristics are numerous:
Consequently, the appropriate tools in the processing system of a payment service provider should have quite flexible settings to work effectively.
beGateway, a white label payment gateway solution, features such a monitoring tool to control online merchants: beProtected, a risk management and anti-fraud system. Being part of beGateway, beProtected can be used as a separately installed software that works with any processing system.
beProtected can work with more than 40 transaction characteristics, including BIN and digital fingerprint of the device used for the transaction. It allows risk managers to create transactional analysis and validation rules in the format of “If …, then …”. This format enables to describe virtually any situation requiring a risk manager’s reaction, and to program the system for immediate notification.
Risk managers should also be able to export transaction data in a file for subsequent work. BeGateway can export all transaction information into MS Excel file format.
Finally, there is one more thing we would like to mention: activation and deactivation of a merchant account and their online stores in the processing system. Most systems offer only two statuses:
Based on the experience of our clients, we know that such a binary approach is not very convenient. Sometimes you need more flexibility.
The beGateway platform provides this flexibility. It can restrict admission of new online store payments, but leave the opportunity to conduct refunds. Or ban any transaction types for the Internet merchant, but leave this option for the payment service provider staff. Or allow the online merchant to log in the back office only to get statistical information on the transactions, but ban doing anything else.
Full control exercised by the payment service provider over their Internet merchants and their transactions is the foundation of business security.
Respectfully, eComCharge Team
eComCharge develops and delivers the PCI DSS Level 1 certified White Label Payment Platform beGateway for Payment Service Providers and Acquirers.