ACI Fraud Prevention

Thanks to our partnership with ACI Fraud Management, we're able to provide you with real-time fraud prevention mechanisms. The goal of this solution is to help your business minimize fraud losses, and our team of experts will be actively involved to support you throughout the process.

Features

Rules: create rules using parameters that you send in a payment request, and the output will be a decision that determines the next transaction step (accept, deny, or flag a transaction for review)
Lists: create lists using data points available in the transaction to either approve or deny a transaction
Velocity: set velocity triggers to monitor patterns and frequency of events that seem to be suspicious
Manual review: when you set your rules to trigger a review, a case gets created that you can access on our internal portal by searching and selecting the transaction

What does it mean for you?

Pre-authorization monitoring: filter potential risks before the transactions are sent to the bank and increase authorization rates
Scalable fraud prevention: accommodate the needs of your business and fully embed fraud prevention in the payment flow
Reporting: have access to detailed data to analyze your fraud strategy

Data fields

When you send a payment request, there are various fields included that need to be filled out. We encourage you to send as many fields as possible, as not all of them are mandatory. Sending more data in your request also helps the machine learning models to get educated in real time by consuming and assessing the data signals for more effective fraud detection. For a detailed description of data fields, refer to our API reference.

Custom fields for fraud screening

If there are specific fields you gather during your payment process that aren't covered in our API reference, you can use the 16 fields we included in our request specifically for this purpose. They can be used to send any data you need for your fraud management.

The fields are included in the fraudfields object and available as an array of up to 16 userData properties, each with a max length of 256 characters. Some of the objects down below are conditional, such as:

shipping - only applicable if you ship physical goods.
fraudfields - custom fields for data that is specific to your business (you may find it beneficial to use them for your fraud rules).
mandate.customer.companyName - only available for paymentProductId 771 (SEPA Direct Debit).
mandate.customer.bankAccountIban.iban - only available for paymentProductId 771 and 770.

Please note that these recommendations are only in relation to fraud screening. Data fields may be mandatory to process a payment. Please take this into account when completing your integration.

Mandatory		If you do not send these fields in your request, the fraud screening cannot be processed.
Highly recommended		Useful data points that are favorable in helping you detect fraud. You should strongly consider sending these fields in your request to enhance your fraud detection.
Industry-specific		Essential data points if you are operating in a specific industry.
Additional		Optional data that can improve your fraud detection.

Property	Type	Details
order	object	Order object containing order-related data. Please note that this object is required to be able to submit the amount.
amountOfMoney	object	Object containing amount and ISO currency code attributes.
currencyCode	string(3)	Three-letter ISO currency code representing the currency for the amount.
amount	integer(12)	Amount in cents and always having 2 decimals.
additionalInput.airlineDate	array of objects
flightDate	string(8)	Date of the flight. Format: YYYYMMDD
flightLegs.items	object
airlineClass	string	Reservation Booking Designator.
originAirport	string(3)	Origin airport/city code.
merchantCustomerId	string(16)	Your ID of the customer in the context of the airline data.
pnr	string(127)	Passenger name record.
passengerName	string(49)	Name of the passenger.
ticketNumber	string(13)	The ticket or document number. On the Ogone Payment Platform and the GlobalCollect Payment Platform it contains: Airline code: 3-digit airline code number Form code: maximum of 3 digits indicating the type of document, the source of issue and the number of coupons it contains Serial number: maximum of 8 digits allocated on a sequential basis, provided that the total number of digits allocated to the form code and serial number shall not exceed ten TICKETNUMBER can be replaced with PNR if the ticket number is unavailable
isThirdParty	boolean	true - payer is the ticket holder false - payer is not the ticket holder
customer	object	Object containing the details of the customer. Depends on: required, except when a token has been included in the request that includes at least the countryCode in the billingAddress.
merchantCustomerId	string(15)	Your identifier for the customer. It can be used as a search criteria in the GlobalCollect Payment Console and is also included in the GlobalCollect report files. It is used in the fraud-screening process for payments on the Ogone Payment Platform. Depends on: Required for payments done with payment product 320 (Google Pay), payment product 806 (Trustly) and 830 (paysafecard). Required for hosted checkouts where payment products 806 (Trustly) and 830 (PaysafeCard) are allowed. Required for card payments and hosted checkouts with one of the following properties: unscheduledCardOnFileSequenceIndicator unscheduledCardOnFileRequestor
contactDetails	object	Object containing contact details like email address and phone number.
emailAddress	string(70)	Email address of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
mobilePhoneNumber	string(20)	International version of the mobile phone number of the customer including the leading + (i.e. +16127779311).
phoneNumber	string(20)	Phone number of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
workPhoneNumber	string(20)	International version of the work phone number of the customer including the leading + (i.e. +31235671500).
personalInformation	object	Object containing personal information like name, date of birth and gender.
name	object	Object containing the name details of the customer.
firstName	string(15)	Given name(s) or first name(s) of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surnamePrefix	string(15)	Middle name - in between first name and surname - of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surname	string(70)	Surname(s) or last name(s) of the customer. The surname is truncated after 25 characters, with the limit being applied after surnamePrefix is prepended, for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
dateOfBirth	string(8)	The date of birth of the recipient. Format: YYYYMMDD.
billingAddress	object	Object containing billing address details.
street	string(50)	Street name.
houseNumber	string(15)	House number. The houseNumber is truncated after 10 characters for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform.
additionalInfo	string(50)	Additional address information. The additionalInfo is truncated after 10 characters for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform.
zip	string	Zip code Note: For payments with product 1503 the maximum length is not 10 but 8.
city	string	City Note: For payments with product 1503 the maximum length is not 40 but 20.
state	string(50)	Full name of the state or province.
countryCode	string(2)	ISO 3166-1 alpha-2 country code.
device	object	Object containing information on the device and browser of the customer.
ipAddress	string(45)	The IP address of the customer client from the HTTP Headers.
shipping	object	Object containing information regarding shipping / delivery.
type	string	Indicates the merchandise delivery timeframe. Possible values: electronic = for electronic delivery (services or digital goods) same-day = for same day deliveries overnight = for overnight deliveries 2-day-or-more = for two day or more delivery time for payments that are processed by the GlobalCollect platform 2-day-or-more = for two day or more delivery time for payments that are processed by the Ogone platform priority = for prioritized deliveries for payments that are processed by the WL Online Payment Acceptance platform ground = for deliveries via ground for payments that are processed by the WL Online Payment Acceptance platform to-store = for deliveries to a store for payments that are processed by the WL Online Payment Acceptance platform
emailAddress	string(70)	Email address linked to the shipping.
comments	string(160)	Comments included during shipping.
address	object	Object containing address information.
additionalInfo	string(50)	Additional address information.
name	object	Object that holds name elements.
firstName	string(15)	Given name(s) or first name(s) of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surname	string(70)	Surname(s) or last name(s) of the customer. The surname is truncated after 25 characters, with the limit being applied after surnamePrefix is prepended, for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surnamePrefix	string(15)	Middle name - in between first name and surname - of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
street	string(50)	Street name.
houseNumber	string(15)	House number.
zip	string	Zip code.
countryCode	string(2)	ISO 3166-1 alpha-2 country code.
cardPaymentMethodSpecificInput	object	Object containing the specific input details for card payments.
paymentProductId	integer(5)	Payment product identifier. Please see payment products for a full overview of possible values.
card	object
cvv	string(4)	Card Verification Value, a 3 or 4 digit code as an additional security feature for card not present transactions.
cardNumber	string(19)	The complete credit/debit card number (also know as the PAN). The minimum input length is 12 digits. The card number is always obfuscated in any of our responses.
expiryDate	string(4)	Expiry date of the card Format: MMYY
skipFraudService	boolean	true = fraud scoring will be skipped for this transaction false = fraud scoring will not be skipped for this transaction Note: This is only possible if your account in our system is setup for Fraud scoring and if your configuration in our system allows you to override it per transaction.
threeDSecure	object	Object containing specific data regarding 3D Secure.
externalCardholderAuthenticationData.cavv	string(50)	Only if external 3D Secure is used. The CAVV (cardholder authentication verification value) or AAV (accountholder authentication value) provides an authentication validation value.
externalCardholderAuthenticationData.eci	integer(2)	Only if external 3D Secure is used. Electronic Commerce Indicator provides authentication validation results returned after AUTHENTICATIONVALIDATION 0 = No authentication, Internet (no liability shift, not a 3D Secure transaction) 1 = Authentication attempted (Mastercard) 2 = Successful authentication (Mastercard) 5 = Successful authentication (Visa, Diners Club, Amex) 6 = Authentication attempted (Visa, Diners Club, Amex) 7 = No authentication, Internet (no liability shift, not a 3D Secure transaction) (empty) = Not checked or not enrolled
skipAuthentication	boolean	true = 3D Secure authentication will be skipped for this transaction. This setting should be used when isRecurring is true and recurringPaymentSequenceIndicator is recurring. false = 3D Secure authentication will not be skipped for this transaction. Note: This is only possible if your account in our system is setup for 3D Secure authentication and if your configuration in our system allows you to override it per transaction.
directDebitPaymentMethodSpecificInput	object	Object containing the specific input details for direct debit payments.
paymentProductId	integer(5)	Payment product identifier. Please see payment products for a full overview of possible values.
paymentProduct705SpecificInput	object	Object containing UK Direct Debit specific details.
bankAccountBban	object	Object containing account holder name and bank account information.
accountNumber	string	Bank account number.
bankCode	string	Bank code.
branchCode	string	Branch code.
bankName	string(40)	Name of the bank.
countryCode	string(2)	ISO 3166-1 alpha-2 country code of the country where the bank account is held For UK payouts this value is automatically set to GB as only payouts to UK accounts are supported.
accountHolderName	string(30)	Name of the account holder.
sepaDirectDebitPaymentMethodSpecificInput	object	Object containing the specific input details for SEPA Direct Debit payments.
merchant	object	Object containing information about you, the merchant.
websiteUrl	string(60)	The website from which the purchase was made. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform. Depends on: Required by the TechProcess platform.
paymentProductId	integer(5)	Payment product identifier. Please see payment products for a full overview of possible values.
token	string(40)	ID of the token that holds previously stored card data. If both the token and card are provided, then the card takes precedence over the token.
fraudFields	object	Object containing additional data that will be used to assess the risk of fraud.
customerIpAddress	string(45)	The IP Address of the customer that is making the payment. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
orderTimezone	string(2)	Timezone in which the order was placed. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
giftCardType	string	One of the following gift card types: celebrate-fall - Celebrate Fall grandparents-day - Grandparent's Day independence-day - Independence Day anniversary - Anniversary birthday - Birthday congratulations - Congratulations april-fools-day - April Fool's Day easter - Easter fathers-day - Father's Day graduation - Graduation holiday - Holiday seasons-greetings - Season's Greetings passover - Passover kwanzaa - Kwanzaa halloween - Halloween mothers-day - Mother's Day new-years-day - New Year's Day bosses-day - Bosses' Day st-patricks-day - St. Patrick's Day sweetest-day - Sweetest Day christmas - Christmas baby-shower - Baby Shower thanksgiving - Thanksgiving other - Other valentines-day - Valentine's Day wedding - Wedding secretarys-day - Secretary's Day chinese-new-year - Chinese New Year hanukkah - Hanukkah
giftMessage	string(160)	Gift message.
userData	array	Array of up to 16 userData properties, each with a max length of 256 characters, that can be used for fraud screening.
propertyValue1.16	N/A	If you have a field that is specific to your business and is beneficial to use for your fraud monitoring.