This site requires javascript to be enabled.

Microsoft Dynamics 365

Results for

Results for Searching
  1. Home
  2. Accepting payments
  3. Fraud management
  4. Microsoft Dynamics 365

Microsoft Dynamics 365 Fraud Protection

A next-generation hybrid fraud management solution is developed to increase fraud detection accuracy and improve operational effectiveness. The solution is fully integrated into our digital commerce platform: a single integration and onboarding for our payment services and Microsoft’s Fraud Protection. There is no limitation on geographics or business verticals.

Features

  • AI-powered tool: core technology is adaptive AI, trained by the fraud protection network, which empowers machine learning and provides a broad awareness of fraud activity across the globe and within business verticals
  • Mixed fraud screening models: suit your business needs by choosing traditional static rules, machine learning, or a hybrid combination of both
  • Multi-hierarchy: manage your fraud strategy at any level (set up rules per branch, country, MID, etc.)
  • Payment methods variety: choose from all presented card products, direct debit, and alternative payment methods supported by us
  • Device fingerprinting: benefit from a fully integrated device intelligence at no additional cost
  • Custom data flexibility: send any extra data fields in the desired format to create fraud rules and enhance their performance

What does it mean for you?

  • Pre-authorization monitoring: filter potential risks before the transactions are sent to the bank and increase authorization rates
  • Outstanding dataset: combine Worldline, Microsoft’s Fraud Protection network, industry leaders, and your transactional data to build up your own machine-learning fraud tool
  • Risk appetite calibration: find the optimum balance between approving orders and detecting fraud activity
  • Virtual fraud analyst reporting: analyze and monitor your controls

Available tools

View the transaction details

A comprehensive transactional summary is easily accessible, neatly organized into predefined sections for your convenience.

risk-score

user-information

user-information

transaction-map

Virtual fraud analyst

You can analyze patterns and gain profound insights into your fraud management controls.

key-performance-indicators

transaction-volume

Risk score

This score uses AI to estimate the chance of a transaction being fraudulent. The platform relies on data from the fraud protection network to identify events and detect fraud connections. By carefully examining each transaction within Microsoft Dynamics 365, you can use these identified links to efficiently tackle emerging fraud risks and protect your business.

The more data you send, the better results you get with the AI-powered fraud detection platform. See data fields section for all the parameters you can send in your request.

The risk score is an integer between 0 and 999 (inclusive). The higher the score, the higher the likelihood that the transaction is fraudulent.

Lists

You're free to create Standard, Block, Watch and Safe lists using the built-in functionality to simply add any of these 5 attributes to your list:

  • User ID
  • Device ID
  • IP address
  • Payment ID
  • Email address

Custom lists are created and defined by you to implement specific business policies to manage your fraud protection strategy. You can reference your lists in rules dynamically.

Rules 

You can create rules with the parameters you send in the payment request, use the risk score generated by the AI model, or employ both methods. The output will be a decision that determines the next transaction step.

The rate at which certain actions occur, whether attributed to a user or entity (like a credit card), can be a signal of suspicious behavior and possible fraudulent activity. For example, when fraudsters attempt a series of separate orders, they frequently use one or more credit cards to swiftly perform multiple orders from a single IP address or device. This pattern often points to potential fraudulent actions.

You can also set up velocity checks to monitor unusual patterns and how often suspicious events occur. There's an option to define thresholds in your rules to control and mitigate potential risks effectively.

Case management

When you configure the rules to activate a Challenge decision, it initiates the creation of a case in your designated queue that the fraud expert within your organization will review. You can also categorize these cases into distinct queues for your fraud team to assess manually. To perform a transaction review:

  1. Go to Case Management and select View Cases from the specific queue you need to review. Inspect the transaction details.

case-management

  1. Inspect the transaction details.

transaction-details

  1. On the Link Analysis tab, you can examine additional transactions related to the case you're reviewing. Choose specific attributes to display transactions that share the same attributes. This feature helps to trace and understand the links between transactions.

link-analysis-tab

  1. Using this data, decide to Approve or Reject the transaction, specifying the reason (it's also possible to include notes).

approve-transaction

Data fields 

When you send a payment request, there are various fields included that need to be filled out. We encourage you to send as many fields as possible, as not all of them are mandatory. Sending more data in your request also helps the machine learning models to get educated in real time by consuming and assessing the data signals for more effective fraud detection.

Mandatory Compulsory data points. If these fields are not sent in your request, the fraud screening request cannot be processed.
Highly recommended Useful data points that are favorable in helping you detect fraud. You should strongly consider sending these fields in your request to enhance your fraud detection.
Industry-specific (airline) Essential data points if you are operating in a specific industry.
Industry-specific (hospitality) Essential data points if you are operating in a specific industry.
Industry-specific (retail) Essential data points if you are operating in a specific industry.
Conditional Required data points for you to use depending on that specific object. If you don't include them, the entire object will not be sent for fraud screening, affecting your overall fraud detection results.
Additional Optional data points that can improve your fraud detection.

Some of the objects down below are conditional, such as: 

  • shipping - only applicable if you ship physical goods
  • fraudfields - custom fields for data points that are specific to your business (you may find it beneficial to use them for your fraud rules)
  • mandate.customer.companyName - only available for PPID 771
  • mandate.customer.bankAccountIban.iban - only available for PPID 771 and 770

For a detailed description of data fields, refer to our API reference.

Property Type Suggestion Details
order object Order object containing order-related data. Please note that this object is required to be able to submit the amount.
amountOfMoney object Object containing amount and ISO currency code attributes.
currencyCode string(3) Three-letter ISO currency code representing the currency for the amount.
amount integer(12) Amount in cents and always having 2 decimals.
references object Object that holds all reference properties that are linked to this transaction.
merchantReference string Your unique reference of the transaction that is also returned in our report files. This is almost always used for your reconciliation of our report files.
Note:
  • maximum length of this field for transactions processed on the GlobalCollect platform is 30.
  • maximum length of this field for transactions processed on the WL Online Payment Acceptance Platform platform is 50.
additionalInput.airlineDate object
agentNumericCode string(8) Numeric code identifying the agent.
code string(3) Airline numeric code.
flightDate string(8) Date of the flight. Format: YYYYMMDD
flightLegs.items object
airlineClass string Reservation Booking Designator.
carrierCode string(2) IATA carrier code.
date string(8) Date of the leg.
YYYYMMDD
arrivalAirport string(3) Arrival airport/city code.
fare string(12) Fare of this leg.
fareBasis string(15) Fare Basis/Ticket Designator
departureTime string(6) The departure time in the local time at the departure airport.
Format: HH:MM
flightNumber string(4) The flight number assigned by the airline carrier with no leading spaces. Should be a numeric string.
originAirport string(3) Origin airport/city code.
number integer(5) Sequence number of the flight leg.
stopoverCode string Possible values are:
  • permitted = stopover permitted
  • non-permitted = stopover not permitted
invoiceNumber string(6) Airline tracing number.
merchantCustomerId string(16) Your ID of the customer in the context of the airline data.
isETicket boolean
  • true = ticket is an E-Ticket
  • false = ticket is not an E-Ticket
issueDate string(8) This is the date of issue recorded in the airline system In a case of multiple issuances of the same ticket to a cardholder, you should use the last ticket date.
Format: YYYYMMDD
pnr string(217) Passenger name record.
ticketDeliveryMethod string Possible values:
  • e-ticket
  • city-ticket-office
  • airport-ticket-office
  • ticket-by-mail
  • ticket-on-departure
passengerName string(49) Name of the passenger.
ticketNumber string(13) The ticket or document number. On the Ogone Payment Platform and the GlobalCollect Payment Platform it contains:
  • Airline code: 3-digit airline code number
  • Form code: maximum of 3 digits indicating the type of document, the source of issue and the number of coupons it contains
  • Serial number: maximum of 8 digits allocated on a sequential basis, provided that the total number of digits allocated to the form code and serial number shall not exceed ten
  • TICKETNUMBER can be replaced with PNR if the ticket number is unavailable
placeOfIssue string(15) Place of issue.
For sales in the US the last two characters (POS 14-15) must be the US state code.
pointOfSale string(25) IATA point of sale name.
posCityCode string(10) City code of the point of sale.
isRestrictedTicket boolean
  • true - restricted, the ticket is non-refundable
  • false - no restrictions, the ticket is (partially) refundable
isThirdParty boolean
  • true - payer is the ticket holder
  • false - payer is not the ticket holder
name string(20) Name of the airline.
additionalInput.lodgingData object Object that holds lodging specific data.
charges.items array of objects Object that holds lodging related charges.
chargeAmount integer(12) Amount of additional charges associated with the stay of the guest.
Note: The currencyCode is presumed to be identical to the order.amountOfMoney.currencyCode.
chargeAmountCurrencyCode string(3) Currency for charge amount. The code should be in 3 letter ISO format.
chargeType string Type of additional charges associated with the stay of the guest. Allowed values:
  • lodging
  • telephone
  • restaurant
  • minibar
  • giftshop
  • laundry
  • transport
  • gratuity
  • conferenceRoom
  • audiovisual
  • banquet
  • internet
  • earlyDeparture
  • roomService
  • loungeBar
  • other
folioNumber string(25) The Lodging Folio Number assigned to the itemized statement of charges and credits associated with this lodging stay, which can be any combination of characters and numerals defined by the Merchant or authorized Third Party Processor.
checkInDate string(8) The date the guest checks into (or plans to check in to) the facility.
Format: YYYYMMDD
checkOutDate string(8) The date the guest checks out of (or plans to check out of) the facility.
Format: YYYYMMDD
isConfirmedReservation boolean Indicates whether the room reservation is confirmed.
  • true - room reservation is confirmed
  • false - room reservation is not confirmed
numberOfAdults integer(3) The total number of adult guests staying (or planning to stay) at the facility (i.e., all booked rooms).
numberOfNights integer(4) The number of nights for the lodging stay.
numberOfRooms integer(4) The number of rooms rented for the lodging stay.
propertyPhoneNumber string(20) The local phone number of the facility in an international phone number format.
propertyCustomerServicePhoneNumber string(20) The international customer service phone number of the facility.
rooms.items array of objects Object that holds lodging-related room data.
typeOfRoom string(12) Describes the type of room, e.g., standard, deluxe, suite.
typeOfBed string(12) Size of bed, e.g., king, queen, double.
dailyRoomRate string(12) Daily room rate exclusive of any taxes and fees.
Note: The currencyCode is presumed to be identical to the order.amountOfMoney.currencyCode.
dailyRoomRateCurrencyCode string(3) Currency for daily room rate. The code should be in 3 letter ISO format.
dailyRoomTaxAmount string(12) Daily room tax.
Note: The currencyCode is presumed to be identical to the order.amountOfMoney.currencyCode.
customer object

Object containing the details of the customer.

Depends on: required, except when a token has been included in the request that includes at least the countryCode in the billingAddress.
merchantCustomerId string(15) Your identifier for the customer. It can be used as a search criteria in the GlobalCollect Payment Console and is also included in the GlobalCollect report files. It is used in the fraud-screening process for payments on the Ogone Payment Platform.
Depends on:
  • Required for payments done with payment product 320 (Google Pay), payment product 806 (Trustly) and 830 (paysafecard).
  • Required for hosted checkouts where payment products 806 (Trustly) and 830 (PaysafeCard) are allowed.
  • Required for card payments and hosted checkouts with one of the following properties: unscheduledCardOnFileSequenceIndicator unscheduledCardOnFileRequestor.
isPreviousCustomer boolean Specifies if the customer has a history of online shopping with the merchant.
  • true - customer is a known returning customer
  • false - customer is new/unknown customer
contactDetails object Object containing contact details like email address and phone number.
emailAddress string(70) Email address of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
phoneNumber string(20) Phone number of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
personalInformation object Object containing personal information like name, date of birth and gender.
name object Object containing the name details of the customer.
firstName string(15) Given name(s) or first name(s) of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surname string(70) Surname(s) or last name(s) of the customer. The surname is truncated after 25 characters, with the limit being applied after surnamePrefix is prepended, for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
locale string(6)

The locale that the customer should be addressed in (for 3rd parties).

Note that some 3rd party providers only support the languageCode part of the locale, in those cases we will only use part of the locale provided.
billingAddress object Object containing billing address details.
street string(50) Street name.
houseNumber string(15) House number. The houseNumber is truncated after 10 characters for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform.
additionalInfo string(50) Additional address information. The additionalInfo is truncated after 10 characters for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform.
zip string Zip code.
Note: For payments with product 1503 the maximum length is not 10 but 8.
city string City.
Note: For payments with product 1503 the maximum length is not 40 but 20.
state string(50) Full name of the state or province.
countryCode string(2) ISO 3166-1 alpha-2 country code.
device object Object containing information on the device and browser of the customer.
deviceFingerprintTransactionId string One must set the deviceFingerprintTransactionId received by the response of the endpoint /{merchant}/products/{paymentProductId}/
deviceFingerprint
ipAddress string(45) The IP address of the customer client from the HTTP Headers.
timezoneOffsetUtcMinutes string(6) Offset in minutes of timezone of the client versus the UTC. Value is returned by the JavaScript getTimezoneOffset() API call.
If you use the latest version of our JavaScript Client SDK, we will collect this data and include it in the encryptedCustomerInput property. We will then automatically populate this data if available.
defaultFormFill string Degree of default form fill, with the following possible values:
  • automatically - all fields filled automatically
  • automatically-but-modified - all fields filled automatically, but some fields were modified manually
  • manually - all fields were entered manually
account object Object containing data related to the account the customer has with you.
paymentAccountOnFile object Object containing information on the payment account data on file (tokens).
createDate string(8) The date (YYYYMMDD) on which the customer created their account with you.
numberOfCardOnFileCreationAttemptsLast24Hours integer(3) Number of attempts made to add new card to the customer account in the last 24 hours.
hadSuspiciousActivity boolean Specifies if you have experienced suspicious activity on the account of the customer.
  • true = you have experienced suspicious activity (including previous fraud) on the customer account used for this transaction
  • false = you have experienced no suspicious activity (including previous fraud) on the customer account used for this transaction
authentication object Object containing data on the authentication used by the customer to access their account.
method string

Authentication used by the customer on your website or app
Possible values :

  • guest = no login occurred, customer is 'logged in' as guest
  • merchant-credentials = the customer logged in using credentials that are specific to you
  • federated-id = the customer logged in using a federated ID
  • issuer-credentials = the customer logged in using credentials from the card issuer (of the card used in this transaction)
  • third-party-authentication = the customer logged in using third-party authentication
  • fido-authentication = the customer logged in using a FIDO authenticator
  • fido-authentication-with-signed-assurance-data = the customer logged in using a FIDO authenticator which also provides signed assurance data
  • src-assurance-data = the customer authenticated themselves during a Secure Remote Commerce session
shipping object Object containing information regarding shipping / delivery.
type string Indicates the merchandise delivery timeframe. Possible values:
  • electronic = For electronic delivery (services or digital goods)
  • same-day = For same day deliveries
  • overnight = For overnight deliveries
  • 2-day-or-more = For two day or more delivery time for payments that are processed by the GlobalCollect platform
  • 2-day-or-more = For two day or more delivery time for payments that are processed by the Ogone platform
  • priority = For prioritized deliveries for payments that are processed by the WL Online Payment Acceptance platform
  • ground = For deliveries via ground for payments that are processed by the WL Online Payment Acceptance platform
  • to-store = For deliveries to a store for payments that are processed by the WL Online Payment Acceptance platform
emailAddress</span class="property lvl-2"> string(70) Email address linked to the shipping.
trackingNumber string(19) Shipment tracking number.
comments string(160) Comments included during shipping.
address object Object containing address information.
additionalInfo string(50) Additional address information.
name object Object that holds name elements.
firstName string(15) Given name(s) or first name(s) of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surname string(70) Surname(s) or last name(s) of the customer. The surname is truncated after 25 characters, with the limit being applied after surnamePrefix is prepended, for payments, refunds or payouts that are processed by the WL Online Payment Acceptance platform The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
surnamePrefix string(15) Middle name - in between first name and surname - of the customer. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
title string(35) Title of customer.
street string(50) Street name.
houseNumber string(15) House number.
zip string Zip code.
countryCode string(2) ISO 3166-1 alpha-2 country code.
shoppingCart.items array of objects Shopping cart data.
amountOfMoney object Object containing amount and ISO currency code attributes.
Note: make sure you submit the amount and currency code for each line item.
currencyCode string(3) Three-letter ISO currency code representing the currency for the amount.
amount integer(12) Amount in cents and always having 2 decimals.
invoiceData object Object containing the line items of the invoice or shopping cart. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
description string(116) Shopping cart item description.
orderLineDetails object Object containing additional information that when supplied can have a beneficial effect on the discount rates.
productCode string(12) Product or UPC Code, left justified.
Note: Must not be all spaces or all zeros
productType string(12) Code used to classify items that are purchased.
Note: Must not be all spaces or all zeros
productName string(120) The name of the product. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
productCategory string(50) The category of the product (i.e. home appliance). This property can be used for fraud screening on the Ogone Platform.
productPrice string(12) The price of one unit of the product, the value should be zero or greater.
quantity integer(4) Quantity of the units being purchased, should be greater than zero. Note: Must not be all spaces or all zeros
cardPaymentMethodSpecificInput object Object containing the specific input details for card payments.
paymentProductId integer(5) Payment product identifier.
Please see payment products for a full overview of possible values.
card object
cvv string(4) Card Verification Value, a 3 or 4 digit code as an additional security feature for card not present transactions.
cardNumber string(19) The complete credit/debit card number (also know as the PAN). The minimum input length is 12 digits.
The card number is always obfuscated in any of our responses.
expiryDate string(4) Expiry date of the card. 
Format: MMYY
skipFraudService boolean
  • true = fraud scoring will be skipped for this transaction
  • false = fraud scoring will not be skipped for this transaction
Note: This is only possible if your account in our system is setup for Fraud scoring and if your configuration in our system allows you to override it per transaction.
isRecurring boolean
  • true - only payment products that support recurring payments will be shown. Any transactions created will also be tagged as being a first of a recurring sequence.
  • false - only payment products that support one-off payments will be shown.
recurring object Object containing data related to recurring.
minFrequency integer(4) Minimum number of days between authorizations. If no value is provided we will set a default value of 30 days.
endDate string(8) The date that the trial period ends in YYYYMMDD format.
recurringPaymentSequenceIndicator string
  • first = this transaction is the first of a series of recurring transactions
  • recurring = this transaction is a subsequent transaction in a series of recurring transactions

Note: Will default to first when isRecurring is set to true, with the following exception that it is set to recurring when the customer is making the payment using a PayPal token.


Note: For any first of a recurring the system will automatically create a token as you will need to use a token for any subsequent recurring transactions. In case a token already exists this is indicated in the response with a value of False for the isNewToken property in the response.
threeDSecure object Object containing specific data regarding 3-D Secure.
skipAuthentication boolean
  • true = 3D Secure authentication will be skipped for this transaction. This setting should be used when isRecurring is set to true and recurringPaymentSequenceIndicator is set to recurring.
  • false = 3D Secure authentication will not be skipped for this transaction.
Note: This is only possible if your account in our system is setup for 3D Secure authentication and if your configuration in our system allows you to override it per transaction.
redirectionData object Object containing browser specific redirection related data.
returnUrl string(512) The URL that the customer is redirect to after the payment flow has finished. You can add any number of key value pairs in the query string that, for instance help you to identify the customer when they return to your site. Please note that we will also append some additional key value pairs that will also help you with this identification process.
Note: The provided URL should be absolute and contain the protocol to use, e.g. http:// or https://. For use on mobile devices a custom protocol can be used in the form of protocol://. This protocol must be registered on the device first.
URLs without a protocol will be rejected.
directDebitPaymentMethodSpecificInput object Object containing the specific input details for direct debit payments.
paymentProductId integer(5) Payment product identifier.
Please see payment products for a full overview of possible values.
paymentProduct730SpecificInput object Object containing ACH specific details.
bankAccountBban object Object containing account holder name and bank account information.
accountNumber string Bank account number.
bankCode string Bank code.
branchCode string Branch code.
bankName string(40) Name of the bank.
countryCode string(2) ISO 3166-1 alpha-2 country code of the country where the bank account is held For UK payouts this value is automatically set to GB as only payouts to UK accounts are supported.
accountHolderName string(30) Name of the account holder.
paymentProduct705SpecificInput object Object containing UK Direct Debit specific details.
bankAccountBban object Object containing account holder name and bank account information.
accountNumber string Bank account number.
bankCode</span class="property lvl-3"> string Bank code.
branchCode string Branch code.
bankName string(40) Name of the bank.
countryCode string(2) ISO 3166-1 alpha-2 country code of the country where the bank account is held For UK payouts this value is automatically set to GB as only payouts to UK accounts are supported.
accountHolderName string(30) Name of the account holder.
sepaDirectDebitPaymentMethodSpecificInput object Object containing the specific input details for SEPA direct debit payments.
paymentProductId integer(5) Payment product identifier.
Please see payment products for a full overview of possible values.
token string(40) ID of the token that holds previously stored card data. If both the token and card are provided, then the card takes precedence over the token.
merchant object Object containing information on you, the merchant.
contactWebsiteUrl string(2048) URL to find contact or support details to contact in case of questions.
fraudFields object Object containing additional data that will be used to assess the risk of fraud.
customerIpAddress string(45) The IP Address of the customer that is making the payment. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
orderTimezone string(2) Timezone in which the order was placed. The '+' character is not allowed in this property for transactions that are processed by TechProcess Payment Platform.
giftCardType string One of the following gift card types:
  • celebrate-fall - Celebrate Fall
  • grandparents-day - Grandparent's Day
  • independence-day - Independence Day
  • anniversary - Anniversary
  • birthday - Birthday
  • congratulations - Congratulations
  • april-fools-day - April Fool's Day
  • easter - Easter
  • fathers-day - Father's Day
  • graduation - Graduation
  • holiday - Holiday
  • seasons-greetings - Season's Greetings
  • passover - Passover
  • kwanzaa - Kwanzaa
  • halloween - Halloween
  • mothers-day - Mother's Day
  • new-years-day - New Year's Day
  • bosses-day - Bosses' Day
  • st-patricks-day - St. Patrick's Day
  • sweetest-day - Sweetest Day
  • christmas - Christmas
  • baby-shower - Baby Shower
  • thanksgiving - Thanksgiving
  • other - Other
  • valentines-day - Valentine's Day
  • wedding - Wedding
  • secretarys-day - Secretary's Day
  • chinese-new-year - Chinese New Year
  • hanukkah - Hanukkah
giftMessage string(160) Gift message
userData array Array of up to 16 userData properties, each with a max length of 256 characters, that can be used for fraud screening.