PayPal Payflow Pro - 2008 - Fraud Protection Services User's Guide
Contents
1. Z T Fraud Protection Services User s Guide Testing the Transaction Security Filters Geo location Failure Filter Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25087954 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject HighRiskFreightCheck ERROR 15 43 53 result 125 TRXTYPE A Geo location Failure Filter Pass in the specified Shipping address billing address and IP address TRXTYPE A8ACCT 510510510510510086AMT 8 1000 008BILLTOPHONE2 650 555 0123 amp BROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY Campbe11 amp COMMENT1 Automated testing from AdminTester amp COUNTRY US amp CUSTIP 192 6 165 40 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 18 fraud asiamail com amp EXPDATE 1209 amp FIRSTNAME John amp FREIGHTAMT 1 11 amp LAS TNAME Johnson L COSTO 11 118L DESCO L_DESCO amp L QTY0 1 amp L SKUO L SKUO amp L TYPEO L TYPEO amp L_ UPCO L_UPC0 amp MIDDLENAME Z amp ORDERT IMB ZONE 1 PARTNER PayPal PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHI PCARRIER am2. T 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 487 East Middlefield Road amp SHIPTOSTREET2 487 East Middlefield Road amp SHIPTOZIP 94043 amp SS 565796510 amp STATE CA amp STR Ave amp BILLTOSTREET2 Unit C amp TAXAMT 1 01 amp TENDER C amp USER TESTNonUS I PAddressRej ect amp VENDOR TESTNonuSI PAddressReject amp ZIP 95008 T ET 236 W Rincon 100 Fraud Protection Services User s Guide Testing the Transaction Security Filters Boo International Shipping Billing Address Filter Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25032282 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject NonUSIPAddress ERROR 14 49 23 result 125 TRXTYPE A International Shipping Billing Address Filter Pass in a non US Country code to either the billing or shipping address TRXTYPE A amp ACCT 5105105105105100 amp AMT 8 1000 O0OSBROWSERCOUNTRYCODE 203 amp BROWSERTIME 2 2 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY CZ amp COUNTRYCODE USA amp CUSTIP 66 218 71 93 amp CUSTREF CUSTREF a
3. T T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25033363 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject HighRiskBinCheck ERROR 15 52 54 result 125 TRXTYPE A Country Risk List Match Filter Pass in the specified country or country code TRXTYPE A amp ACCT 5105105105105100 amp AMT 8 1000 OO amp SBROWSERCOUNTRYCODE 203 amp BROWSERTIME 2 2 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY AD amp COUNTRYCODE AD amp CUSTIP 172 131 193 25 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FR EIGHTAMT 1 11 amp LASTNAME Johnson amp L_COSTO 11 11 amp L DESCO L DESCO L QTY0 1 amp L_SKUO L_SKUO amp L _TYPEO L_TYPEO amp L UPCO L_UPCO amp MIDDLENAME Z amp ORDERT IME ZONE 1 amp PARTNER PayPal amp PHONENUM 650 999 0123 amp PONUM PONUM amp PWD testingl amp S Y No City amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMIDDLENAME SHI PTOMIDDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 60649 amp SS 565
4. Freight Forwarder Risk List Match Filter Pass in the specified shipping address TRXTYPE A amp ACCT 3528000000000015 amp AMT 5 1000 amp BILLTOPHONE2 650 555 0123 amp BROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY Indianapolis amp COMMENT1 Automated testing from AdminTester amp COUNTRY US amp CUSTIP 255 255 255 255 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp D OB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FREIGHTAMT 1 11 amp LASTNAME Johnson amp L_COSTO 11 11 amp DESCO L DESCO amp L OTYO 1 amp L SKUO L SKU0 amp L TYPEO L TYPEO amp L_UPCO L_UPC0 amp MIDDLENAME Z amp ORDERT IMEZONE 1 amp PARTNER Pa yPal amp PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testingl amp SHIPCARRIER SHIPCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y Indianapolis amp COUNTRYCODE US amp SHI PTOEMATL 20 admin merchant com amp SHIPTOFIRSTNAME SHIP TOFIRSTNAME amp SHI PTOLASTNAME SHI PTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMIDDLENAME amp SHI PTOPHO NE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE IN amp SHIPTOSTREET 973 N Shadeland Ave amp SHIPTOSTREET2 UNIT C amp SHIPTOZIP 46219 amp SS 565796510 amp STATE IN amp STREET 973 N Shadeland amp TAXAMT 1 01 amp TENDER C amp USER TESTHighRiskFreightCheckReject amp VENDOR TESTHighRis kFreightCheckReject amp ZIP 46219
5. 2225500 73 Appendix A Fraud Filter Reference 77 Filters Included with the Fraud Protection Services 2 77 Filters Included with the Basic Fraud Protection Services Option 77 Filters Included with the Advanced Fraud Protection Services Option 78 Special Case Buyer Authentication Failure Filter 78 About the Fraud Risk Lists 0 00 ee ee 78 Filters Applied After Processing 00 00 eee ee ee 79 Transaction Data Required by Filters 0 0 e 02 79 Unusual Order Filters si a en auca a a e ee 79 Total Purchase Price Ceiling Filter o o 79 Total Item Ceiling Filter 2 2 0 o e 80 Shipping Billing Mismatch Filter 2 2 0 o e 80 fo Content Product Watch List Filter 2 o e e 81 High risk Payment Filters 2 1 2 a 81 AVS Failure Filter o e e o coco aioe Qa eb dk doe ee ee Re ee a 81 Card Security Code Failure Filter 2 2 e e 83 Buyer Authentication Failure Filter 0 o 84 BIN Risk List Match Filter o o 86 Account Number Velocity Filter 2 2 0 e e 86 High risk Address Filters 0 o eo eo 86 ZIP Risk List Match Filter o e o 87 Freight Fo
6. RESULT 1 0 amp RESPMSG 2 OK amp AUTHENTICATION ID 20 8d4d5ed66ac6e6faac6d amp AUTHEN TICATION STATUS 1 Y amp CAVV 28 OTJ1MzVi0ODhiOT11MjBhYmVkMGU amp ECI 2 05 amp XID 28 YJMOYTKwWNGFkKZTI5YmZmZWE1 ZmY Norte The character at the end of the XID value is correct it is the 28th character Step 3 Submit the Payflow Sale or Authorization transaction with buyer authentication data Direct the sale or authorization transaction TRXTYPESS or A to the test Payflow server pilot payflowpro paypal com The response should include a value for CARDSECURE To Generate a Particular CARDSECURE value Visa only Any dollar amount with 11 cents xx 11 causes CARDSECURE N Any dollar amount with 22 cents xx 22 causes CARDSECURE X All other amounts cause CARDSECURE Y e Ifthe Cardholder is Enrolled If the Validate Authentication transaction returns a verified enrollment include the following additional buyer authentication name value pairs from the Validate Authentication response AUTHENTICATION ID AUTHENTICATION STATUS CAVV The test servers use the following CAVV values for all accounts ZDQZMTMzMjhhMTc1MzgwZTAwNTA returns a response of 1 814UqW4Wg0aBASw0wR8wuQQFBQA returns a response of 6 all others return 2 XID Visa only ECI e Otherwise Include the following additional buyer authentication name value pairs from the Verify Enrollment response AUTHENTICATION_ID AUTHENTICATION_STA
7. Transaction Data Required by Filters This table lists each filter and the Payflow parameter values that are required by the filters Fraud Protection Services User s Guide 49 Screening Transactions Using the Payflow SDK Transaction Data Required by Filters TABLE 7 1 Parameters required by filter Filter Account Number Velocity AVS Failure Bad Lists Buyer Auth Failure BIN Risk List Match Country Risk List Match Card Security Code Failure Email Service Provider Risk List Freight Forwarder Match Required Transaction Data Credit card number Billing address street address Billing address ZIP postal code Customer email address Credit card number You must be enrolled in the Buyer Authentication Services Credit card number Billing address country Shipping address country Card security code information from credit card Customer email address Shipping address street address Shipping address ZIP postal code Shipping address city Shipping address state province Shipping address country Payflow Parameters ACCT STREET ZIP EMAIL ACCT See Chapter 6 Performing Buyer Authentication Transactions Using the SDK ACCT COUNTRY COUNTRYCODE CSC EMAIL SHIPTOSTREET SHIPTOZIP SHIPTOCITY SHIPTOSTATE COUNTRY CODE Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Transaction Data Required by Filters TABLE
8. a Esa Gi Pi ES SHIPTOLASTNAMI SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMIDDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHI PTOSTREE T 487 East Middlefield Road amp SHIPTOSTREET2 487 East Middlefield Road amp SHIPTOZIP 94043 amp SS 565796510 amp STATE CA amp STR Ave amp BILLTOSTREET2 Unit C amp TAXAMT 1 028 TENDER C amp USER TESTAVSRejectFul 1 amp VENDOR TESTAVSR T ET 667 W Rinc Expected Response Message resp mesg RESULT 12586PNREF BCA250342556RESPMSG Declined by F on eject Full amp ZIP 99999 raud Service amp AUTHCODE 421 PNI amp AVSADDR X amp AVSZI P X amp IAVS X amp PREFPSMSG No Rules Triggered amp POSTFPSMSG Reject AVS ERROR 16 55 6 result 125 TRXTYPE A BIN Risk List Match Filter Pass in the appropriate credit card number for the card brand e American Express 378282246310005 e MasterCard 5555555555554444 e Visa 4610251000010168 Fraud Protection Services User s Guide Testing the Transaction Security Filters Country Risk List Match Filter TRXTY PE A amp ACCT 4610251000010168 AMT 8 S1000 00 amp BILLTOPHONE2 650 555 0123 amp BILLTOSTREET2 123 BILLTOSTREET amp BROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 July 11 2002 12 12 12 amp BROWSERUSERAGEN
9. Example Return Values Note AUTHENTICATION ID AUTHENTICATION STATUS and ECI should be returned in all cases For buyer authentication transaction types the AUTHENTICATION _ID value performs the same function as the PNREF value that is returned to standard Payflow transactions e Account is enrolled in the 3 D Secure program If the cardholder is enrolled test cases 1 2 3 6 7 and 8 then the AUTHENTICATION_STATUS should be E and PAREQ and ACSURL should return non null values RESULT 1 0 amp RESPMSG 2 OK amp AUTHENTICATION ID 20 43669e4921cf 8b504c4 amp AUT HENTICATION STATUS 1 E amp PAREQ 428 eJxVkulugjAUhm FeAHOA3Bozpr48WP 2GK23 UAQHIVECpY y9e7XCkzXkPS8 fevD6Vvg 2iJ11 EnSUF79S2 kBRWbx09mkync4onUmB 3yXx8 RTTiYLt4pPOCn7ItmVtlIh5LIGNOhMsHrVxC3Sel5sPJcMANiioyG7WSgwDWK B6IrUkloXr TpVJqbDn20Rreqq0eYG704D1p1x9qby LAMbBXT2pI7ONXPGLpdLvPMU7CHOGTHWFDCWB91 ju WOXqtYzr2Whpi 5FEWO1GOWU06U7 0HggOFdqQk5wmXIokEn3M5T1Jg93XQVWhCiVksM3 GX kET4IVRCs7zCvioLRkcj zEqoGtTG 17f Fx NRTUom9 9mB5 9r95CxOh8epngzw8 Pad NgLSKJI 6InWg8Ir7HhDt1w3b769xv8AhQarWM 8ACSURL 66 http pilot buyerauth post verisign com DDDSecure Acs3DSecureSim start e All other cases If the cardholder is not enrolled or other conditions test cases 4 and 5 then the following is returned RESULT 1 08RESPMSG 2 0K8AUTHENTICATION ID 20 48c92770755039d6bb3d amp AUT HENTICATION STATUS 1 08EC1 1 1 7 PAREQ an
10. Testing Buyer Authentication Transactions Test cases are described in Test Case Descriptions and Account Numbers on page 107 Use the card number associated with a test case and the appropriate password to generate the results appropriate to the case Buyer Authentication Test Server Direct Verify Enrollment transactions TRXTYPE E and Validate Authentication transactions TRXTYPE Z to the test Buyer Authentication Server pilot buyerauth verisign com Payflow Test Server Direct the standard Payflow sale or authentication test transaction to pilot payflowpro paypal com Test Case Descriptions and Account Numbers To generate particular results use the test account numbers listed in Table C 1 Fraud Protection Services User s Guide 107 108 Testing Buyer Authentication Transactions Using the Payflow SDK Test Case Descriptions and Account Numbers Account numbers starting with 5 are MasterCard Numbers starting with 4 are Visa In the table VE stands for the Verify Enrollment transaction and VA stands for the Validate Authentication transaction Test Cases TABLE C 1 Generating buyer authentication result Case 1 12 Test Scenario Card enrolled VE AUTH_STATUS E Successful authentication AUTH_STATUS Y for VA Successful signature verification Card enrolled VE AUTH_STATUS E Failed authentication AUTH_STATUS N for VA Successful signature verification Card enrolled VE AUTH_STATUS
11. 0 20000 eee ee ee 47 Audit Trail and Transaction Logging 2 ee uo 47 Chapter 7 Screening Transactions Using the Payflow SDK 49 Downloading the Payflow SDK Including APIs and API Documentation 49 Transaction Data Required by Filters 2 0 2 2 0 0 o eee 49 Transaction Parameters Unique to the Filters 2 20 0 0 0000 eee 52 Existing Payflow Parameters Used by the Fillers 2 53 Response Strings for Transactions that Trigger Filters 54 RESULT Values Specific to Fraud Protection Services 0 57 Changing the Verbosity Setting o 0 o e e 58 Example Response for an Authentication Transaction With Verbosity Low 58 Example Response for an Authentication Transaction With Verbosity Medium 58 Accepting or Rejecting Transactions That Trigger Filters 62 Logging Transaction Information e e 62 Chapter 8 Responses to Credit Card Transaction Requests 65 An Example Response String e o 65 Contents of a Response to a Credit Card Transaction Request 66 PNREF Value ss so o a a A a ARA 67 PNREF Format 00002 ee ee 67 RESULT Codes and RESPMSG Values 2 0 000022 eee 68 RESULT Values for Transaction Declines or Errors 2 68 RESULT Values for Communications Errors
12. An Example Response String When a transaction finishes the server returns a response string made up of name value pairs For example this is a response to a credit card Sale transaction request RESULT 0 amp PNREF VXYZ01234567 amp RESPMSG APPROVED amp AUTHCODE 12345 6 amp AVSADDR Y amp AVSZ IP N amp IAVS Y amp CVV2MATCH Y Fraud Protection Services User s Guide 65 az Responses to Credit Card Transaction Requests Contents of a Response to a Credit Card Transaction Request Contents of a Response to a Credit Card Transaction Request All transaction responses include values for RESULT PNREF and RESPMSG A value for AUTHCODE is included for Voice Authorization transactions Values for AVSADDR and AVSZIP are included if you use address verification system AVS Table 8 1 describes the values returned in a response string TABLE 8 1 Transaction response values Field PNREF RESULT CVV2MATCH RESPMSG PPREF AUTHCODE AVSADDR Description Reference ID a unique number that identifies the transaction PNREF is described in PNREF Format on page 67 The outcome of the attempted transaction A result of 0 zero indicates the transaction was approved Any other number indicates a decline or error RESULT codes are described in RESULT Codes and RESPMSG Values on page 68 Result of the card security code CVV2 check The issuing bank may decline the transaction if there is a misma
13. ZIP Risk List Match Filter on page 105 Good and Bad Lists To test the Good and Bad List filters add good and bad entries to the list and then submit a transaction using a value in the list Fraud Protection Services User s Guide 95 96 Testing the Transaction Security Filters AVS Failure Filter AVS Failure Filter TRXTYPE A amp ACCT 5105105105105100 amp AMT 4 1 02 amp BILLTOPHONE2 650 0123 amp BROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY Campbe1 1 amp COMM 555 T ENT1 Automated testing from AdminTester amp COUNTRY US amp CUSTIP 194 213 32 220 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp D0 B CA123456 amp EMAIL 17 Admin merchant com amp EXPDATE 1209 amp FIRSTNAM E John amp FREIGHTAMT 1 11 amp L L_SKU0 amp L TYPEO L_TYPEO amp ASTNAME Johnson L COSTO 11 116L DESCO L_DESCO amp L QTYO 1 amp L_SKUO L UPCO L_UPCOS MIDDLENAME ZS6ORDERTIMEZONE 1 amp PART 0123 amp PONUM PONUM amp PWD testingl amp SHIPCARRI Y Mountain View amp COUNTRYCOD I R SHI PCARRIER amp SHIPMET E US amp SHIPTOEMAIL 17 Admin merchant com amp SHIPTO R PayPal amp PHONENUM 650 555 HOD SHI PMETHOD amp SHIPTOCIT FIRSTNAME SHIPTOFIRSTNAM
14. o e 99 International AVS Filter o a 99 International IP Address Filter 0 o o eo 100 International Shipping Billing Address Filter 0 101 Content IP Address Match Filter 20 e 102 Shipping Billing Mismatch Filter aaa aaa ee 102 Total Item Ceiling Filter 2 eo 103 Total Purchase Price Ceiling Filter 2 2 2 022002 ee ee 103 Total Purchase Price Floor Filter 00000 eee ee ee 104 USPS Address Validation Failure Filter o e 104 ZIP Risk List Match Filter 2 aaa aa a 105 Appendix C Testing Buyer Authentication Transactions Using the Payflow SDK 107 Testing Buyer Authentication Transactions 02222004 107 Buyer Authentication Test Server 2 eee 107 Payflow Test Server ee 107 Test Case Descriptions and Account Numbers 2 2 0 02 es 107 Test Cases oha aa e ee aah de Sa ee a a a eG 108 Expected Result Codes for Buyer Authentication 0 0 0 109 Buyer Authentication Testing Procedures oaoa aa e 4 110 Perform the Verify Enrollment Transaction o 110 Verify Enrollment Transaction Test Cases 111 Example Return Values 2 2 ee a 111 Validate Authentication Transaction Test Cases 0 113 Procedure ae dor Aa a AR a A e
15. 9 Too many parameters or invalid stream 10 Too many line items 11 Client time out waiting for response 12 Declined Check the credit card number expiration date and transaction information to make sure they were entered correctly If this does not resolve the problem have the customer call their card issuing bank to resolve 13 Referral Transaction cannot be approved electronically but can be approved with a verbal authorization Contact your merchant bank to obtain an authorization and submit a manual Voice Authorization transaction 14 Invalid Client Certification ID Check the HTTP header If the tag X VPS VIT CLIENT CERTIFICATION ID is missing RESULT code 14 is returned 19 Original transaction ID not found The transaction ID you entered for this transaction is not valid See RESPMSG 20 Cannot find the customer reference number 22 Invalid ABA number 23 Invalid account number Check credit card number and re submit 24 Invalid expiration date Check and re submit 25 Invalid Host Mapping You are trying to process a tender type such as Discover Card but you are not set up with your merchant bank to accept this card type 26 Invalid vendor account Login information is incorrect Verify that USER VENDOR PARTNER and PASSWORD have been entered correctly VENDOR is your merchant ID and USER is the same as VENDOR unless you created a Payflow Pro user All fields are case sensitive 27 Insufficient partner permissions 28 Ins
16. 2 2 31 Buyer Authentication Transaction Overview o e e 31 Buyer Authentication Terminology e 32 Buyer Authentication Server URLS 00200002 ee eae 33 Detailed Buyer Authentication Transaction Flow e 33 Call 1 Verify that the cardholder is enrolled in the 3 D Secure program 33 Call 2 POST the authentication request to and redirect the customer s browser to the ACS URL oa oa DS i ton ee a ee ee See ii a 34 Call 3 Validate the PARES authentication data returned by the ACS server 36 Call 4 Submit the intended transaction request to the Payflowserver 36 Example Buyer Authentication Transactions o e 2 37 Example Verify Enrollment Transaction 0 ee 38 Example Verify Enrollment Response e e 38 Example Validate Authentication Transaction o a a ee 38 Example Payflow Authorization or Sale Transaction 39 Buyer Authentication Transaction Parameters and Return Values 40 Transaction Parameters 2 0 ee 40 Verify Enrollment Transaction Name Value Pairs 2 40 Validate Authentication Transaction Name Value Pairs 42 Standard Payflow Sale or Authorization Transaction 43 EGINAWCS 4 2 sia Pee ee ee A A PE eRe Pe es 45 Content Logging Transaction Information
17. J ERAGENT BROWSERUSERAGENT amp CITY No ting from t com amp EXPDATE 1209 amp FIRSTNAM John UM PONUM amp PWD testingl amp SHI PCARRIER SHIPCARRIER amp SH IPTOEMAIL 20 admin merchant com amp SHIPTOFI IPMETHOD SHI PME THOD amp SHIPTOCIT RSTNAME SHIPTOFIRSTNAME amp SHIPT E SHIPTOMIDDLENAME SHIPTOMIDDLENAI E SHIPTOPHONE 650 555 T ET2 123 SHIPTOSTREET St amp TAXAMT 1 01 amp TENDER C amp US eject amp ZIP 11111 ER T ESTBi11ShipMismatchReject Expected Response Message resp m Service amp PRI sg ERRO RESULT 12586PNREF V BOA25031150 amp RESPMSG Declined EFPSMSG Reject BillShipMismatch R 13 34 27 result 125 TRXTYPE A amp VENDOR TESTBil1ShipMismatchR by Fraud Fraud Protection Services User s Guide Testing the Transaction Security Filters Boo Total Item Ceiling Filter Total Item Ceiling Filter First set the filter to trigger on 5 or fewer items For testing pass in more than 5 items as shown here TRXTYPE A amp ACCT 3528000000000015 amp AMT 4 1000 amp BROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 J uly 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY 203 amp C
18. Service amp PREFPSMSG Reject HighOrderNumber ERROR 13 19 25 result 125 TRXTYPE A Total Purchase Price Ceiling Filter First set the filter to trigger at 1000 00 For testing pass in an amount higher than 1000 as shown here TRXTY PE A amp ACCT 3528000000000015 amp AMT 7 1000 01 amp SBROWSERCOUNTRYCODE 203 amp BROWSERTIME 22 J July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY 203 amp COUNTRYCODE 203 amp CUSTIP 255 255 255 255 amp CUSTREF CUSTREF amp DESC D ESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME amp FREIGHTAMT 1 11 amp LASTNAME Johnson amp L COSTO 11 118L DESCO L DESCOSL QTY0 1 amp L SKUO L_SKU 0 amp L TYPEO L TYPEO amp L UPCO L UPCOSMIDDLENAME Z amp ORDERTIMEZONE 1 amp PARTNER PayPa1 PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHIPCARRIER amp SHI PMETHOD SHI PMETHOD amp SHIPTOCIT Y SHIPTOCITY amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPT OLASTNAME SHI PTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHI PTOSTREET SHIPTOSTREET amp SHIPTOSTR 2 amp SHIPTOZIP 11111 amp SS 565796510 amp STATE CA amp STREET 123 Main St amp TAXAMT 1 01 amp TENDER C amp USER TESTCeilingAmo
19. amp ORDERT IME ZONE 1 amp PARTNER PayPa1 amp PHONENUM 650 YPEO L_TYPI E0 amp L UPCO L_UPCO amp MIDD 555 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHIPCARRI Y No City amp SHIPTOEMAI E SHIPTOLASTNAM 0124 amp SHIPTOPHON St blahsSHIPTOSTR blahsBILLTOSTREET2 123 SHIPTOSTREET John amp FREI SCO amp L_QTYO 1 amp L SKUO L_SKUO amp L T GI F E F E 2 T 2 amp TAXAMT 1 lAddressCheckReject amp ZIP 60649 al R amp SHIPMETHOD SHIPMETHOD amp SHIPTOCIT 18 fraud asiamail com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM amp SHIPTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 650 555 0125 amp SHIPTOSTATE CA amp COUNTRYCODE US amp SHIPTOSTREET 123 Main ET2 amp SHIPTOZIP 60649 amp SS 565796510 amp STATE CA amp STREET 123 Main St OL amp TENDER C amp USER TESTBil1USPostalAddressCheckReject amp VENDOR TESTBil11USPosta Expected Response Message resp mesg Service amp PRI ERRO R 14 39 3 result 125 TRXTYP RESULT 125 amp PNREF VB0A25032101 amp RESPMSG Declined by Fraud EFPSMSG Reject BillUSPostalAddressCheck A E A Fraud
20. for the shipping contact 6104463591 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Existing Payflow Parameters Used by the Filters TABLE 7 2 Parameters accepted by the Payflow server Max Name Description Type Length Example SHIPTOEMAIL Optional E mail String 40 abc xyz com Address for the shipping formattedas contact an email address COUNTRYCODE Optional Country code Alpha 3 US USA 840 of the shipping country numeric The country code String depends on the processor Existing Payflow Parameters Used by the Filters The following existing Payflow parameters described in are also used by the filters if they are provided in the transaction request or response User Authentication PARTNER VENDOR USER PWD Transaction Information TRXTYPE TENDER ACCT EXPDATE AMT Billing Information FIRSTNAME MIDDLENAME LASTNAME STREET BILLTOSTREET2 CITY STATE ZIP COUNTRY PHONENUM BILLTOPHONE2 EMAIL Fraud Protection Services User s Guide 53 Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters Shipping Information SHIPTOFIRSTNAME SHIPTOLASTNAME SHIPTOMIDDLENAME SHIPTOSTREET SHIPTOSTREET2 SHIPTOCITY SHIPTOSTATE SHIPTOZIP COUNTRYCODE SHIPTOPHONE SHIPTOPHONE2 SHIPTOEMAIL Order Information DOB DL SS CUSTIP BROWSERUSERAGENT BROWSERTIME BROWSERCOUNTRYCODE FREIGHTAMT TAXAMT
21. lt ruleDescription gt Shipping BillingMismatch lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The billing and shipping addresses did not match lt triggeredMessage gt lt rule gt lt rulenum 4 gt lt ruleId gt 13 lt rulelId gt lt ruleAlias gt H ighRiskBinCheck lt ruleAlias gt lt ruleDescription gt BIN Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The card number is in a high risk bin list lt triggeredMessage gt lt rule gt lt rulenum 5 gt lt ruleld gt 37 lt ruleld gt lt ruleAlias gt Hi ghRiskZIPCheck lt ruleAlias gt lt ruleDescription gt Zip Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt High risk shipping zip lt triggeredMessage gt lt rule gt lt rulenum 6 gt lt ruleld gt 16 lt ruleld gt lt ruleAlias gt Bil 1USPostalAddressCheck lt ruleAlias gt lt ruleDescription gt USPS Address Validation Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The billing address is not a valid US Address lt triggeredMessage gt lt rulevendorparms gt lt ruleParameternum 1 gt lt name gt Addr essToVerify lt name gt lt valuetype String gt bill lt value gt lt ruleParameter gt lt ruleven dorparms gt lt rule gt Remove text completely lt rulenum 7 gt lt ruleId gt 10 lt ruleId gt lt ruleAlias gt HighRiskEmailCheck lt r uleAlias gt lt ruleDescription gt Email Service Provide
22. plus the following values TABLE 7 4 Medium VERBOSITY parameters Parameter Type Length Description FPS_PREXMLDATA char Itemized list of responses for triggered filters HOSTCODE char 7 Response code returned by the processor This value is not normalized RESPTEXT char 17 Text corresponding to the response code returned by the processor This text is not normalized PROCAVS char 2 AVS Address Verification Service response from the processor PROCCVV2 char 1 CVV2 buyer authentication response from the processor PROCCARDSECURE char 1 VPAS SPA response from the processor ADDLMSGS char Up to 1048 Additional error message that characters indicates that the merchant used a Typically 50 feature that is disabled characters Fraud Protection Services User s Guide 55 Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters TABLE 7 4 Medium VERBOSITY parameters Parameter TRANSSTATE DATE_TO_SETTLE Type Integer 10 Date format 19 YYYY MM DD HH MM SS Length Description State of the transaction The values are 0 General succeed state 1 General error state 3 Authorization approved 6 Settlement pending transaction is scheduled to be settled 7 Settlement in progress transaction involved in a currently ongoing settlement 8 Settled successfully 9 Authorization captured once an authorization type transaction is captured its
23. 5555555555554444 amp EXPDATE 0 308 amp AMT 123 00 amp AUTHENTICATION ID 20 8d4d5ed66acbeb6faac6d amp CAVV 28 OTJIMzVi0ODhiOT11MjBhYmVkMGU sAUTHENTICATI ON_STATUS 1 1 EC1 1 5 amp XID 28 YjMOYTkwNGFKZTI5YmZmZWE1 ZmY Cardholder Not Enrolled If there is no PAREQ returned in the response to the Verify Enrollment call then the cardholder is not enrolled You perform the intended transaction using the standard name value pairs plus the AUTHENTICATION _ID AUTHENTICATION_STATUS and ECI returned by the Verify Enrollment transaction The following is an example name value pair parameter string TRXTYPE S amp TENDER C amp PARTNER PayPal amp VENDOR SuperMerchant amp USER SuperMerchant amp PWD x1 y2 23 amp ACCT 5555555555554444 amp EXPDATE 0 308 amp AMT 123 0O amp AUTHENTICATION ID 20 8d4d5ed66ac6e6faac6d amp AUTHENTICATION STATUS 1 O amp ECI 1 7 amp Example Payflow Authorization or Sale Transaction Response For Visa transactions the response includes a CARDSECURE value of Y card issuer judges CAVV to be valid N card issuer judges CAVV to be invalid or X cannot determine validity of CAVV Fraud Protection Services User s Guide 39 az Performing Buyer Authentication Transactions Using the SDK Buyer Authentication Transaction Parameters and Return Values e CAVV Is Valid RESULT 0 amp PNREF VXYZ01234567 amp R
24. DDDSecure Acs3DSecureSim start Cardholder is not enrolled RESULT 1 0 amp RESPMSG 2 OK amp AUTHENTICATION ID 20 48c92770755039d6bb3d amp AUTHEN TICATION STATUS 1 O amp ECI 1 1 Example Validate Authentication Transaction Use TRXTYPE Z to submit a Validate Authentication transaction to validate the Issuer s digital signature on the PARES validate the content of the PARES and to parse the PARES The following is an example name value pair parameter string Norte Ensure that you include no stray carriage returns with the PARES value especially at the end of the string TRXTY PE Z amp PARTNER PayPal amp PWD p12345 amp VENDOR SuperMerchant amp USER SuperMerchan t amp PARES 3648 eJzdWFmTokoW isdPW9T0c3iUnLDNiKTXQUrWYU3N1 1EUUBAfv0kW11191TPX ebhTowRBpmHkyfPfr5gbiR1FHF6FFZKaDFXoqry4uhTGn77PAvH4SOKp1MvmEbTnYcf4efF AVo UXV3 2HD7X3WCzskU0s1kGrG33TzqTsUxwhz0nHhbz4135U7ecfHPh9 dnIE6N7aLeZz0eP1TgRp9 XtVdfgo oZbuHePyp FUqxyFTX1gV51 jMqj de 12HNLjbqw Qaqgfe7Ow9IGj cKgt20dvtTspJPI2eyuRw0 nbr9JKdp6eVP1u3xUyaKNl1qYzVksB9vKCe6kqR1V4gqfUJP13vSW190KuSbn5zpK0ouzXl9mNfoA RhDv30q1t 8n71 9Wboh 9fb5 Eh F3 5 K wWCuwo Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK em Example Buyer Authentication Transactions Example Validate Authentication Response RE
25. Filter on page 81 Special Case Buyer Authentication Failure Filter The optional Buyer Authentication service is described in Buyer Authentication Service on page 10 The Buyer Authentication Failure filter which screens the customer authentication data returned by the service is described on page 84 About the Fraud Risk Lists Filters whose name includes Risk List make use of lists that the Fraud Protections Services manage Extensive statistical analysis of millions of e commerce transactions is performed to determine transaction data elements for example BIN numbers or ZIP codes that are statistically more likely than average to be correlated with fraudulent transactions Inclusion in a Risk List is not an absolute indication of fraud only a statistical correlation that indicates that you should evaluate the transaction more closely and in conjunction with other filter results for the transaction 78 Fraud Protection Services User s Guide Fraud Filter Reference EE Unusual Order Filters Filters Applied After Processing Most filters are applied to the transaction request before forwarding the request to the processor The following filters are applied to the transaction results that the processor returns e AVS Failure filter described on page 81 e Card Security Code Failure filter described on page 83 e International AVS filter described on page 92 e Custom filters described on page 94 Transa
26. Is this cardholder enrolled TRXTYPE E lt ACCT 5105510551055555 EXPDATE 0308 Verify RESULT 0 Yes the Enrollment AUTH_STATUS E cardholder is enrolled and here s call AUTH_ID 1A3D4G the URL of the Issuing bank s PAREQ J84H To4vv6K ACS page and the Payer ACSURL www issuer com ECl 7 Authentication Request PAYREQ that you ll need when you ask the Issuing bank to authenticate the customer Call 2 POST the authentication request to and redirect the customer s browser to the ACS URL Note XMLPay uses the ValidateAuthentication transaction for Call 2 If the card is enrolled you place the following values in an HTTP form and then HTTP POST the values to the ACS URL the issuer s ACS site e PAREQ The value of the PAREQ returned in the Verify Enrollment call e TermUrl Your server the one that should accept the authentication response e MD Required Any data that you want returned echoed to the TermUrl by the ACS server Typically this is state information XMLPay uses the ValidateAuthentication transaction for this purpose Your server then redirects the customer s browser to the ACS URL The customer views the ACS form enters their 3 D Secure password and submits the form to the Issuing bank The issuer s ACS server validates the password authenticates the customer s identity and then generates and digitally signs a PARES value payer authentication response The ACS server
27. Payflow Pro accounts Credit Card Fraud Fraudsters can use stolen or false credit card information to perform purchases at your Web site masking their identity to make recovery of your goods or services impossible To protect you against credit card fraud the Fraud Protection filters identify potentially fraudulent activity and let you decide whether to accept or reject the suspicious transactions Protection Against the Threats Fraud Filters Configurable filters screen each transaction for evidence of potentially fraudulent activity When a filter identifies a suspicious transaction the transaction is marked for review Fraud Protection Services offers two levels of filters Basic and Advanced The filters are described in Appendix B Fraud Filter Reference For detailed descriptions of the filter levels the order and logic of the screening process and for specific variations from the simple flow described here see Appendix A How Filters Work Fraud Protection Services User s Guide 13 14 How Fraud Protection Services Protect You Special Considerations Example Filter The Total Purchase Price Ceiling filter compares the total amount of the transaction to a maximum purchase amount the ceiling that you specify Any transaction amount that exceeds the specified ceiling triggers the filter Configuring the Filters Through PayPal Manager you configure each filter by specifying the action to take wheneve
28. Protection Services User s Guide Testing the Transaction Security Filters ZIP Risk List Match Filter ZIP Risk List Match Filter Pass in the specified ZIP codes TRXTYPE A8ACCT 51051051051051008AMT 8 1000 008BROWSERCOUNTRYCODE 2036BROWS 2 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY 203 amp COUNTRYCODE 203 amp CUSTIP 172 131 193 25 amp CUSTREF CUSTREF amp DESC DE SC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FREIGHTAMT 1 11 amp LASTNAME Johnson amp L COSTO 11 11 amp L DESCO L_DESCO amp L QTY0 1 amp L_ SKUO L_SKUO T RTIME 2 L TYPEO L TYPEO L UPCO L UPCO amp MIDDLENAMFE Z ORDERTIMEZONF 1 amp PARTN R PayPal amp PHONENUM 6 50 555 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHI PCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y No City8SHIPTOEMAIL 20 admintmerchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 606496SS 565796510 amp STAT Ma
29. TRANSSTATE becomes 9 10 Capture failed an error occurred while trying to capture an authorization because the transaction was already captured 11 Failed to settle transactions fail settlement usually because of problems with the merchant s processor or because the card type is not set up with the merchant s processor 12 Unsettled transaction because of incorrect account information 14 For various reasons the batch containing this transaction failed settlement 16 Merchant ACH settlement failed need to manually collect it For information on TRANSSTATE incremental values see the table below Value available only before settlement has started 56 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters TABLE 7 4 Medium VERBOSITY parameters Parameter Type Length Description BATCHID Integer 10 Value available only after settlement has assigned a Batch ID SETTLE DATE Date format 19 Value available only after settlement YYYY MM has completed DD HH MM SS Note If you use Nashville TeleCheck or Paymentech then you must use a client version newer than 2 09 to take advantage of the MEDIUM verbosity setting For information on interpreting the responses returned by the processor for the MEDIUM Verbosity setting contact your processor directly The table below shows the increments that are possible on bas
30. amp FPS PREXMLDATA 2898 lt triggeredRules gt lt rul num 1 gt lt ruleld gt 2 lt ruleld gt lt ruleAlias gt CeilingAmount lt ruleAlias gt lt ruleDescript ion gt Total Purchase Price Ceiling lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The purchase amount of 7501 is greater than the ceiling value set of 7500 lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter num 1 gt lt name gt CeilingValue lt name gt lt valu type USD gt 75 00 lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt rule num 2 gt lt ruleld gt 6 lt ruleld gt lt ruleAlias gt HighOrderNumber lt ruleAlias gt lt ruleDescri ption gt Total Item Ceiling lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt 16 items were ordered which is over the maximum allowed quantity of 15 lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter num 1 gt lt name gt Value lt name gt lt value type Integer gt 15 lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt rule num 3 gt lt ruleld gt 7 lt ruleld gt lt ruleAlias gt Bi11ShipMismatch lt ruleAlias gt lt ruleDescr iption gt Shipping Billing Mismatch lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The billing and shipping addresses did not match lt triggeredMessage gt lt rule gt lt rul num 4 gt lt ruleId gt 13 lt ruleld gt lt ruleAlias gt HighRiskBinCheck lt ruleAlias gt l
31. for 3D secure is invalid Validate Authentication failed missing or invalid PARES Validate Authentication failed PARES format invalid Validate Authentication failed Cannot find successful Verify Enrollment Validate Authentication failed Signature validation failed for PARES Validate Authentication failed Mismatched or invalid amount in PARES Validate Authentication failed Mismatched or invalid acquirer in PARES Validate Authentication failed Mismatched or invalid Merchant ID in PARES Validate Authentication failed Mismatched or invalid card number in PARES Validate Authentication failed Mismatched or invalid currency code in PARES Validate Authentication failed Mismatched or invalid XID in PARES Validate Authentication failed Mismatched or invalid order date in PARES Validate Authentication failed This PARES was already validated for a previous Validate Authentication transaction Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK a Logging Transaction Information Logging Transaction Information A record is maintained of all transactions executed on your account Use PayPal Manager to view the record and use the information to help reconcile your accounting records Norte This record is not the official bank statement The activity on your account is the official record In addition it is strongly recommended that you log all transaction results except for check infor
32. included with each option are listed here In addition the optional Buyer Authentication Failure filter is described on page 78 Filters Included with the Basic Fraud Protection Services Option e Total Purchase Price Ceiling Filter on page 79 e Total Item Ceiling Filter on page 80 e Shipping Billing Mismatch Filter on page 80 e AVS Failure Filter on page 81 e Card Security Code Failure Filter on page 83 e ZIP Risk List Match Filter on page 87 Fraud Protection Services User s Guide 77 Fraud Filter Reference About the Fraud Risk Lists Freight Forwarder Risk List Match Filter on page 87 IP Address Velocity Filter on page 90 Filters Included with the Advanced Fraud Protection Services Option All Basic filters plus Buyer Authentication Failure Filter on page 84 USPS Address Validation Failure Filter on page 87 Email Service Provider Risk List Match Filter on page 88 IP Address Match Filter on page 88 Account Number Velocity Filter on page 86 Geo location Failure Filter on page 89 Bad Lists on page 90 International Shipping Billing Address Filter on page 91 International AVS Filter on page 92 International IP Address Filter on page 92 Country Risk List Match Filter on page 91 Good Lists on page 93 Total Purchase Price Floor Filter on page 94 Custom Filters on page 94 Product Watch List
33. live Custom Filters you cannot create any more Custom Filters until you delete one of the existing Custom Filters See PayPal Manager online help for details on creating a custom filter 94 Fraud Protection Services User s Guide Testing the Transaction Security Filters Each example transaction shown in this chapter is designed to test the operation of a single filter To test a filter disable all other filters and submit the transaction The filter should be triggered and display its results in the Transaction Details page In the examples the critical transaction data is shown in bold red type In This Appendix e Good and Bad Lists on page 95 e AVS Failure Filter on page 96 e BIN Risk List Match Filter on page 96 e Country Risk List Match Filter on page 91 e Email Service Provider Risk List Match Filter on page 98 e Freight Forwarder Risk List Match Filter on page 98 e Geo location Failure Filter on page 99 e International AVS Filter on page 99 e International IP Address Filter on page 100 e International Shipping Billing Address Filter on page 101 e IP Address Match Filter on page 102 e Shipping Billing Mismatch Filter on page 102 e Total Item Ceiling Filter on page 103 e Total Purchase Price Ceiling Filter on page 103 e Total Purchase Price Floor Filter on page 104 e USPS Address Validation Failure Filter on page 104 e
34. may want to make changes to the filter settings Simply return to the Edit Filters page change settings and redeploy them Once you are happy with your filter settings you can move to Phase 2 Fraud Protection Services User s Guide Configuring the Fraud Protection Services Filters Phase 2 Run Live Transactions on Live Transaction Servers in Observe Mode Phase 2 Run Live Transactions on Live Transaction Servers in Observe Mode In this phase you configure filters on live servers to the settings that you had fine tuned on the test servers In Observe mode filters examine each live transaction and mark the transaction with the filter results The important difference between Observe and Active mode is that regardless of the filter actions all Observe mode transactions are submitted for processing in the normal fashion Observe mode enables you to view filter actions offline to assess their impact given current settings on your actual transaction stream Note You are charged the per transaction fee to use the live servers in either Observe or Active mode 1 Click Service Settings gt Fraud Protection gt Test Setup Click Move Test Filter Settings to Live The Move Test Filter Setting to Live page appears Remember that in this phase you are configuring the live servers 2 Click Move Test Filter Settings to Live On the page that appears click Move Test Filter Settings to Live again 3 The Move Test Filter Settings
35. signature is valid ECI 2 1 the content of PaRes is valid XID 3Pm95VwzG8YeJ the authentication was successful and here s the data that parsed from the PaRes Call 4 Submit the intended transaction request to the Payflow server Note For Call 4 when using XMLPay pass the following in ExtData for Authorization and Sale transactions AUTHENTICATION STATUS lt status gt AUTHENTICATION ID lt id gt CAV V lt cavv value gt and XID lt xid value gt ECI lt eci value gt Now that when the buyer authentication process is complete you submit the intended sale or authorization payment transaction TRXNTYPESS or A to the Payflow server In addition to 36 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK em Example Buyer Authentication Transactions the standard sale or authorization transaction data you include buyer authentication data as follows Standard values TRXTYPE S a TENDER C and I ve included AMT 42 00 Buyer Authentication data ACCT 5105510551055555 Here s a Sale transaction EXPDATE 0308 Buyer Authentication values AUTH_ID 1A3D4G AUTH_STATUS Y CAVV 1i409JK4aUv5Kq ECI 2 XID 3Pm95VwzG8YeJ Payflow Server Standard Payflow Sale Transaction with Buyer eau TX OK here are the icati PNREF VXYZ01234569 results for the Sale Authentication RESPMSG APPROVED and I ve logged the data Buyer Authent
36. the customer Because this normalization happens during data validation by the Payflow server the data as entered by the customer will still appear in its original form on all transaction data review pages This means that you might see the following entries not flagged as mismatches on the Fraud Details page Billing Shipping Steve Morrison Steve Morrison 4390 Ramirez 4390 Ramires San Francisco CA San Francisco CA 94114 94113 How does the filter protect me There are legitimate reasons for a shipping billing mismatch with a customer purchase for example gift purchases might fit this profile But a mismatch could also indicate that someone 80 Fraud Protection Services User s Guide Fraud Filter Reference EE High risk Payment Filters is using a stolen identity to complete a purchase and having the items sent to another address from which they can retrieve the stolen items To help to distinguish between legitimate and fraudulent orders review all mismatches by cross checking other purchase information such as AVS and card security code Product Watch List Filter What does the filter do The Product Watch List filter compares the SKUs or other product identifier of the products in a transaction against a Product Watch List that you create Any transaction containing an SKU in the list triggers the filter If you enable this filter then you must set up the list of products that should be monitored Norte Items tha
37. the filter settings Filter settings take effect only after you deploy them Filter setting changes are updated hourly roughly on the hour This means that you might have to wait up to an hour for your changes to take effect This waiting period only occurs when you move from one mode to the next e Phase 1 Run test transactions in Test mode using test transaction servers In the test phase of implementation you configure fraud filter settings for test servers that do not affect the normal flow of transactions You then run test transactions against the filters and review the results offline to determine whether the integration was successful Once you are happy with the filter settings you move to the next phase and the settings that you decided upon in the test phase are transferred to the live servers e Phase 2 Run live transactions on live transaction security servers using Observe mode When you deploy to Observe mode the settings that you decided upon in the test phase are automatically transferred to the live servers In Observe mode the filters examine each live transaction and mark the transaction with each triggered filter s action You can then view the actions that would have been taken on the live transactions had the filters been active Regardless of the filter actions all transactions are submitted for processing in the normal fashion e Phase 3 Run live transactions on live transaction security servers using Active
38. the original transaction gt e UPDATEACTION APPROVE to accept or UPDATEACTION FPS MERCHANT DECLINE to reject Logging Transaction Information A record is maintained of all transactions executed on your account Use PayPal Manager to view the record and use the information to help reconcile your accounting records Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Logging Transaction Information Norte This record is not the official bank statement The activity on your account is the official record In addition it is strongly recommends that you log all transaction results except for check information on your own system At a minimum log the following data e PNREF called the Transaction ID in PayPal Manager reports e Transaction Date e Transaction Amount If you have any questions regarding a transaction use the PNREF to identify the transaction Fraud Protection Services User s Guide 63 Screening Transactions Using the Payflow SDK Logging Transaction Information 64 Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests This chapter describes the contents of a response to a credit card transaction request In This Chapter An Example Response String on page 65 Contents of a Response to a Credit Card Transaction Request on page 66 PNREF Value on page 67 RESULT Codes and RESPMSG Values on page 68
39. your merchant ID and USER is the same as VENDOR unless you created a Payflow Pro user All fields are case sensitive e Invalid Processor information entered Contact merchant bank to verify Allowed IP Address security feature implemented The transaction is coming from an unknown IP address See PayPal Manager online help for details on how to use Manager to update the allowed IP addresses e You are using a test not active account to submit a transaction to the live PayPal servers Change the host address from the test server URL to the live server URL 2 Invalid tender type Your merchant bank account does not support the following credit card type that was submitted 3 Invalid transaction type Transaction type is not appropriate for this transaction For example you cannot credit an authorization only transaction 4 Invalid amount format Use the format 4 Do not include currency symbols or commas 68 Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests a RESULT Codes and RESPMSG Values TABLE 8 2 Payflow transaction RESULT values and RESPMSG text Continued RESULT RESPMSG and Explanation 5 Invalid merchant information Processor does not recognize your merchant account information Contact your bank account acquirer to resolve this problem 6 Invalid or unsupported currency code 7 Field format error Invalid information entered See RESPMSG 8 Not a transaction server
40. 5 logging transaction information 47 62 logging transaction results 47 Merchant Plug in 32 O Observe mode 15 17 P PAREQ 32 PARES 32 Payflow parameters RESULT 73 PNREF 66 format of value 67 PNREF value 67 Product Watch List Filter 81 R recurring transactions 14 rejected transactions 20 rejecting transactions 22 RESPMSG 66 RESPMSG value 68 responses 54 credit card transaction 65 120 RESULT 66 RESULT value 68 RESULT values communication errors 73 Reviewed transactions 20 reviewing transactions 20 risk lists 78 S Shipping Billing Mismatch Filter 80 Y Test phase 15 testing 16 Buyer Authentication transactions 107 filters 95 Total Item Ceiling Filter 80 Total Purchase Price Ceiling Filter 79 transaction response PNREF parameter 67 RESPMSG parameter 68 RESULT parameter 68 transaction status values 21 transactions logging 62 rejecting 22 U Unusual Order Filters 79 USPS Address Validation Failure Filter 87 V Validate Authentication call 36 VERBOSITY parameter 54 Verify Enrollment call 26 33 X XID 32 XMLPay Buyer Authentication Service 33 Fraud Protection Services User s Guide Z ZIP Risk List Match Filter 87 Fraud Protection Services User s Guide 121 122 Fraud Protection Services User s Guide
41. 7 1 Parameters required by filter Filter Geo location Failure Good Lists International AVS International Shipping Billing Address International IP Address IP Address Risk List Match IP Address Velocity Product Watch List Shipping Billing Mismatch Required Transaction Data Customer IP address Billing address street address Billing address ZIP postal code Billing address state province Shipping address street address Shipping address ZIP postal code Shipping address city Shipping address state province Customer email address Credit card number Shipping address street address Shipping address ZIP postal code Billing address country Shipping address country Customer IP address Customer IP address Customer IP address Product SKU or other identifying information Billing address street address Billing address ZIP postal code Billing address state province Shipping address street address Shipping address ZIP postal code Shipping address city Shipping address state province Payflow Parameters CUSTIP STREET ZIP STATE SHIPTOSTREET SHIPTOZIP SHIPTOCITY SHIPTOSTATE EMAIL ACCT SHIPTOSTREET SHIPTOZIP COUNTRY COUNTRYCODE CUSTIP CUSTIP CUSTIP L_SKUn STREET ZIP STATE SHIPTOSTREET SHIPTOZIP SHIPTOCITY SHIPTOSTATE Fraud Protection Services User s Guide 51 52 Screening Transactions Using the Payflow SDK Trans
42. 796510 amp STATI Main St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTHighRiskCountryCheckReject amp VENDOR TESTHighRiskCountry CheckReject amp ZIP 60649 T IPCARRIER SHIPCARRIER amp SHIPMETHOD SHIPMETHOD amp SHIPTOCIT B T ET 123 CAS STR T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25031715 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject HighRiskCountryCheck ERROR 14 7 57 result 125 TRXTYPE A Fraud Protection Services User s Guide 97 Testing the Transaction Security Filters Email Service Provider Risk List Match Filter Email Service Provider Risk List Match Filter Pass in the specified e mail address TRXTYPE A amp ACCT 5105105105105100 amp AMT 8 1000 OOSBROWSERCOUNTRYCODE 203 amp BROWSERTIME 2 2 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY AD amp COUNTRYCODE AD amp CUSTIP 172 131 193 25 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 18 fraud asiamail com
43. A amp PROCCVV2 X amp TAVS N8PREFPSMSG Review More than one rule was triggered for ReviewsFPS PREXMLDATA 2898 lt triggeredRules gt lt rul num 1 gt lt ruleld gt 2 lt ruleld gt lt ruleAlias gt CeilingAmount lt ruleAlias gt lt ruleDescript ion gt Total Purchase Price Ceiling lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The purchase amount of 7501 is greater than the ceiling value set of 7500 lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter num 1 gt lt name gt CeilingValue lt name gt lt valu type USD gt 75 00 lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt rule num 2 gt lt ruleld gt 6 lt ruleId gt lt ruleAlias gt HighOrderNumber lt ruleAlias gt lt ruleDescri e D 58 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters ption gt Total ItemCeiling lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt 16 items were ordered which is over the maximum allowed quantity of 15 lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter num 1 gt lt name gt Value lt name gt lt valuetype Integer gt 15 lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt Remove text completely lt rulenum 3 gt lt ruleld gt 7 lt ruleld gt lt ruleAlias gt BillShipMismatch lt ruleA lias gt
44. Authentication Visa response values Name Value CARDSECURE Visa only CAVV validity Y Card issuer judges CAVV to be valid N Card issuer judges CAVV to be invalid X Cannot determine validity 44 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK CAEN ECI Values ECI Values TABLE 6 8 ECI values Merchant calculates ECI because Merchant Response to Response to cannot Description of Scenario Region TRXNTYPE E TRXNTYPE X ECI authenticate Visa Not Enrolled USA O N A 6 Y Visa Unable to determine USA X N A 7 Y enrollment Visa Verify Enrollment USA I N A 7 Y transaction error Visa Card Enrolled USA E Y 5 N Successful Authentication Visa Card Enrolled USA E A Contact Visato 6 N Authentication Attempted verify that this value is returned Visa Card Enrolled USA E N 7 Y Authentication Failed Visa Card Enrolled Unable USA E U 7 Y to Authenticate Visa Card Enrolled Error USA E F 7 Y in transaction MasterCard Not Enrolled WORLD O N A 1 Y MasterCard Unable to WORLD X N A 1 Y determine enrollment MasterCard Verify WORLD I N A 1 Y enrollment transaction error MasterCard Card Enrolled WORLD E Y 2 Y Successful Authentication MasterCard Card Enrolled WORLD E A should never 1 Y Authentication Attempted occur MasterCard Card Enrolled WORLD E N 1 Y Authentication Failed MasterCard Card Enrolled WORLD E U 1 Y Unable to Authenticate Mas
45. COMMENTI DESC CUSTREF PONUM Line Item each item is appended with the line item number L COSTO L_UPCO L QTY0 L DESCO L_SKUO L_TYPEO Response Strings for Transactions that Trigger Filters In the response string to a transaction that triggered filters you have the option to view either a summary statement or a detailed list of each triggered filter s response The response depends on your setting for the VERBOSITY parameter in the transaction request 54 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters e VERBOSITY LOW This is the default setting for Payflow Pro accounts The following values described in Payflow Pro Developer 5 Guide are returned RESULT PNREF RESPMSG AUTHCODE AVSADDR AVSZIP CVV2MATCH IAVS CARDSECURE The following values are specific to Fraud Protection Services TABLE 7 3 Low VERBOSITY parameters Parameter Description RESULT See RESULT Values Specific to Fraud Protection Services on page 37 PREFPSMSG Preprocessing Fraud Protection Services messages These apply to all filters except AVS Failure Card Security Code Failure and Custom Filters POSTFPSMSG Postprocessing Fraud Protection Services messages These apply to the following filters only AVS Failure Card Security Code Failure and Custom Filters e VERBOSITY MEDIUM Returns all of the values returned for a LOW setting
46. E Attempt authentication VA AUTH_STATUS A Successful signature verification Card not enrolled VE AUTH_STATUS 0 Can not verify card enrollment VE AUTH_STATUS X Card eligible for authentication VE AUTH_STATUS E User cancelled authentication by clicking the Cancel button on the ACS page Card enrolled for authentication VE AUTH_STATUS E Unable to authenticate VA AUTH_STATUS U Successful signature verification Card enrolled VE AUTH_STATUS E VA transaction error VA AUTH_STATUS F Merchant not registered for this feature or is deactivated merchant authentication failure Test Account Number 5100000000000008 5200000000000007 4000000000000002 4000000000000101 5100000000000008 5200000000000007 4000000000000002 4000000000000101 4111111111111111 5105105105105100 4000000000000507 5555555555554444 4012888888881881 5100000000000008 5200000000000007 4000000000000002 4000000000000101 5300000000000006 4000000000000309 5500000000000004 Any valid MasterCard or Visa account number Fraud Protection Services User s Guide Testing Buyer Authentication Transactions Using the Payflow SDK Expected Result Codes for Buyer Authentication Expected Result Codes for Buyer Authentication IMPORTANT All returned name value pairs for transactions with the Buyer Authentication Server include length tags Length tags specify the exact number of characters and spaces that appear in the value For ex
47. ESPMSG APPROVED amp AUTHCODE 123456 amp AVSADDR Y amp A VSZIP N amp IAVS Y amp CVV2MATCH Y amp CARDSECURE Y e CAVV Is Invalid RESULT 0 amp PNREF VXYZ01234567 amp RESPMSG APPROVED amp AUTHCODE 123456 amp AVSADDR Y amp A VSZIP N amp IAVS Y amp CVV2MATCH Y amp CARDSECURE N Buyer Authentication Transaction Parameters and Return Values The Buyer Authentication server accepts the parameters listed in this section This section also describes expected return values for buyer authentication transactions Note Be sure to follow the guidelines for specifying the parameters Standard Payflow parameters parameters that you can pass for reporting purposes as well as return values are described in Payflow Pro Developer s Guide Transaction Parameters In the following tables ANS indicates alphanumeric special characters the set of alphanumeric characters plus characters like Verify Enrollment Transaction Name Value Pairs TABLE 6 2 Verify enrollment parameters Max Name Description Type Length TRXTYPE E 1 VENDOR Vendor name USER User name PARTNER Partner name PWD Vendor s password ACCT PAN card number EXPDATE Expiration mmyy AMT Decimal Amount 40 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK CAEN Buyer Authentication Transaction Parameters and Return Values TABLE 6 2 Verify enrollment p
48. ESPMSG Declined by Fraud Service amp PREFPSMSG Reject InternationalOrder ERROR 15 0 24 result 125 TRXTYPE A Fraud Protection Services User s Guide 101 102 Testing the Transaction Security Filters IP Address Match Filter IP Address Match Filter TRXTYPI 12348BI LTOSTR T E ASACCT 510510510510510086AMT 6 75 008BILLTO ET2 8BROWSERCOUNTRYCODE 20386BROWSERTIME 22 July 11 2002 12 12 128BROWSERUSERAGENT BROWS rules amp COUNTRY US amp CUSTIP 172 ASTNAME L UPCO 1 12346 amp PON TY No City amp COUNTRYCO SHIPTOMI 1236 amp SHI Road amp SHI Road BIL 1 astName amp L COST0 11 131 3456 amp EMAIL 21 lLastName paypal com amp EXPDATE 1209 amp FIRSTNAMI PHONE2 650 555 T ERUSERAGENT amp CITY No City amp COMMENT1 Test to trigger 193 25 amp CUSTREF CUSTREF amp D ESC DESC amp DL CA111111 amp DOB CA12 116 E FirstName amp FREIGHTAMT 1 11 amp L DESCO L_DESCO amp L QTY0 1 amp L UPCO amp MIDDLENAME Z amp ORD ERTIMEZONE 1 amp PARTN DE US amp SHIPTORMATL UM PONUM amp PWD password1 amp SHI PCARRIER SHIPCARRIERE amp S DDLENAME amp SHI PTOPHON TOS PTOSTATE CA amp SHIPTOST PTOSTREET2 amp SHIPTOZI REET2 amp TAXAMT 1 01 amp TENDER C am
49. Failed to connect to host Failed to resolve hostname Failed to initialize SSL context Parameter list format error amp in name Parameter list format error invalid name length clause SSL failed to connect to host SSL read failed SSL write failed Proxy authorization failed Timeout waiting for response Select failure Too many connections Failed to set socket options Proxy read failed Proxy write failed Failed to initialize SSL certificate Host address not specified Invalid transaction type Failed to create a socket Failed to initialize socket layer Parameter list format error invalid name length clause Parameter list format error name Failed to initialize SSL connection Invalid timeout value The certificate chain did not validate no local certificate found The certificate chain did not validate common name did not match URL Unexpected Request ID found in request Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests e RESULT Codes and RESPMSG Values TABLE 8 3 RESULT values for communications errors Continued RESULT Description 41 Required Request ID not found in request 99 Out of memory 100 Parameter list cannot be empty 103 Context initialization failed 104 Unexpected transaction state 105 Invalid name value pair request 106 Invalid response format 107 This XMLPay version is not supported 108 The server certificate chain did not valida
50. LLIpxxy22 n e Z 0 Hc UBP1VT3ib3YdgYnmzUjCaHu0zKb eugCFZW 3Zs1gdhPUOhFEmp7rrZbK U3jPK1nLOUHrik3YT OROYbMJ3 simfDbtct W9DRRPMoYWyPft8HSpCEQ2T1lgCEmYnVLCUKVTT5Sf KZIsbb J NtzZzO4gAlux HsczhcRtdIQR43cQ0jwAugT3Z02S1JCb1skZ1zs7Nk81LizKbKOHfwv6Q0fB 7M2Dq5SAkHZhmvV2 zRjtNhS1NHekbc K3eldmxa0eDzJ4h7 7MFHOOF0iZ7kqXD1pAhWgPRSSpA oDjhvOdB1Pk3V7n aZufoEr8m07cHyHnPHAL11POSdj PPuRef41yE Oz 7BThEN2 7rc4qyYVrXiP64rvBM7ZLveePU1L8F ndvdxgPudj 90hf5Hm3 847dv cdwmnBxo2 1 BDHAPQUABm0cC9zNR9qM j 2N iusSqhkL6TMLgsn yx4k7W7vbMFO Z01iBwzD cO85J3bapBtpgqSW7Vf8 rmZasmvmj 1rihxXN35SQze6BSnn0J2cqg31 V DqPdPwUcA0c3ZNDW ez1k97U238g3tyR9i2LbaDHlcarzDYNyT2yaDDbf 9xTDoe 9dQOFwLLu4 ZifvBsFdeJpbtbt8FnSM9mLoal 64dj Umer5i80k30HKwtFtch7 sVWdYPXTsFlu3r2kslyGj Hz XC IkSx5UEjyYUilLR2k86agBYq71e9k050uH kwWGI4SR7i6elI7bEpTFfz 90GvdYbDupKaPbn6 dFetH rEOpBbTbRgqnxS ywR BdZIFh3al2R7GcQ1j XoAowPWts8ByBrq0c3758K4FhOcb8U GzxsS WSMctLaNQaC8rz1YGvrW73Q09PA tLYz mwfXG8 Me5 sE zmkgsPdv2te417sHOe5dR3suu8 7N WvsWIqF1qFr6leYmYRzEHrXYBrncMgdkZb5otAHOL6D zx7yJn7fWhrkR6uKW rTXAtcz 6wx15k kYGXNGsR2 95ennIp8t qO mphNvxXYIDU ks020ePKC1dH14s0 w6zm0 b34H1HLgVt MwCSCAjk FnD32SKhGW mCouHfbub98AcsntrA2elah0IgcigqbcHh3iPf9siUQITtwO0VfiMD9hg7AKDPBsGPY Ix11gghitpDgGFol 9EE0QZNC 9wOet zioFwIWmj7yb21UdwDZWol 9dqsLXJdNsId LN9x3 k3 0fGt 4Y0Z3 EpCmOT pMnX3MU qTINelESnn51Fen5Xx86dnGsO0pZ2XWT0u1FANgarRZJOJix nB4uN nExiKXvETi1ZhJ5g 3Cghd3YHTPJI Nsdp y
51. OUNTRYCODE 2 03 amp CUSTIP 255 255 255 255 amp CUSTREF CUSTREF amp DESC D ESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FREIGHTAMT 1 11 amp LASTNAME Johnson amp L_COST0 11 11 amp L_DESCO L_DESC0 amp L_QTY0 66L SKUO L_SKU 0 amp L TYPEO L_TYPEO amp L UPCO L UPCOSMIDDLENAME Z amp ORDERTIMEZONE 1 amp PARTNER PayPa1 amp PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testingl1 amp SHI PCARRIER SHI PCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y SHIPTOCITY amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPT OLASTNAME SHI PTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHIT PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHI PTOSTREET SHIPTOSTREET amp SHIPTOSTR 2 amp SHIPTOZIP 11111 amp 8SS 565796510 amp STATE CA amp STREET 123 Main St amp TAXAMT 1 01 amp TENDER C amp USER TESTHighOrderNumberRej ect amp VENDOR TESTHighOrderNumberRe j ect amp ZIP 11111 Gl T ET2 123 S IPTOSTREET T T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25030952 amp RESPMSG Declined by Fraud
52. PayPal Payflow Pro Fraud Protection Services User s Guide For Professional Use Only Currently only available in English A usage Professional Uniquement Disponible en Anglais uniquement pour l instant Last updated June 2008 Payflow Pro Fraud Protection Services User s Guide Document Number 200011 en_US 200806 2008 PayPal Inc All rights reserved PayPal is a registered trademark of PayPal Inc The PayPal logo is a trademark of PayPal Inc Other trademarks and brands are the property of their respective owners The information in this document belongs to PayPal Inc It may not be used reproduced or disclosed without the written approval of PayPal Inc Copyright PayPal All rights reserved PayPal S r l et Cie S C A Soci t en Commandite par Actions Registered office 22 24 Boulevard Royal L 2449 Luxembourg R C S Luxembourg B 118 349 Consumer advisory The PayPal payment service is regarded as a stored value facility under Singapore law As such it does not require the approval of the Monetary Authority of Singapore You are advised to read the terms and conditions carefully Notice of non liability PayPal Inc is providing the information in this document to you AS IS with all faults PayPal Inc makes no warranties of any kind whether express implied or statutory with respect to the information contained herein PayPal Inc assumes no liability for damages whether direct or indirect
53. SG 2 OK Fraud Protection Services User s Guide 37 38 Performing Buyer Authentication Transactions Using the SDK Example Buyer Authentication Transactions Example Verify Enrollment Transaction Use TRXTYPE E to submit a Verify Enrollment request transaction The following is an example name value pair parameter string TRXTY PE E amp ACCT 5105105105105100 amp AMT 19 25 amp CURRENCY 8 40 amp SEXPDATE 1206 amp PARTN R PayPal amp PWD p12345 amp VENDOR SuperMerchant amp USER SuperMerchant Fa Example Verify Enrollment Response If the cardholder is enrolled the verify enrollment response contains PAREQ and ACSURL parameters These are used to direct the cardholder to their Issuer Web site to perform authentication Cardholder is enrolled in 3 D Secure program RESULT 1 0 amp RESPMSG 2 OK amp AUTHENTICATION ID 20 f43669e4921cf8b504c4 amp AUTHEN TICATION STATUS 1 E amp PAREQ 428 eJxVkulugjAUhm FeAH0A3Bozpr48WP 2GK23UA9HJV ECpYy9 e7XCkzXkPS8fcvD6Vvg 21J11 EnSUF79S2 kBRWbxO9mkync4onUmB 3yX8RTTiYLt4p POCN7ItmVt1Ih5LIGNOhMsHrVxC3jSel5sPJcMANiioyG7WSgwDWK B6IrUkloXrfTpVIqDn20Rr eqq0eYG704D1p1x9qby LAMbBXT2pI7ONXPGLpdLvPMU7CHOGTHWEbDCwB9ijuWO0XgtYzr2Whpitd FEWO1GOWU0 6U7 f OHggOFdqQk5wmXIokEn3M5T1Jg93XQVWhCiVksM3 GXkET4IVRCs7zCvioLRk cj zEqoGtTG 17f Fx NRTUom9 9mB59r 95CxOh8epngzw8 Pad NgLSKJ6 InWg8Ir7HhDtlw3b7 69x v8AhQarWM 8 ACSURL 66 http pilot buyerauth post verisign com
54. STREET 123 EJ T T T Expected Response Message resp mesg RESULT 125 amp PNREF VBCA25032988 amp RESPMSG Declined by Fraud Service amp AUTHCODE 8 90 PNI SAVSADDR Y amp AVSZIP Y amp AVS Y amp PREFPSMSG No Rules Triggered amp POSTFPSMSG Reject InternationalAVS ERROR 15 30 41 result 125 TRXTYPE A International IP Address Filter Pass in the specified IP address El TRXTYPE A8ACCT 510510510510510086AMT 8 1000 008BROWSERCOUNTRYCOD 2 July 11 2002 12 12 128BROWSERUSERAGENT BROWSERUSERAGENTECITY Campbells sCOMMENT1I Automated testing from AdminTestergCOUNTRY US8COUNTRYCODE USECUSTIP 194 213 32 2208CUSTREF CUSTREF8 DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 18 fraud asiamail com amp EXPDATE 1209 amp FIRSTNAME John amp FR EIGHTAMT 1 11 amp LASTNAME Johnson amp L_COSTO 11 11 amp L DESCO L DESCO L QTY0 1 amp L_SKUO L_SKUO amp L _TYPEO L_TYPEO amp L UPCO L_UPC0O amp MIDDLENAME Z amp ORDERT IME ZONE 1 amp PARTNER PayPal PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testingl amp SHIPCARRIER SHIPCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y Mountain View amp SHIPTOEMAIL 18 fraud asiamail com amp SHIPTOFIRSTNAME SHI PTOFIRSTNAME amp SHI PTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 I T 2 03 amp BROWSERTIME 2
55. SULT 1 0 amp RESPMSG 2 OK amp AUTHENTICATION ID 20 8d4d5ed66ac6e6faac6d amp AUTHEN TICATION STATUS 1 Y amp CAVV 28 OTJ1MzViODhiOT11MjBhYmVkMGU SECI 1 5 amp XID 28 YjMOYTkwNGFkZTI5YmZmZWE1ZmY Displaying the ACS Form The Issuer ACS page presents transaction information to the cardholder Visa MasterCard require that the HTML page for displaying the ACS form must be presented in an in line frame set This window must occur within the same browser session as your e commerce transaction The window should have the following browser independent attributes width 390 minimum height 400 minimum resizable no scrollbars yes toolbar no location no directories no status yes menubar no Example Payflow Authorization or Sale Transaction The Buyer Authentication Service supports only Authorization and Sale transaction types The name value pairs that you submit with the intended Payflow transaction depend upon whether the cardholder is enrolled in the 3 D Secure program as follows Cardholder Enrolled in 3 D Secure Program You perform the intended transaction using the standard name value pairs plus the values returned to the Validate Authentication transaction AUTHENTICATION _ID AUTHENTICATION STATUS CAVV XID and ECI The following is an example name value pair parameter string TRXTYPE S amp TENDER C amp PARTNER PayPal amp VENDOR SuperMerchant amp USER SuperMerchant amp PWD x1 y2 23 amp ACCT
56. Submit the intended transaction request to the Payflow server on page 36 Testing and Activating the Service 1 Make these other required UI modifications Payment page pre messaging The example text shown below and in the red boxes in the figure must appear on your payment page to advise the customer that authentication may take place Example text in Learn More box on the left e Why am I being asked for a password to use my credit card e Can I purchase a car rantal for someone else using my credit or debit card e Can I add drivers to my reservation More questions Example text in reminder After you check the Purchase button your transaction will be processed For your security Verified by Visa may ask you for information on the next page Norte Buyer Authentication can only be activated when Fraud Protection Services is live 28 Fraud Protection Services User s Guide Activating and Configuring the Buyer Authentication Service bo Testing and Activating the Service feck youl ve ad mn us bog tet shii bere O tir acct O customer core Select your payment option Please coreballa review the tnp pou have selected PLEASE MOTE Fe cere of Tie far rerna Comparer wel be shpat shiy dhar pew bup tam iz aa S day roria at weakly pute ma pon r TDA Taseqae dual eS s a van few 22 5004 p ie sa we 99 nn Fei Asg 17 2000 Totas Pree 711 54 EAI i tens Dime r
57. T BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY 203 amp CUSTIP 66 218 71 93 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FREIGHTAMT 1 11 amp LA STNAME Johnson amp L_ COSTO 11 11 amp L DESCO L DESCOSL OTYO 1 amp L SKUO L_ SKUO amp L TYPEO L_TYPEO amp L _UPCO L_UPC0 amp MIDDLENAME Z amp ORDERT IMEZONE 1 amp PARTNER Pa yPal PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHIPCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y No City amp COUNTRYCODE 203 amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNA ME amp SHIPTOLASTNAME SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 11111 amp SS 565796510 amp STATE CA amp STREET 123 Main St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTHighRiskBinCheckRej ect amp VENDOR TESTHighRiskBinCheckRej ect amp ZIP 11111 T T T E E
58. TUS ECI Fraud Protection Services User s Guide 115 Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures 116 Fraud Protection Services User s Guide Deactivating Fraud Protection Services This appendix describes the process of deactivating Fraud Protection Services Deactivating Fraud Protection Services removes the Security menu and Transaction Review functions making it impossible to settle transactions Therefore before deactivating the service you must first perform the following steps 1 Turn off filters so that no new transactions are sent to the Fraud review queue Clear the queue of transactions awaiting review by deciding to accept or reject them 2 3 4 Print hard copies of your audit trails as a permanent record Once you have completed steps 1 through 3 call Customer Service to request deactivation PayPal deactivates the service Any remaining transactions settle normally Fraud Protection Services User s Guide 117 az Deactivating Fraud Protection Services 118 Fraud Protection Services User s Guide Index A Accepted transactions 20 Account Number Velocity Filter 86 Active mode 15 APIs documentation 49 downloading 49 AUTHCODE 66 authentication status 32 AVS Failure Filter 81 AVSADDR 66 AVSZIP 67 B BIN Risk List Match Filter 86 Buyer Authentication examples 37 logging results 47 parameters 40 testing transactio
59. The Accept filters do not reduce risk Good Lists What does the filter do This filter compares the customer s e mail address and credit card number against lists that you create of addresses and numbers for known good customers You create the lists Any transaction for which the e mail address or credit card number is an exact match with an entry in one of your good lists is accepted and no other filters are applied Enter only numerals in the credit card number list no spaces or dashes NoTE Unlike the Risk lists that PayPal manages you solely manage and update the Good Lists Items that you enter in the test Good lists are not carried over to your configuration for the live servers so do not spend time entering a complete list for the test configuration If you activate this filter then you must set up lists of good email addresses and good card numbers Be sure to type the e mail addresses and credit card numbers accurately Fraud Protection Services User s Guide 93 Fraud Filter Reference Custom Filters IMPORTANT The Good Lists do not authenticate individuals If a fraudster were to steal e mail addresses or credit card account numbers from this list then they would be able to bypass the filter How does the filter protect me To ensure that loyal repeat customers are not held up by your fraud review process you may want to create lists of e mail addresses and card numbers that should be accepted This ensures
60. Transactions Against Filter Settings on Test Transaction Security Servers 16 Phase 2 Run Live Transactions on Live Transaction Servers in Observe Mode 17 Phase 3 Run All Transactions Through the Live Transaction Security Servers Using Active Mode oa as Bai aaa a a as a a cee Pee 2 18 Chapter 4 Assessing Transactions that Triggered Filters 19 Reviewing Suspicious Transactions 00 00 eee ee ee 19 fo Content Acting on Transactions that Triggered Filters 0 22 Rejecting Transactions o 22 Fine tuning Filter Settings Using the Filter Scorecard 22 Ensuring Meaningful Data on the Filter Scorecard 23 Re running Transactions That Were Not Screened 2 24 Chapter 5 Activating and Configuring the Buyer Authentication Service 25 Building Customer Confidence 00002 eee eee 25 Enrolling for the Buyer Authentication Service 0 25 Downloading the Payflow Including APIs and API Documentation 25 Configuring Buyer Authentication 0 00002 eee 26 Generate Transaction Request Software eee 27 Testing and Activating the Service 2 2 0 e e o 28 Chapter 6 Performing Buyer Authentication Transactions Using the SDK31 Testing the Buyer Authentication Service 0 e
61. U 7 F 8 Procedure Direct the Validate Authentication transaction TRXTYPE Z to the test buyer authentication server pilot buyerauth verisign com Use the PARES value from the ACS return POST or use the example value that appears on page 114 IMPORTANT To avoid format errors the submitted PARES value should be a single line with no carriage returns check especially at the end of the message For this call you must use the pfpro_file exe script do not use the pfpro exe client Save the Validate Authentication transaction in a file and then use the pfpro_file script to send the request to the test Buyer Authentication server Example Validate Authentication transaction TRXTY PE Z amp PARTNER PAY PAL amp PWD p 12345 amp VENDOR SuperMerchant amp USER SuperMerchan t amp PARES 3648 eJzdWFmTokoW isdPW9T0c3iUnLDNiKTXQUrWYU3N1 1EUUBAfv0kW11191TPX ebhTowRBpmHkyfPfr5gbiR1FHF6FFZKaDFXoqry4uhTGn77PAvH4SOKp1MvmEbTnYcf4efF AVo UXVj2HD7X3WCzskU0s1kGr9sorJKi OC kp pebE9y2RF3F6xNLLIPGO9IWLuBWcoqwtq M2J193 gEJUydyfe6Pf9nHg 931ZVhXWtEvDxeliY9 gorB3DXniHNyDa 0Ue3C zYmBYx56dbSgSsXJE kkpX27a3 0P6ATMpQOGWIn12WoZbuHePyp FUgxyFTX1gV51 3 Mqjde 12HNL3jbaw 0qgfe7Qw9 G3cKgt20dvtTspJP12eyuRwOnbr9JKdp6eVP1u3xUyaKN1lqYzVksB9vKCe6kgR1V4qfUJP13vSW 190KuSbn5zpK0ouzXl9mNfoARhDv30q1t 8n719Wbh9fb5 Eh F3 5 K wWCuWoXx Fraud Protection Services User s Guide 113 Testing Buyer Authentication Transactions Using
62. action Parameters Unique to the Filters TABLE 7 1 Parameters required by filter Filter Total Item Ceiling Total Purchase Price Ceiling Total Purchase Price Floor USPS Address Validation Failure ZIP Risk List Match Required Transaction Data Total quantity Total amount Total amount Billing address street address Shipping address street address Billing address ZIP postal code Shipping address ZIP postal code Payflow Parameters Total of QTY for all line items within the transaction Total of AMT for all line items within the transaction Total of AMT for all line items within the transaction STREET SHIPTOSTREET ZIP SHIPTOZIP Transaction Parameters Unique to the Filters The Payflow server accepts the parameters listed in this section Standard Payflow parameters parameters that you can pass for reporting purposes and return values are described in Payflow Pro Developer s Guide TABLE 7 2 Parameters accepted by the Payflow server Max Name Description Type Length Example BILLTOSTREET2 Extended billing address Alpha 30 Apt 107 numeric String BILLTOPHONE2 Alternative Phone Numeric 20 0119120513621 Number for the billing String 6104463591 contact SHIPTOSTREET2 Extended shipping String 30 Bldg 6 Mail Stop 3 address SHIPTOPHONE Primary Phone Number String 20 0119120513621 for the shipping contact 6104463591 SHIPTOPHONE2 Primary Phone Number String 20 0119120513621
63. amp BROWSERTIME 2 2 July 11 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY US amp COUNTRYCODE USA amp CUSTIP 66 218 71 93 amp CUSTREF CUSTREF amp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FRE IGHTAMT 1 11 amp LASTNAME Johnson amp L_COSTO 11 11 amp L DESCO L DESCO L QTY0 1 amp L_ SKUO L_SKU0 amp L TYPEO L_TYPEOQ amp L UPCO L_UPC0O amp MIDDLENAME Z amp ORDERT IME ZONE 1 amp PARTNER PayPa1 amp PHONENUM 650 555 0123 amp PONUM PONUM amp PWD testingl amp SHIPCARRIER SHIPCARRI Y No City amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHI PTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 00101 amp SS 565796510 amp STAT Main St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTInternationalAVSReject amp VENDOR TESTInternationalAVSRej ect amp ZIP 00101 T z THOD amp SHIPTOCIT sal R amp SHIPMETHOD SHIPM CA amp
64. amp EXPDATE 1209 amp FIRSTNAME EIGHTAMT 1 11 amp LASTNAME Johnson amp L_COST0 11 11 amp L DESCO L DESCO L OTYO 18L SKUO L_SKUO amp _TYPEO L TYPEOS L UPCO L UPCOSMIDDLENAME Z8ORDERTIMEZONE 1 amp PARTNER PayPal PHONENUM 650 399 0123 amp PONUM PONUM amp PWD testing1 amp SHI PCARRIER SHIPCARRIER amp SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y No City amp SHIPTOEMAIL 18 fraud asiamail com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHI PTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 60649 amp SS 565796510 amp STATE CA amp STR Main St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTHighRiskEmailCheckReject amp VENDOR TESTHighRiskEmailChec kReject amp ZIP 60649 T T T ET 123 T T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25031907 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject HighRiskEmailCheck ERROR 14 20 5 result 125 TRXTYPE A
65. ample RESPMSG 2 OK The following Result Codes RESULT return values are associated with the Buyer Authentication Service The full list of Result Codes appears in RESULT Codes and RESPMSG Values on page 68 TABLE C 2 Buyer Authentication Service Result codes Result Code Description 0 Successful 3 Invalid transaction type 4 Invalid amount 7 Field format error 23 Invalid or missing account number 24 Invalid or missing expiration date 1001 Service unavailable 1002 Transaction timeout 1003 Invalid client version 1004 Invalid timeout value 101 Service unavailable 1012 Service unavailable 1013 Service unavailable 1014 Merchant has not activated buyer authentication for this card type 1021 Invalid card type 1022 Invalid or missing currency code 1023 Merchant has not activated buyer authentication for this card type 1041 Validate Authentication failed missing or invalid PARES 1042 Validate Authentication failed PARES format is invalid 1043 Validate Authentication failed Cannot find successful Verify Enrollment 1044 Validate Authentication failed Signature validation failed for PARES Fraud Protection Services User s Guide 109 Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures TABLE C 2 Buyer Authentication Service Result codes Result Code Description 1045 Validate Authentication failed Mismatched or invalid amount in PARES 1046 Validat
66. arameters Max Name Description Type Length CURRENCY Required ISO 3 number Currency Code The code for US dollars is 840 PUR_DESC Optional purchase description Verify Enrollment Return Values TABLE 6 3 Verify Enrollment response values Max Name Description Type Length RESULT 0 successful transaction otherwise integer 1 error See RESULT Codes and RESPMSG Values on page 68 RESPMSG Error description if result is not 0 See ANS 256 RESULT Values for Transaction Declines or Errors on page 46 AUTHENTICATION_ID Unique identifier for this VE event ANS 64 Value returned only for valid requests AUTHENTICATION STATUS Value returned only for valid requests alpha 1 E Card Enrolled O Card Not Enrolled X Unable to determine I Verify Enrollment request failed PAREQ PAREQ Value returned ANS 1024 only if AUTHENTICATION _STATUS E ACSURL ACS URL Value returned only if ANS 256 AUTHENTICATION _ STATUS E ECI Initial ECI value returned integer 1 Value returned only for valid requests Fraud Protection Services User s Guide 41 az Performing Buyer Authentication Transactions Using the SDK Buyer Authentication Transaction Parameters and Return Values Validate Authentication Transaction Name Value Pairs TABLE 6 4 Validate Authentication parameters Max Name Description Type Length TRXTYPE Z alpha 1 VENDOR Vendor name USER User name PARTNER Partner name PWD Merchant s password PARES The com
67. as triggered for Review amp FPS POSTXMLDATA 682 lt triggeredRules gt lt rulenum 1 gt lt ruleld gt 1 lt ruleld gt lt ruleAlias gt AVS lt ruleAlias gt lt ruleDescription gt AVS Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt AVS check failed Full Security lt triggeredMessage gt lt rulevendorparms gt lt ruleParameternum 1 gt lt name gt Val ue lt name gt lt valuetype String gt Full lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt Remove text completely lt rulenum 2 gt lt ruleld gt 23 lt ruleld gt lt ruleAlias gt CcsCFailure lt ruleAlias gt lt ruleDescription gt CSC Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt CSC check failed returned X lt triggeredMessage gt lt rulevendorparms gt lt ruleParameternum 1 gt lt name gt Value lt nam e gt lt valuetype String gt Full lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt triggeredRules gt 60 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters RESULT 12 6 amp PNREF VFHA28 926593 amp RESPMSG Under review by Fraud Service amp AUTHCODE 0 41 PNI amp AVSADDR Y amp AVSZI P N amp CVV2MATCH X amp HOSTCODE A amp PROCAVS A amp PROCCVV2 X amp IAVS N amp PREFPSMSG Review More than one rule was triggered for Review
68. ation transaction ECI E Commerce Indicator The ECI value indicates the level of security supported by the merchant when the cardholder provided the payment card data for an Internet purchase When returned in a buyer authentication response it is determined by the issuing bank Authentication Key component in the 3 D Secure protocol A server run by card issuer Status performing functionalities of enrolling a card for 3 D Secure verifying card enrollment and authenticating cardholder and issuing a digitally signed payment authentication response PARES 32 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK em Buyer Authentication Server URLs Buyer Authentication Server URLs IMPORTANT URLs listed here are used only for buyer authentication transactions Verify Enrollment TRXNTYPE E and Validate Authentication TRXNTYPE Z e The production Buyer Authentication server URL is buyerauth verisign com e The test Buyer Authentication server URL is pilot buyerauth verisign com Detailed Buyer Authentication Transaction Flow A buyer authentication transaction involves the following four program calls Examples of exact syntax appear in Example Buyer Authentication Transactions on page 37 Note XMLPay uses the VerifyEnrollment transaction for Call 1 Call 1 Verify that the cardholder is enrolled in the 3 D Secure program For the Verify Enrollment call VerifyEnrollm
69. c ription gt Geo Location Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt GeoLocation difference Bill Address and IP GeoLocation difference Ship Address and IP lt triggeredMessage gt lt rule gt lt rul num 9 gt lt ruleId gt 8 lt ruleId gt lt ruleAlias gt NonUSIPAddress lt ruleAlias gt lt ruleDescrip tion gt International IP Address lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The IP address is from CZ lt triggeredMessage gt lt rule gt lt rul Fraud Protection Services User s Guide 61 62 Screening Transactions Using the Payflow SDK Accepting or Rejecting Transactions That Trigger Filters num 10 gt lt ruleld gt 41 lt ruleld gt lt ruleAlias gt HighRiskFreightCheck lt ruleAlias gt lt rul eDescription gt Freight Forwarder Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt High risk freight forwarder lt triggeredMessage gt lt rule gt lt triggeredRules gt amp POSTFPSMSG Review More than one rule was triggered for Review amp FPS POSTXMLDATA 682 lt triggeredRules gt lt rul um 1 gt lt ruleld gt 1 lt ruleld gt lt ruleAlias gt AVS lt ruleAlias gt lt ruleDescription gt AVS ailure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt AVS check ailed Full Secu
70. caused by errors or omissions or resulting from the use of this document or the information contained in this document or resulting from the application or use of the product or service described herein PayPal Inc reserves the right to make changes to any information herein without further notice Preface Chapter Content 9 Intended Audience a a a a 9 Document Conventions 2 2 9 Document Organization s s ic e cee iata eaa a a a a e 9 Gustomer Service sa s euls a akai e aaa a e aa ea a a ea 10 Revision History 2 toaa taa ea saa aa A A 10 1 Overview 5 6 2 6 6 Gh aa a sa a Growing Problem of Fraud aa esa asdasd e 11 Reducing the Cost of Fraud s o s e ee pce a dea a e E e D E a A 11 Chapter 2 How Fraud Protection Services Protect You 13 The Threats ca e dun aoi unid o Rd de a a A a ae 13 FlackINO 4 fe ads Se ance a A AA a ee a 13 Credit Card Fraud 13 Protection Against the Threats Fraud Filters 0 13 Example Filter 2 o 14 Configuring the Filters 0 a 14 Reviewing Suspicious Transactions 00000 ee eee 14 Special Considerations a a a a a 14 Merchants With an Instant Fulfillment Model 14 Merchants using the Recurring Billing Service 0 14 Chapter 3 Configuring the Fraud Protection Services Filters 15 Phase 1 Run Test
71. ction Data Required by Filters Downloading the Payflow SDK Including APIs and API Documentation on page 49 provides the full list for each filter of each transaction value that you must send to Payflow Pro For example to ensure that the Total Item Ceiling filter can screen an order you must provide the total number of items that make up the order Unusual Order Filters Unusual Order Filters identify transactions that exceed the normal size for your business Because fraudsters might not feel limited in their purchasing power they sometimes place orders that are much larger than the norm Total Purchase Price Ceiling Filter What does the filter do This filter compares the total amount of the transaction including tax shipping and handling fees to the maximum purchase amount the ceiling that you specify The specified action is taken whenever a transaction amount exceeds the specified ceiling IMPORTANT The Maximum amount per transaction setting in the Account menu controls all transactions even those that are less than or exceed the Total Purchase Price Ceiling filter How does the filter protect me An unusually high purchase amount compared to the average for your business can indicate potential fraudulent activity Because fraudsters are not paying with their own money they are not price sensitive Fraud Protection Services User s Guide 79 Fraud Filter Reference Unusual Order Filters Total Item Ceilin
72. d wre etansa Consumer Messaging abi Learn More de pa de ont links g After yau slick the Perthese istina peur reminder tentacion atti ba prasote Per your security Verised by Vina mop aob yoe Ffar minrmaailtms be IDe sest page Failure messaging The example text in the red box handles cases where customers cannot successfully authenticate themselves The text requests another form of payment Fraud Protection Services User s Guide 29 Activating and Configuring the Buyer Authentication Service Testing and Activating the Service Consumer Messaging for Failed Authentication Please submit new form of payment Dricture mabe tehets Matel Reservalons Lar Rentals Onceurt travel Deals Last Minute Micoselt Internet EAST ltl x Go Yt yow Poote Ink ipp E o Huty gt DD Qe ire Bree Y DA Agress EN rre wn hotare carr am cortrm sp oe Gonge J ewan Y SE Eoma oars Fie A e Cheap a h m peuive logan to Ory Account O Customer Core Flight miS Select your payment option wira Tarma of Uza Please caretully review the trip you have selected PLEASE NOTE Your Sight bree and arine name wil be shown oniy after your purchase is OLITE Please correct the Following helds s What Ome mi ms fights depart and We were unable to complete pour booking Hesse correct the credit card details below arrive Why am being eske pass rede card an 1 make Depart CLE Clev
73. d The Fraud Protection Services User s Guide 31 az Performing Buyer Authentication Transactions Using the SDK Buyer Authentication Terminology issuing bank authenticates the customer s identity by returning a payer authentication response value to your program 3 Your program then validates the authentication response 4 Ifthe authentication data is valid then your program submits a standard Payflow authorization or sale transaction that includes the buyer authentication data Note The Buyer Authentication Service supports only Sale and Authorization transaction types Buyer Authentication Terminology The following terms are used in this chapter TABLE 6 1 Buyer Authentication terminology Term Definition MPI The Merchant Plug in software component that implements merchant s client functionalities in 3 D Secure protocol The 3 D Secure server at https buyerauth com DDDSecure MerchantPlug In implements MPI s specification as a payment gateway PAREQ The Payer Authentication Request message that you send to the issuing bank s buyer authentication page PARES Payer Authentication Response digitally signed by the issuing bank CAVV Cardholder Authentication Verification Value The value generated by card issuing bank to prove that the cardholder has been authenticated with a particular transaction XID Buyer authentication Transaction ID Used only by Verified by Visa to identify a unique buyer authentic
74. d ACSURL should not be returned but AUTHENTICATION ID and ECI must be returned for example test case 4 with a test MasterCard account Step 1 POST the PAREQ to the ACS URL PAREQ and ACSURL values are returned for test cases 1 2 3 6 7 and 8 For other cases skip to Submit the Payflow Sale or Authorization transaction with buyer authentication data on page 115 Fraud Protection Services User s Guide 111 Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures 1 Construct an HTML page with a form that performs a POST to the ACS Simulator http pilot buyerauth post verisign com DDDSecure Acs3DSecureSim start The form must contain the following fields fieldnames are case sensitive PAREQ Copy and paste the PAREQ value from the previous step TermUrl The merchant URL to which the reply must be posted For testing use https pilot buyerauth post verisign com DDDSecure Acs3DSecureSim pares MD The Merchant Data field Merchant state data that must be returned to the merchant This field is used to accommodate the different ways merchant systems handle session state Ifthe merchant system can associate the final post with the original shopping session without any further assistance the MD field may be empty If the merchant system does not maintain state for a given shopping session the MD can carry whatever data the merchant needs to continue t
75. d issuers authentication credentials could not be validated Liability Impact Subject to Change Both Visa and MasterCard shift liability for fraud from the merchant Visa shifts liability for fraud from the merchant MasterCard does not shift liability for fraud from the merchant Neither Visa nor MasterCard shift liability for fraud from the merchant Neither Visa nor MasterCard shift liability for fraud from the merchant Neither Visa nor MasterCard shift liability for fraud from the merchant Actions You set the strength of the filter as follows e Full Trigger if a value of N U or F is returned e Medium Trigger only if a value of N is returned Note To enforce the minimum Visa regulations set the filter to Medium strength with an action of Reject This setting rejects N responses however so there is no liability benefit How does the filter protect me Buyer Authentication is the only screening tool that promises to shift fraud liability from the merchant The password used with Verified by Visa and MasterCard Secure Code is the digital equivalent to a shopper s handwritten signature Note Make use of Buyer Authentication if your processor and acquirer support it The use of the password protects merchants from some chargebacks when a customer claims not to have authorized the purchase Widespread account holder enrollment in Buyer Authentication programs may take some time and depends o
76. der Filters identify transactions associated with risky international locations Country Risk List Match Filter What does the filter do This filter screens the customer s shipping and billing address information for matches with countries on the list of high risk countries The specified action is taken whenever any of the information matches a country on the risk list How does the filter protect me Orders from customers in foreign countries are more likely to be fraudulent than orders from domestic customers This is due to the difficulty of authenticating foreign citizens and the difficulty of cross border legal enforcement against fraudulent activities Certain countries however are much riskier than others These countries have high likelihood of fraud and you should evaluate transactions from these countries closely International Shipping Billing Address Filter What does the filter do This filter screens the customer s shipping and billing information for non US addresses The filter checks for country code 840 or any derivation of United States U S USA United Fraud Protection Services User s Guide 91 92 Fraud Filter Reference International Order Filters States of America America and so on in the country fields Any other country name triggers the filter How does the filter protect me Orders from customers in foreign countries are more likely to be fraudulent than orders from domestic cust
77. dits for technical accuracy AU Enhancements Updated guide to include PayPal Manager User Interface changes Updated AVS responses rules Added return codes 51 110 119 120 121 132 133 200 201 402 403 404 600 and 601 Updated buyer auth test URL to pilot buyerauth verisign com Minor corrections for technical accuracy 10 Fraud Protection Services User s Guide Overview This chapter discusses how fraud can affect you the merchant and provides an overview of Fraud Protection Services In This Chapter e Growing Problem of Fraud on page 11 e Reducing the Cost of Fraud on page 11 Growing Problem of Fraud Online fraud is a serious and growing problem While liability for fraudulent card present or in store transactions lies with the credit card issuer liability for card not present transactions including transactions conducted online falls to the merchant As you probably know this means that a merchant that accepts a fraudulent online transaction even if the transaction is approved by the issuer does not receive payment for the transaction and additionally must often pay penalty fees and higher transaction rates One notable exception Buyer Authentication is described in this document Reducing the Cost of Fraud Fraud Protection Services in conjunction with your Payflow Pro service s standard security tools can help you to significantly reduce these costs and the resulting dama
78. e 3 Click RunView Report The Fraud Transaction Report Results page appears It contains all the transactions that were not screened by filters 4 Click on the Transaction ID of the transaction you would like to re run The Confirm Rerun page appears 5 Click Yes to re run that transaction The Success page appears if your transaction was successful Note If multiple attempts at screening fail then the transaction may have data formatting problems Validate the data and contact Customer Service If you encounter 50 or more transactions with Result Code 127 then contact Customer Service who can resubmit them as a group 24 Payflow Link Fraud Protection Services User s Guide Activating and Configuring the Buyer Authentication Service This chapter describes how to enroll configure test and activate the Buyer Authentication Service In This Chapter e Building Customer Confidence on page 25 e Enrolling for the Buyer Authentication Service on page 25 e Downloading the Payflow Including APIs and API Documentation on page 25 e Configuring Buyer Authentication on page 26 e Testing and Activating the Service on page 28 Building Customer Confidence Buyer Authentication reduces your risk and builds your customers confidence The card brands make marketing resources available to you to promote your Web site and logos you can build into your checkout process For more information vi
79. e Authentication failed Mismatched or invalid acquirer in PARES 1047 Validate Authentication failed Mismatched or invalid Merchant ID in PARES 1048 Validate Authentication failed Mismatched or invalid card number in PARES 1049 Validate Authentication failed Mismatched or invalid currency code in PARES 1050 Validate Authentication failed Mismatched or invalid XID in PARES 1051 Validate Authentication failed Mismatched or invalid order date in PARES 1052 Validate Authentication failed This PARES was already validated for a previous Validate Authentication transaction Buyer Authentication Testing Procedures Follow these steps to test your Buyer Authentication integration Perform the Verify Enrollment Transaction Direct the Verify Enrollment transaction TRXTYPE E to the test buyer authentication server pilot buyerauth verisign com TRXTY PE E amp ACCT 5105105105105100 amp AMT 19 25 amp EXPDATE 1203 amp PARTNER PayPal amp PWD pl2345 amp VENDOR SuperMerchant amp USER SuperMerchant 110 Fraud Protection Services User s Guide Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures Verify Enrollment Transaction Test Cases TABLE C 3 Verify Enrollment test cases AUTH_STATUS of Verify Enrollment Transaction Test Case E Card Eligible for authentication 1 2 3 6 7 8 O Attempt not available 4 X Unable to fulfill request 5
80. eland iaa Ta Sep 23 2004 sona o amva Mie More deepstions fight Howat 1 y star oi Comets ans Details Mots rad ase igat To ergure the securty of O put and turboprop Mryrsft your transactions were prowd to partner with these be ogr ams Depert 1504 Le Guardia Son Sap 26 2004 sense LE Cleveland Hopkins bat ri by VISA neers weer Fight Hoste at i Consegion Fiahs Derails Hot a red ene figi O det and Jrbogens Aiecratt Aba RS E sepiraa ot ARRAN POT Oa y Your bank mas unable to authorize the cred card securty formation you entered Pesca try Ad AD O teens 4 Consumer Messaging for Failed Authentication Please submit new form of payment 2 Perform a last round of test transactions as described in Appendix C Testing Buyer Authentication Transactions Using the Payflow SDK to ensure the flow and screen presentation is correct 3 Once all message flows and customer messaging and required logos are in place you can activate Buyer Authentication to accept live transactions 30 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK This chapter describes the process of performing Buyer Authentication transactions using the Payflow SDK For information on using the SDK and on transaction syntax see Payflow Pro Developer 5 Guide The content and format of responses to transaction requests are described in Buyer Authentication Transaction Parameters and Return Val
81. ent transaction in XMLPay you determine whether the cardholder is enrolled in the 3 D Secure program Send a transaction TRXTYPE E to the Buyer Authentication server The server returns the AUTHENTICATION_STATUS of enrollment E means enrolled an AUTHENTICATION ID value and an ECI value electronic commerce indicator defaulted to 7 Authentication Unsuccessful because authentication has not yet occurred If the cardholder is enrolled then the message also includes a PAREQ payer authentication request value and the ACSURL the URL of the Issuer s ACS access control server page at which buyers provide their password to authenticate themselves The PAREQ is used in the next call to ask the Issuing bank to authenticate the customer If the cardholder is not enrolled AUTHENTICATION STATUS 0 cannot be verified X or an error occurred 1 skip to Call 4 Call 4 Submit the intended transaction request to the Payflow server and submit a standard Payflow authorization or sale transaction that includes the AUTHENTICATION_STATUS AUTHENTICATION _ID and ECI values Fraud Protection Services User s Guide 33 34 Performing Buyer Authentication Transactions Using the SDK Detailed Buyer Authentication Transaction Flow Generate the data for the intended transaction Transaction Merchant Web Store AMT 42 02 510551055105 DESCRIPTION case ACCT 5105510551055555 42 02 EXPDATE 0306 NAME johnson BUY
82. er 6 Performing Buyer Authentication Transactions Using the SDK describes and provides an example of how to use Buyer Authentication e Chapter 7 Screening Transactions Using the Payflow SDK describes how to screen transactions for fraud using the Payflow SDK e Chapter 8 Responses to Credit Card Transaction Requests describes the responses to a credit card transaction request Fraud Protection Services User s Guide Customer Service e Appendix A Fraud Filter Reference describes the Transaction filters that make up part of the Fraud Protection Services e Appendix B Testing the Transaction Security Filters provides Payflow SDK transactions that you can use to test the filters e Appendix C Testing Buyer Authentication Transactions Using the Payflow SDK provides examples of testing Buyer Authentication transactions e Appendix D Deactivating Fraud Protection Services describes the process of deactivating Fraud Protection Services Customer Service If you are having problems with Fraud Protection Services contact Customer Service at Email payflow support paypal com Telephone 1 800 505 4916 Revision History TABLE 2 1 Revision History Date June 2008 February 2008 August 2007 April 2007 February 2007 December 2006 Description Updated Payflow server test and live URLs Updated Customer Service information Updated test and live URLs Minor e
83. eral level of the IP address indicates the region or country from which the computer is connecting and is thus relatively fixed Therefore the IP Address risk list is most effective as a screen for overseas fraud The specified action is taken whenever a submitted IP address appears in the risk list How does the filter protect me A customer s IP address identifies a country region state or city As with ZIP codes these addresses can be associated with higher or lower likelihood of fraud This is especially true with high risk countries that are known to be associated with especially high rates of fraud Required Transaction Data You must send the customer s IP address to use this filter Email Service Provider Risk List Match Filter What does the filter do This filter compares the e mail service provider used by the customer against a list of high risk e mail service providers Fraud Protection Services User s Guide Fraud Filter Reference High risk Address Filters Norte Fraudsters most often use free services at which they do not need to provide traceable billing information Free services are also popular among legitimate shoppers because they are free It is therefore a good practice to check whether the billing name appears in some form in the e mail address For example Tina Johnson should have an e mail address of TinaJohnson hotmail com or Johnson42 hotmail com or some similar variant Such an e ma
84. es Stage of Review Screened by filters Screened by filters Screened by filters Screened by filters Screened by filters After review by merchant Transaction Status Pass Review Reject Accept Service Outage Accepted Rejected Report in Which Result the Transaction Code Result Message Appears 0 Approved Approved report 126 Under Review by Fraud Service Approved report 125 Declined by Fraud Service Declined report 0 Approved Approved report 127 Unprocessed by Fraud Service Approved report 0 Approved Approved report 128 Declined by Merchant Declined report Payflow Link Fraud Protection Services User s Guide 21 Assessing Transactions that Triggered Filters Fine tuning Filter Settings Using the Filter Scorecard Click the Transaction ID of the transaction of interest The Fraud Details page appears as discussed in the next section Acting on Transactions that Triggered Filters The Fraud Details page displays the data submitted for a single transaction The data is organized to help you to assess the risk types and to take action accept reject or continue in the review state The following notes describe data in the Fraud Details page shown in the figure 1 This transaction was set aside because it triggered the AVS Failure filter 2 The transaction was not screened by any of the filters in the Skipped Filters section because the data required by these filters did not appear in the tran
85. filters 131 Version 1 Payflow Pro SDK client no longer supported Upgrade to the most recent version of the Payflow Pro client 132 Card has not been submitted for update Fraud Protection Services User s Guide 71 72 Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values TABLE 8 2 Payflow transaction RESULT values and RESPMSG text Continued RESULT 133 150 151 200 201 402 403 404 600 601 1000 1001 1002 1003 1004 1011 1012 1013 1014 1016 1017 1021 1022 1023 RESPMSG and Explanation Data mismatch in HTTP retry request Issuing bank timed out Issuing bank unavailable Reauth error Order error PIM Adapter Unavailable PIM Adapter stream error PIM Adapter Timeout Cybercash Batch Error Cybercash Query Error Generic host error This is a generic message returned by your credit card processor The RESPMSG will contain more information describing the error Buyer Authentication Service unavailable Buyer Authentication Service Transaction timeout Buyer Authentication Service Invalid client version Buyer Authentication Service Invalid timeout value Buyer Authentication Service unavailable Buyer Authentication Service unavailable Buyer Authentication Service unavailable Buyer Authentication Service Merchant is not enrolled for Buyer Authentication Service 3 D Secure Buyer Authentication Service 3 D Secure error response received Instead of recei
86. g Filter What does the filter do This filter compares the total number of items or volume for bulk commodities to the maximum count the ceiling that you specify The specified action is taken whenever the item count in a transaction exceeds the specified ceiling How does the filter protect me An unusually high item count compared to the average for your business can indicate potential fraudulent activity Fraudsters frequently attempt to order large numbers of attractive items that can easily be resold Note In addition some items are more susceptible to fraud than others For example a computer can be resold for much more money than can a pair of sport shoes The likelihood of selling the item quickly is also a factor Shipping Billing Mismatch Filter What does the filter do This filter screens for differences between the shipping information and the billing information street state ZIP code and country The specified action is taken whenever the shipping information differs from the billing information Data Normalization The Shipping Billing Mismatch filter is tolerant of minor address inaccuracies that result from typographical or spelling errors The filter checks relationships among the street address city state and ZIP code and determines if a minor change is needed before screening the transaction NoTE This normalization is performed purely on the billing and shipping data and does not authenticate
87. g and Configuring the Buyer Authentication Service Configuring Buyer Authentication Generate Transaction Request Software 1 Submit a Verify Enrollment transaction request type E to determine whether the cardholder is enrolled in either the Verified by Visa or MasterCard SecureCode service See the example on page 38 2 The response is either Enrolled or Not Enrolled See the example responses on page 38 3 Ifthe customer is enrolled you populate the response data into a form page hosted on your server and post it to the URL of the card issuing bank ACS indicated in the response Make sure the TermUrl field is properly specified as this is where the ACS will post the response See Example ACS Redirect Code on page 35 4 The ACS responds to the post by presenting an Authentication window to the customer By Visa MasterCard requirements the HTML page for displaying the ACS form must be presented in line within the same browser session as the e commerce transaction preferably as framed inline The ACS form should be displayed in a frame set as shown in the following example The message across the top of the frame is required Nore You should not employ pop up windows They will be blocked by pop up blocking software Be ik y ipie ph o dus s 9 29 9 Anah juta Grete Y 2 Ft AA p papar aum ee eae kys Hotwire tor your severity please ft out the Vertied by thee form bebo I
88. ge to your business Norte Merchants must meet the following eligibility requirements to enroll in and use the Fraud Protection Services products Merchant must have a current paid in full Payflow Pro service account Merchant Payflow Pro service account must be activated in Live mode Merchant must have its business operations physically based in the United States of America Merchant must use one of the following terminal based processors American Express Phoenix FDMS Nashville FDMS North FDMS South Global Payments East Nova Paymentech New Hampshire or Vital Fraud Protection Services User s Guide 11 Overview Reducing the Cost of Fraud 12 Fraud Protection Services User s Guide How Fraud Protection Services Protect You This chapter describes the security tools that make up the Fraud Protection Services In This Chapter e The Threats on page 13 e Protection Against the Threats Fraud Filters on page 13 e Special Considerations on page 14 The Threats There are two major types of fraud hacking and credit card fraud Hacking Fraudsters hack when they illegally access your customer database to steal card information or to take over your Payflow Pro account to run unauthorized transactions purchases and credits Fraud Protection software fi ters minimize the risk of hacking by enabling you to place powerful constraints on access to and use of your PayPal Manager and
89. hapter describes the process of using the Payflow SDK to perform transactions that will be screened by the Fraud Protection Services filters For information on using the SDK and on transaction syntax see Payflow Pro Developer s Guide IMPORTANT Recurring Billing transactions are not screened by Fraud Protection Services filters Response Values Payflow response values are described in RESULT Codes and RESPMSG Values on page 45 Testing Filters Information on testing filters appears in Appendix C Testing the Transaction Security Filters In This Chapter e Downloading the Payflow SDK Including APIs and API Documentation on page 29 e Transaction Parameters Unique to the Filters on page 32 e Existing Payflow parameters Used by the Filters on page 32 e Response Strings for Transactions that Trigger Filters on page 34 e Accepting or Rejecting Transactions That Trigger Filters on page 40 e Logging Transaction Information on page 41 Downloading the Payflow SDK Including APIs and API Documentation The Payflow SDK is available either as a standalone client that can you can integrate with your Web store using CGI scripts or as a set of APIs for direct integration with your application Payflow Pro Developer s Guide The Payflow Pro Developer s Guide provides instructions for downloading the SDK appropriate to your platform IMPORTANT Full API documentation is included with each SDK
90. he session Since the content of this field varies by merchant implementation the ACS must preserve it unchanged and without assumptions about its content The MD field must contain only ASCII characters in the range 0x20 to 0x7E If other data is needed then the field must be Base64 encoded The size of the field after Base64 encoding if applicable is limited to 1024 bytes If MD includes confidential data such as the PAN then it must be encrypted 2 POST to the ACS Simulator http pilot buyerauth post verisign com DDDSecure Acs3DSecureSim start 3 The results depend upon the test account number that you used For test cases 1 2 6 and 8 the ACS page appears and prompts for a password The correct password password results in an authenticated user Enter any other string to test case 2 For test case 3 attempted authentication of a card that is not enrolled Visa only ACS does not display a page asking for cardholder s password but directly generates a PAREQ and POSTs it back to the specified TermUrl 112 Fraud Protection Services User s Guide Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures Step 2 Validate Authentication Transaction Validate Authentication Transaction Test Cases TABLE C 4 Validate Authentication test cases AUTHENTICATION_STATUS of Validate Authentication Transaction Test Case Y 1 N 2 A Visa only 3
91. ic TRANSSTATE values TABLE 7 5 TRANSSTATE value increments Increment Meaning 100 No client acknowledgment ACK is received status 0 in V2 for example 106 is TRANSSTATE 6 200 The host process never receives ACK from the transaction broker or backend payment server A transaction with a TRANSSTATE of 200 is basically in limbo and will not be settled 1000 Voided transactions Any TRANSSTATE of 1000 for example 1006 means the transaction was settle pending However it was voided either through the API PayPal Manager or Customer Service RESULT Values Specific to Fraud Protection Services A RESULT value greater than zero indicates a decline or error For this type of error a RESPMSG name value pair is included The exact wording of the RESPMSG may vary Sometimes a colon appears after the initial RESPMSG followed by more detailed information TABLE 7 6 Transaction RESULTs RESPMSGs RESULT RESPMSG and Explanation 125 Fraud Protection Services Filter Declined by filters 126 Fraud Protection Services Filter Flagged for review by filters 127 Fraud Protection Services Filter Not screened by filters Fraud Protection Services User s Guide 57 Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters TABLE 7 6 Transaction RESULTs RESPMSGs Continued RESULT RESPMSG and Explanation 128 Fraud Protection Services Filter Declined by merchant af
92. ication data Cardholder is Enrolled in the 3 D Secure Program You perform the intended Payflow authorization or sale payment transaction using the standard name value pairs plus the values returned to the Validate Authentication transaction AUTHENTICATION _ID AUTHENTICATION_STATUS CAVV XID and final ECI Cardholder is Not Enrolled If there is no PAREQ returned in the response to the Verify Enrollment call then the cardholder is not enrolled and you do not perform any additional buyer authentication transactions You perform the intended Payflow authorization or sale payment transaction using the standard name value pairs plus the AUTHENTICATION_ID AUTHENTICATION STATUS and ECI values returned by the Verify Enrollment call XMLPay Users Pass AUTHENTICATION _STATUS lt status gt AUTHENTICATION ID lt id gt CAVV lt cavwv value gt XID lt xid value gt and ECI lt eci value gt in the ExtData for Authorization and Sale transactions Example Buyer Authentication Transactions The values returned in the transaction responses shown in these examples are described in Buyer Authentication Transaction Parameters and Return Values on page 40 Standard Payflow return values are described in Payflow Pro Developer s Guide All return parameter names for transactions with the Buyer Authentication Server include length tags Length tags specify the exact number of characters and spaces that appear in the value For example RESPM
93. ikg9hitDj sROIbzCFZczuipvngFKEX8CU4n8UpogY QOnyHKbz5CEnew6FoSsuj 7xDj 9D6KeBUgcLzFUKAXOL5TMvzMULexioFGvdIwXDFJxSra2CW JcY Mj ShEW Lktr7PPxlihjvNsNEYS1LeRirsQH2jKygWcvddZT411VdXL7 SH6wr ilfYhs2fZ2ds 232q3 9KVrbivGrzZ360H5 al K0A7 3PsACHpcZ4 POWt DpWESgoSTzRivJzJ6zEKeEzEmdpNbWwl1y2 U3S8 WMyKk eVKtK9rEL8 fWZ2YixWgbs0M e3QN1JGHIHgy cpc 8WFL6E2 9FdcBCloe1 82GBUyF 2 zLVhlq b2MLf zkOMwDBd6gRcj Fy1Z0G4288 fPeuPBSX4e6JUTFC3qgxG090 yoCL4zKORR53i5E AZJ6D4xXUQFBAimAJeAc 4se0A02m5 9rEImdhqHhI 9C0 f 3dpRBWoLwCNJjaFSjHQLIdUW16pY02V O 1qbXddDo6VSEp6kOT HdRIn4NTVEqXPn 9SWcJUBhRV17 ywFgP8Eq5 20H8XqFIS3QURUHYhwHU y iHGOVK4030AEhgMDBHgAcPwdUu0FTqcspPET4xUm8Sb7t49sDN20k3vIcW1lruXmwaJ8eRjeG TPsOjwr0yxFu7jve26pkcMj T8AbzJsin8f0c3BT8NdZxvb2NbXqZOHRNBaJ2wS Pzv4ZZ2KcXZ7S shthYj 6MT8RgSC JARxgSN H70wXg4vaF34 Tmc0 HfgSAvcI kbD fwV1H M3xADiWBT aHkKpXx 27a3 0P6ATMpOGWIn12WoZbuHePyp FUgxyFTX1gV51 3 Mqjde 12HNL3bqw 0gqgfe70w9G3cK gt20dvtTspJP12eyuRwOnbr9JKdp6eVP1u3xUyaKNlqYzVksB9vKCe6kgR1V4gqfUJP13vSW190K uSbn5zpK0ouzX1l9mNfoARhDv30q1t 8n71 9Wboh9fb5 Eh F3 5 K wWCuWoX 114 Fraud Protection Services User s Guide Testing Buyer Authentication Transactions Using the Payflow SDK Buyer Authentication Testing Procedures Example Return Values The result should look like the following
94. il address is less suspicious than xy12 hotmail com The specified action is taken whenever the e mail service provider is found in the risk list How does the filter protect me Online merchants rarely talk to their customers The customer s e mail address is a critical communications channel between the merchant and customer For example e mail is often used to confirm a purchase and to notify the customer that shipment has been made It is therefore important for merchants to determine how reliably the e mail address is tied to the identity of the customer Some e mail service providers make it especially easy to open and close e mail accounts without ever providing personal information enabling fraudsters to use false identities to cover their tracks You should examine any transaction in which a high risk e mail service provider is involved Geo location Failure Filter What does the filter do This filter compares the IP address of the customer s computer captured in real time when the transaction is submitted and compares its geographical location to the billing and shipping addresses IP Internet protocol addresses are unique identifiers for computers that can often be mapped to a specific city or area code The specified action is taken whenever the IP address shipping address and billing address do not fall within a 100 mile radius If you provide only one physical address billing or shipping address then the filter t
95. in St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTHighRiskZIPCheckReject VENDOR TESTHighRiskZIPCheckRe j ect amp ZIP 60649 T T GI CA amp STR T ET 123 T T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25031523 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject HighRiskZIPCheck ERROR 13 55 6 result 125 TRXTYPE A Fraud Protection Services User s Guide 105 Testing the Transaction Security Filters ZIP Risk List Match Filter 106 Fraud Protection Services User s Guide Testing Buyer Authentication Transactions Using the Payflow SDK This chapter describes the process of testing Buyer Authentication transactions using the Payflow SDK For complete information on using the SDK see Payflow Pro Developer s Guide The content and format of responses to transaction requests are described in Buyer Authentication Transaction Parameters and Return Values on page 40 In This Appendix e Testing Buyer Authentication Transactions on page 107 e Test Case Descriptions and Account Numbers on page 107 e Expected Result Codes for Buyer Authentication on page 109 e Buyer Authentication Testing Procedures on page 110
96. iod Unusually high velocity is can be associated with a fraudster making repeated attacks on a system Legitimate customers do not typically perform multiple transactions in quick succession How does the filter protect me Fraudsters often submit multiple purchases with a single account number to try to discover the card s valid billing address or card security code Alternatively the fraudster may attempt to bypass ceiling filters by making multiple small purchases with a know good account number High risk Address Filters High Risk Address Filters identify transactions associated with high risk geographical locations or poorly matched transaction data 86 Fraud Protection Services User s Guide Fraud Filter Reference EE High risk Address Filters ZIP Risk List Match Filter What does the filter do This filter compares the Ship To and Bill To ZIP codes US only against the high risk list High risk ZIP codes are determined based on analysis of millions of e commerce transactions The specified action is taken whenever a submitted ZIP code appears in the risk list Nore Fraud tends to correlate to densely populated areas like major cities For this reason ZIP codes on the risk list will likely correlate to major cities How does the filter protect me Matching a ZIP code on the risk list does not necessarily indicate a fraudulent purchase but that you should evaluate these transactions more closely than other transact
97. ions Freight Forwarder Risk List Match Filter What does the filter do This filter screens the full Ship To address against a list of addresses of freight forwarders Note Unlike the other Risk Lists the Freight Forwarder Risk List was not developed through statistical evaluation of e commerce transactions Rather this is a list of know addresses associated with freight forwarders The specified action is taken whenever a shipping address matches the address of a known freight forwarding service Note The Freight Forwarder filter requires a valid US shipping address If the USPS Address Validation filter determines that the address does not exist then the Freight Forwarder filter is skipped and placed in the Unused Filters list on the Fraud Details page How does the filter protect me Freight forwarding services enable a customer to open an account using the forwarder s corporate address and to have the service forward all packages to another end destination While there are legitimate uses for a freight forwarding service forwarders also enable fraudsters to hide their true location Whenever a customer orders delivery to a freight forwarder you should research the transaction more closely USPS Address Validation Failure Filter What does the filter do This filter screens the Ship To and Bill To addresses street number street name state and ZIP code against the United States Postal Service database of existing add
98. ity setting then no values are returned for AVS or CSC AVS validation failed The AVS return value should appear in the RESPMSG CSC validation failed The CSC return value should appear in the RESPMSG 118 Invalid keywords found in string fields 119 General failure within PIM Adapter 120 Attempt to reference a failed transaction 121 Not enabled for feature 122 Merchant sale total will exceed the credit cap with current transaction ACH transactions only 125 Fraud Protection Services Filter Declined by filters 126 Fraud Protection Services Filter Flagged for review by filters Important Note Result code 126 indicates that a transaction triggered a fraud filter This is not an error but a notice that the transaction is in a review status The transaction has been authorized but requires you to review and to manually accept the transaction before it will be allowed to settle Result code 126 is intended to give you an idea of the kind of transaction that is considered suspicious to enable you to evaluate whether you can benefit from using the Fraud Protection Services To eliminate result 126 turn the filters off For more information see the Fraud Protection Services documentation for your payments solution It is available on the PayPal Manager Documentation page 127 Fraud Protection Services Filter Not processed by filters 128 Fraud Protection Services Filter Declined by merchant after being flagged for review by
99. l Merchants using the Recurring Billing Service To avoid charging you to filter recurring transactions that you know are reliable Fraud Protection Services filters do not screen recurring transactions To screen a prospective recurring billing customer submit the transaction data using PayPal Manager s Virtual Terminal The filters screen the transaction in the normal manner If the transaction triggers a filter then you can follow the normal process to review the filter results Fraud Protection Services User s Guide Configuring the Fraud Protection Services Filters This chapter describes how to configure the Fraud Filters for your Payflow Pro account The chapter explains a phased approach to implementing the security of transactions You are not required to use the approach described in this chapter However it enables you to fine tune your use of filters before you actually deploy them in a live environment You first make and fine tune filter settings in a test environment Then you move to a live transaction environment to fine tune operation in an Observe only mode Finally when you are fully satisfied with your settings you move to live Active mode to begin screening all live transactions for fraud Filter operation is fully described in Appendix A Fraud Filter Reference IMPORTANT Upon completing the configuration procedures within each of the phases described below you must click the Deploy button to deploy
100. l These authentication methods prompt buyers to provide a password to their card issuer before being allowed to execute a credit card purchase The Buyer Authentication Service is described in Buyer Authentication Service on page 10 What does the filter do The filter is triggered when the customer s identity is not adequately authenticated according to criteria that you specify Buyer Authentication Results Although MasterCard and Visa both use the underlying 3 D Secure protocol to implement the Buyer Authentication service they have different liability rules regarding buyer authentication results Those rules appear in Table A 4 MasterCard converts 3 D Secure results into UCAF fields To simplify for the merchant all responses are normalized into the values listed in Table A 4 84 Fraud Protection Services User s Guide Fraud Filter Reference High risk Payment Filters Buyer Authentication returns one of the following responses in the AUTHENT CAT ON STATUS name value pair values are for Visa USA region TABLE A 4 Responses in the AUTHENTICATION_STATUS name value pair Result Y A Description Successful authentication the password was correct The merchant attempted to authenticate the buyer but the issuer does not support buyer authentication Unsuccessful authentication the password was not correct Authentication could not be completed due to network error Car
101. le with the account holder s bank X The account holder s bank does not support AVS checking for this information Null In some cases banks return no value at all AVS checks only for a street number match not a street name match so 123 Main Street returns the same response as 123 Elm Street The USPS Address Validation Failure Filter on page 87 validates the address information NOTE The specified action is taken whenever the AVS response does not meet the criterion that you specified IMPORTANT The AVS Failure filter performs the action after the transaction is processed This means that if set to reject the filter rejects the transaction after the transaction is authorized by the processor To charge the customer for such a transaction you must resubmit the transaction data Specifying the Level of AVS Checking Specify one of the AVS settings e Full Take action if a transaction returns any value other than YY Y for street address and Y for ZIP code e Medium Take action if a transaction returns values other than these XX XY YX and YY e Light Take action only if NN is returned This table summarizes AVS levels TABLE A 2 AVS responses AVS Setting Allowed Responses Full Y Y Medium X X X Y Y X Y Y Light X X X Y Y X X N N X N Y Y N Y Y 82 Fraud Protection Services User s Guide Fraud Filter Reference EE High risk Payment Filters Buyer
102. lidate Authentication failed invalid card number in PARES Buyer Authentication Service Validate Authentication failed invalid currency code in PARES Buyer Authentication Service Validate Authentication failed invalid XID in PARES Buyer Authentication Service Validate Authentication failed invalid order date in PARES Buyer Authentication Service Validate Authentication failed This PARES was already validated for a previous Validate Authentication transa missing or PARES format is Cannot find Signature Mismatched or Mismatched or Mismatched or Mismatched or Mismatched or Mismatched or Mismatched or ction RESULT Values for Communications Errors A RESULT value less than zero indicates that a communication error occurred In this case no transaction is attempted A value of 1 or 2 usually indicates a configuration error caused by an incorrect URL or by configuration issues with your firewall A value of 1 or 2 can also be possible if the PayPal servers are unavailable or an incorrect server socket pair has been specified A value of 1 can also result when there are internet connectivity errors Contact customer support regarding any other errors Fraud Protection Services User s Guide 73 74 Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values TABLE 8 3 RESULT values for communications errors RESULT Description
103. lternatively you can generate lists of transactions that either were or were not screened by filters Report Options Save Template As Date Range Custom From g6 m 26 s 2006 e ER Time oo o0 To 06 w 26 2006 R Time 23 59 Time Zone US Pacific Transaction Type Transaction Mode Download Report 2 Specify the date range of the transactions to review 3 Specify a Transaction Type TABLE 4 1 Transaction types Transaction Type Reject Review Accept Not Screened by Filters Screened by Filters Description Transactions that the filters rejected These transactions cannot be settled The type of filter that took this action is called a Reject filter Transactions that the filters set aside for your review The type of filter that took this action is called a Review filter Transactions that the filters allowed through the normal transaction submission process The type of filter that took this action is called an Accept filter Transactions that were not screened by any filter This condition Result Code 127 indicates that an internal server error prevented the filters from examining transactions This conditional occurs only in Test mode or Live mode In Observe mode all results codes are always 0 You can re screen any of these transactions through the filters as described in Re running Transactions That Were Not Screened on page 24 All t
104. mation on your own system At a minimum log the following data e PNREF called the Transaction ID in PayPal Manager reports e Transaction Date e Transaction Amount If you have any questions regarding a transaction use the PNREF to identify the transaction Audit Trail and Transaction Logging The Buyer Authentication server logs Verify Enrollment transactions PAREQ values and PARES values Verify Enrollment Transactions Verify Enrollment transactions are logged when all of the following items occur e The merchant passes data needed to perform buyer authentications e The server connects to Visa or MasterCard and gets a meaningful response card enrollment AUTHENTICATION STATUS E U or X If status is Y then the PAREQ value is logged along with the Verify Enrollment transaction data Otherwise the transaction is not logged Validate Authentication Transactions The Buyer Authentication server will log the PARES value only when all of the following items occur e There is a matching PAREQ by Message ID not by content in the database e There is no other PARES with the same Message ID in the database This means that if a duplicate PARES is submitted it is logged only once Fraud Protection Services User s Guide 47 az Performing Buyer Authentication Transactions Using the SDK Logging Transaction Information 48 Fraud Protection Services User s Guide Screening Transactions Using the Payflow SDK This c
105. mode Once you have set all filters to the optimum settings you deploy the filters to Active mode In Active mode filters on the live servers examine each live transaction and take the specified action when triggered Note Remember that you can test a new filter setting using the test servers at any time even if your account is in Active mode and then if desired make an adjustment to the live filter settings Fraud Protection Services User s Guide 15 16 Configuring the Fraud Protection Services Filters Phase 1 Run Test Transactions Against Filter Settings on Test Transaction Security Servers Phase 1 Run Test Transactions Against Filter Settings on Test Transaction Security Servers In this phase of implementation you configure filter settings for test servers that do not affect the normal flow of live transactions You then run test transactions against the filters and review the results offline to determine whether the integration was successful Continue modifying and testing filters as required Note There is no per transaction fee when you use the test servers 1 In the Service Summary section of the PayPal Manager home page click the Basic or Advanced Fraud Protection link Click Service Settings gt Fraud Protection gt Test Setup Click Edit Standard Filters The Edit Standard Filters page appears For each filter Click the filter check box to enable it and click to clear the check box
106. mp DESC DESC amp DL CA111111 amp DOB CA123456 amp EMAIL 20 admin merchant com amp EXPDATE 1209 amp FIRSTNAME John amp FRE IGHTAMT 1 11 amp LASTNAME Johnson amp L_COST0 11 11 amp L_ DESCO L DESCOSL QTY0 1 amp L SKUO L SKUO amp L TYPEO L_TYPEO amp L UPCO L_UPCO amp MIDDLENAME Z amp ORDERT IMEZONE 1 amp PARTNER PayPa1 PHONENUM 650 995 0123 amp PONUM PONUM amp PWD testing1 amp SHIPCARRIER SHIPCARRI Y No City amp SHIPTOEMAIL 20 admin merchant com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAME amp SHIPTOLASTNAM E SHIPTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMI DDLENAME amp SHI PTOPHONE 650 555 0124 amp SHI PTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 123 Main St amp SHIPTOSTREET2 123 SHIPTOSTREET 2 amp SHIPTOZIP 11111 amp SS 565796510 amp STATE CA amp STR Main St amp BILLTOSTREET2 123 SHIPTOSTREET 2 amp TAXAMT 1 01 amp TENDER C amp USER TESTInternationalOrderReject amp VENDOR TESTInternationalOrde rReject amp ZIP 11111 E GI Z al R amp SHIPMETHOD SHIPMETHOD amp SHIPTOCIT E T ET 123 T T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25032493 amp R
107. multiple small purchases with multiple stolen account numbers High risk Customer Filters Bad Lists What does the filter do This filter compares the customer s e mail address and credit card number against lists that you create of addresses and numbers for known bad customers 90 Fraud Protection Services User s Guide Fraud Filter Reference International Order Filters Note Unlike the Risk lists managed by PayPal you solely manage and update the Bad Lists Any transaction that is an exact match with an entry in one of your bad lists triggers the filter If you enable this filter then your next step will be to set up lists of bad email addresses and bad card numbers Be sure to type the e mail addresses and credit card numbers accurately Enter only numerals in the credit card number list no spaces or dashes Norte Items that you enter in the test Bad lists are not carried over to your configuration for the live servers so do not spend time entering a complete list for the test configuration How does the filter protect me This filter enables you to block repeat fraud In the e commerce world once someone successfully performs a fraudulent transaction they are very likely to try again For this reason you should set up lists of cards and email addresses and configure this filter to take action on transactions with data elements appearing in the bad lists International Order Filters International Or
108. n Line presentation of the ae E card issuers ACS form within by VISA mtwezh nan an HTML frameset allows the merchantto maintain their brand and provide consumer messaging to reassure the customer Added Protection Because it does not pop up a new browser window it thwarts pop up blocking software Because no other navigation links are available to the oe a customer they cannot E SS abandon the authentication process Fraud Protection Services User s Guide 27 Activating and Configuring the Buyer Authentication Service Testing and Activating the Service 5 When the customer enters their password and clicks Submit the ACS verifies the password and posts a response to the TermURL the page on your site that is configured to receive ACS responses 6 Submit a Validate Authentication Response transaction request type Z to validate ensure that the message has not been falsified or tampered with and decompose the Authentication Response from the card issuing bank ACS See Example Validate Authentication Response on page 39 7 The response contains the following data elements XID Authentication Status ECI E commerce Indicator Visa CAVV Cardholder Authentication Verification Value or MasterCard AAV Accountholder Authentication Value Submit these values along with the standard transaction data in a standard Sale or Authorization transaction request as described in Call 4
109. n Payflow Pro Developer s Guide you submit the following parameters that are specific to the buyer authentication functionality TABLE 6 6 Additional Buyer Authentication Sale or Authorization parameters Name Value AUTHENTICATION ID If the Verify Enrollment call returned AUTHENTICATION STATUS E then submit the AUTHENTICATION ID value returned by the Validate Authentication call Otherwise submit the AUTHENTICATION _ID value returned by the Verify Enrollment call AUTHENTICATION STATUS If the Verify Enrollment call returned AUTHENTICATION _STATUS E then submit the AUTHENTICATION STATUS value returned by the Validate Authentication call Otherwise submit the AUTHENTICATION_STATUS value returned by the Verify Enrollment call XID XID value returned by the Validate Authentication call if applicable ECI If the Verify Enrollment call returned AUTHENTICATION_STATUS E then submit the ECI value returned by the Validate Authentication call Otherwise submit the ECI value returned by the Verify Enrollment call CAVV CAVV value Returned if AUTHENTICATION Status is Y or A Fraud Protection Services User s Guide 43 az Performing Buyer Authentication Transactions Using the SDK Buyer Authentication Transaction Parameters and Return Values Sale or Authorization Response Value Visa only In addition to the return values described in Payflow Pro Developer s Guide the following value is returned TABLE 6 7 Buyer
110. n the card issuers supporting and marketing the option Fraud Protection Services User s Guide 85 OA Fraud Filter Reference High risk Address Filters BIN Risk List Match Filter What does the filter do The Bank Identification Number BIN makes up the first six digits of a credit card number The BIN identifies the bank that issued the card This filter screens every credit card number for BINs on the high risk list The specified action is taken whenever a BIN matches one on the list How does the filter protect me Certain BINs might be associated with a greater degree of fraud because the issuer uses less stringent authentication policies when issuing cards In other cases because some issuers have a large number of cards in circulation the cards are more likely to fall into the hands of fraudsters Account Number Velocity Filter What does the filter do The Account Number Velocity filter triggers when any credit card account number is used five times within a three day 72 hour period IMPORTANT The specified action is performed on only the transaction that triggered the filter and not on the previous four transactions You must manually review and act upon those transactions Generate a Transaction Details report and click the Account Velocity link to view the transactions What is Velocity In the risk management industry an event s velocity is a measure of its frequency of occurrence during a defined time per
111. ns 107 Buyer Authentication Failure Filter 78 84 Buyer Authentication server 33 Buyer Authentication Service 31 XMLPay 33 C Card Security Code Failure Filter 83 CAVV 32 communications errors 73 configuring filters 14 credit card fraud 13 D deactivation 117 deploying filters 17 documentation API 49 downloading APIs 49 Fraud Protection Services User s Guide E ECI 32 ECI values 45 E mail Service Provider Risk List Match Filter 88 enrollment requirements 11 F Filter Scorecard 22 filter types High risk Address 86 High risk Payment 81 Unusual Order 79 filters Account Number Velocity 86 AVS Failure 81 BIN Risk List Match 86 Buyer Authentication Failure 78 84 Card Security Code Failure 83 configuring 14 defined 13 E mail Service Provider Risk List Match 88 examples 14 Freight Forwarder Risk List Match 87 Geo location Failure 89 IP Address Match 88 IP Address Velocity 90 parameters 52 Product Watch List 81 required transaction data 49 response string 54 Shipping Billing Mismatch Filter 80 testing 95 Total Item Ceiling 80 Total Purchase Price Ceiling 79 USPS Address Validation Failure 87 ZIP Risk List Match 87 Freight Forwarder Risk List Match Filter 87 G Geo location Failure Filter 89 119 H hacking 13 High risk Address Filters 86 High risk Payment Filters 81 instant fulfillment 14 IP Address Match Filter 88 IP Address Velocity Filter 90 L libraries NET 25 libraries Java 2
112. nsaction type S to the server With Buyer Authentication you must submit two additional transaction requests types E Verify Enrollment and Z validate PARES response before the Sale Follow these steps 1 2 26 Log in to PayPal Manager at https paypal manager com Click Service Settings gt Fraud Protection gt Buyer Authentication The Buyer Authentication Setup page appears Enter Registration information complete all fields for both MasterCard and Visa Select your Acquirer Acquirer Support for MasterCard and Visa and click Activate to activate the Acquirer you selected Enter your Business Name Enter the fully qualified URL be sure to include http or https of your business Select your Country Code from the drop down menu Click Submit A gray notification box appears towards the top of the page confirming the changes If there are any errors a yellow box appears towards the top of the page stating the problem On the main PayPal Manager page click the Download link Read chapters 5 through 7 and Appendix D of this document Download the Payflow SDK Software Developer s Kit appropriate for your software environment Download Payflow Pro Developer s Guide PDF format document Read as much of Payflow Pro Developer s Guide as you need Configure the Payflow SDK as described in the developer s guide Fraud Protection Services User s Guide Activatin
113. older s bank does not support IAVS Null In some cases banks return no value at all The specified action is taken whenever AVS returns Y Fraud Protection Services User s Guide Fraud Filter Reference EE Accept Filters e You must use Payflow Pro client version 3 06 or newer to use the IAVS filter Special Requirements e International AVS is not currently widely supported by processors Check to see if your processor supports international AVS FDMS Nashville and NOVA return IAVS responses for all card types EDS Aurora and FDMS South return IAVS responses for VISA cards only All other processors always return N or X How does the filter protect me Orders from customers in foreign countries are more likely to be fraudulent than orders from domestic customers This is due to the difficulty of authenticating foreign citizens as well as the difficulty of cross border legal enforcement against fraudulent activities The International AVS filter sets aside transactions from customers with cards issued in foreign countries so that you can evaluate them more fully Accept Filters Accept Filters immediately approve transactions that meet characteristics that you specify Ifa filter in this group is triggered then the transaction is accepted regardless of Review filter results IMPORTANT The Accept filters are designed to reduce the load on your staff by reducing the number of transactions set aside for review
114. omers This is due to the difficulty of authenticating foreign citizens and the difficulty of cross border legal enforcement against fraudulent activities The International Shipping Billing Address filter sets aside transactions from customers in foreign countries so that you can evaluate them more fully International IP Address Filter What does the filter do This filter screens for international IP addresses An IP Internet protocol address is a unique identifier for a computer that can identify a particular network and a particular computer on that network The specified action is taken whenever the IP address indicates an international computer or network How does the filter protect me Orders from customers in foreign countries are more likely to be fraudulent than orders from domestic customers This is due to the difficulty of authenticating foreign citizens as well as the difficulty of cross border legal enforcement against fraudulent activities The International IP Address filter sets aside transactions from customers in foreign countries so that you can evaluate them more fully International AVS Filter What does the filter do International Address Verification Service I AVS determines whether the issuer is domestic US or international TABLE A 5 AVS filter results Result Meaning Y The card number is associated with an international issuer N The card number is associated with a US issuer X Account h
115. ompares the number provided by the customer with the number on file with the issuer and returns one of the following responses TABLE A 3 Card security code responses Result Meaning Y The submitted information matches information on file with account holder s bank N The submitted information does not match information on file with the account holder s bank Fraud Protection Services User s Guide 83 OA Fraud Filter Reference High risk Payment Filters TABLE A 3 Card security code responses Result Meaning X Account holder s bank does not support this service Null In some cases banks return no value at all Card Security Code Failure Filter Action The specified action is taken whenever the card security code response is the value that you specified The Best Practices action is to review all transactions with responses other than Y You set the strength of the filter as follows e Full Take action if a value of N or X is returned e Medium Take action only if a value of N is returned Buyer Authentication Failure Filter You must enroll for the Buyer Authentication Service in the Fraud Protection Services suite to make use of the Buyer Authentication Failure filter The filter is grayed out on configuration pages if you are not enrolled Buyer Authentication refers to the card sponsored authentication services such as Verified by Visa and MasterCard Secure Code that make use of the 3 D Secure protoco
116. ould be especially wary when a customer has an international IP address but uses U S billing and shipping information IP Address Velocity Filter What does the filter do The IP Address Velocity filter triggers when five or more transactions within three days 72 hours originate from any individual IP address IMPORTANT The specified action is performed on only the transaction that triggered the filter and not on the previous four transactions You must manually review and act upon those transactions Generate a Transaction Details report and click the IP Address Velocity link to view the transactions IP addresses do not always identify a unique computer or user For example an Internet Service Provider ISP may use a limited number of IP addresses for all of its users To protect against triggering the filter in this case set up an IP Address Velocity Ignore List described in the online help What is Velocity In the risk management industry an event s velocity is a measure of its frequency of occurrence during a defined time period Unusually high velocity is can be associated with a fraudster making repeated attacks on a system Legitimate customers do not typically perform multiple transactions in quick succession How does the filter protect me Fraudsters often submit multiple purchases using an automated script that tests unknown card numbers Alternatively the fraudster may attempt to bypass other filters by making
117. p SHIPMETHOD SHI PMETHOD amp SHIPTOCIT Y Mountain View amp COUNTRYCODE US amp SHIPTOEMAIL 18 fraud asiamail com amp SHIPTOFIRSTNAME SHIPTOFIRSTNAM E amp SHIPTOLASTNAME SHI PTOLASTNAME amp SHI PTOMI DDLENAME SHI PTOMIDDLENAME amp SHI PTOPHONE 650 555 0124 amp SHIPTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET 487 East Middlefield Road amp SHIPTOSTREET2 487 East Middlefield Road amp SHIPTOZIP 94043 amp SS 565796510 amp STATE CA amp STREET 236 W Rincon Ave amp BILLTOSTREET2 Unit C amp TAXAMT 1 01 amp TENDER C amp USER TESTGeoLocationCheckReject amp VENDOR TESTGeoLocationCheckRej ect amp ZIP 95008 T H T Expected Response Message resp mesg RESULT 125 amp PNREF VB0A25088015 amp RESPMSG Declined by Fraud Service amp PREFPSMSG Reject GeoLocationCheck ERROR 15 44 28 result 125 TRXTYPE A International AVS Filter Pass in the specified ZIP codes and billing address Fraud Protection Services User s Guide 99 Testing the Transaction Security Filters International IP Address Filter TRXTYPE A amp ACCT 5105105105105100 amp AMT 8 1000 OO amp SBROWSERCOUNTRYCODE 203
118. p USER testFil R PayPal amp PHONENUM 650 555 SKUO L_SKUO amp L_TYPEO L_TYPEO HI PMETHOD SHI PMETHOD amp SHIPTOCI 17 test paypal com amp SHIPTOFIRSTNAME amp SHIPTOLASTNAME amp E 650 555 1235 SHIPTOPHONE2 650 555 REET 487 East Middlefield P 60649 amp SS 565796510 amp STATE CA amp STREET 487 East northfield ters amp VENDOR TESTFilters amp ZIP 1507 Shipping Billing Mismatch Filter TRXTYPI uly 11 ESC amp DL CA1 amp FREIGHTAI O amp L_TYPEO Pass in the specified shipping and billing addresses 2002 12 12 12 amp BROWS City amp COMMENT1 Automated tes AdminTester amp COUNTRY 203 amp COUNTRYCODE 203 amp CUSTIP 255 255 255 255 amp CUSTREF CUSTREF amp DESC D 11111 amp DOB CA123456 amp EMATL 20 admin merchan E T 1 1186LASTNAME Johnson L COSTO 11 118L DESCO L DESCO L QTY0 14L SKUO L SKU TYPEO L UPCO L UPCOSMIDDLENAME Z86ORDERTIMEZONE 1 amp PARTNER PayPal amp PHONENUM 650 555 0123 amp PON Y SHIPTOCITY amp SH OLASTNAMI 0124 amp SHI E SHIPTOLASTNAMI PTOPHONE2 650 555 0125 amp SHIPTOSTATE CA amp SHIPTOSTREET SHIPTOSTREET amp SHIPTOSTR 2 amp SHIPTOZIP 111118SS 5 65796510 amp STATE CA amp STREET 123 Main E A amp ACCT 3528000000000015 amp AMT 4 1000 amp BROWS ERUS ERCOUNTRYCODE 2038BROWSERTIME 22
119. plete XML PARES message generated by the ACS Validate Authentication Return Values TABLE 6 5 Validate Authentication response values Max Name Value Type Length RESULT 0 successfully verified integer 1 RESPMSG Error description if result is not 0 ANS 256 AUTHENTICATION ID Message ID of the response passed with ANS 64 the authorization transaction AUTHENTICATION STATUS The status of the PARES alpha 1 Y Authentication Successful the password was correct A Authentication Attempted the issuing bank does not support buyer authentication N Authentication Failed bad password U Unable to Authenticate network error F Validate Authentication transaction error CAVV CAVV value returned if ANS 64 AUTHENTICATION Status is Y or A 42 Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK CAEN Buyer Authentication Transaction Parameters and Return Values TABLE 6 5 Validate Authentication response values Max Name Value Type Length XID Transaction ID returned if ANS 64 AUTHENTICATION Status is Y or A ECI ECT if the ECI value is returned in the integer 1 PARES 1 Cardholder not Authenticated MasterCard 2 Cardholder Authenticated MasterCard 5 Authentication Successful Visa 6 Authentication Attempted Visa 7 Authentication Unsuccessful Visa Standard Payflow Sale or Authorization Transaction In addition to the parameters described i
120. r the filter identifies a suspicious transaction either set the transaction aside for review or reject it See PayPal Manager online help for detailed filter configuration procedures Typically you specify setting the transaction aside for review For transactions that you deem extremely risky for example a known bad email address you might specify rejecting the transaction outright You can turn off any filter so that it does not screen transactions For some filters you also set the value that triggers the filter for example the dollar amount of the ceiling price in the Total Purchase Price Ceiling filter Reviewing Suspicious Transactions As part of the task of minimizing the risk of fraud you review each transaction that triggered a filter through PayPal Manager to determine whether to accept or reject the transaction See PayPal Manager online help for details Special Considerations Merchants With an Instant Fulfillment Model For businesses with instant fulfillment business models for example software or digital goods businesses the Review option does not apply to your business you do not have a period of delay to review transactions before fulfillment to customers Only the Reject and Accept options are applicable to your business model In the event of server outage Fraud Protection Services is designed to queue transactions for online processing This feature also complicates an instant fulfillment business mode
121. r Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The email address fraud asiamail com in bill Email was found in a high risk email providerlist lt triggeredMessage gt lt rule gt lt rulenum 8 gt lt ruleld gt 38 lt ruleld gt lt rule Alias gt GeoLocationCheck lt ruleAlias gt lt ruleDescription gt Geo Location Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt GeoLocation difference Bill Address and IP GeoLocation difference Ship Address and IP lt triggeredMessage gt lt rule gt lt rulenum 9 gt lt ruleld gt 8 lt ruleld gt lt ruleAlias gt NonUS IPAddress lt ruleAlias gt lt ruleDescrip tion gt International IP Address lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The IP address Fraud Protection Services User s Guide 59 Screening Transactions Using the Payflow SDK Response Strings for Transactions that Trigger Filters is from CZ lt triggeredMessage gt lt rule gt lt rulenum 10 gt lt ruleld gt 41 lt ruleld gt lt ruleAlias gt Hig hRiskFreightCheck lt ruleAlias gt lt ruleDescription gt Freight Forwarder Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt High riskg freight forwarder lt triggeredMessage gt lt rule gt Remove text completely lt triggeredRules gt amp POSTFPSMSG Review More than one rule w
122. ransactions that triggered each filter during a specified time period 22 Payflow Link Fraud Protection Services User s Guide Assessing Transactions that Triggered Filters ES Fine tuning Filter Settings Using the Filter Scorecard This information is especially helpful in fine tuning your risk assessment workflow For example if you find that you are reviewing too many transactions then use the Filter Scorecard to determine which filters are most active You can reduce your review burden by relaxing the settings on those filters for example by setting a higher amount for the Purchase Price Ceiling filter 1 Click Reports gt Filter Scorecard The Filter Scorecard Report page appears FIGURE 4 2 Filter Scorecard Report page Filter Scorecard Report Filter Scorecard displays the number of times that each filter was triggered and the percentage of all transactions that triggered each filter during a specified time period Report Options Save Template As ate Only alphanumeric characters are allowec Date Range Custom From 06 v 26 v 2006 v To 06 4126 ef 2006 e ERE Time Zone U S Pacific Transaction Mode Download Report O Format Save Template 2 Specify the date range of the transactions to review 3 In the Transaction Mode field specify transactions screened by the live or the test servers 4 Click Run Report The Filter Scorecard Report page displays the number of times that each filter
123. ransactions that were screened by filters regardless of filter action or whether any filter was triggered 4 Specify the Transaction Mode and click Run Report The Fraud Transactions Report page displays all transactions that meet your search criteria 20 Payflow Link Fraud Protection Services User s Guide Assessing Transactions that Triggered Filters Reviewing Suspicious Transactions Note If filters are deployed in Observe mode then all transactions have been submitted for processing and are ready to settle Transactions are marked with the action that the filter would have taken had the filters been deployed in Active mode The following information appears in the report TABLE 4 2 Transactions Report field descriptions Heading Report Type Date Time Zone Transaction Mode Transaction ID Transaction Time Transaction Type Card Type Amount Description The type of report created Date and time range within which the transactions in this report were run Time zone represented in this report Test Observe or Active Unique transaction identifier Click this value to view the Transaction Detail page Time and date that the transaction occurred The transaction status that resulted from filter action as described in Table 4 1 MasterCard or Visa Amount of the transaction The following transaction status values can appear in the report TABLE 4 3 Transaction status valu
124. reen for this transaction to see if it has settled The Batch field is set to a number greater than zero if the transaction has been settled If the transaction has already settled your only recourse is a reversal credit a payment or submit a payment for a credit Time out waiting for host response Referenced auth against order Error Capture error Either an attempt to capture a transaction that is not an authorization transaction type or an attempt to capture an authorization transaction that has already been captured Failed AVS check Address and ZIP code do not match An authorization may still exist on the cardholder s account Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests e RESULT Codes and RESPMSG Values TABLE 8 2 Payflow transaction RESULT values and RESPMSG text Continued RESULT RESPMSG and Explanation 113 Merchant sale total will exceed the sales cap with current transaction ACH transactions only 114 Card Security Code CSC Mismatch An authorization may still exist on the cardholder s account 115 System busy try again later 116 VPS Internal error Failed to lock terminal number 117 Failed merchant rule check One or more of the following three failures occurred An attempt was made to submit a transaction that failed to meet the security settings specified on the PayPal Manager Security Settings page If the transaction exceeded the Maximum Amount secur
125. resses The USPS updates the database continually Fraud Protection Services User s Guide 87 88 Fraud Filter Reference High risk Address Filters The specified action is taken whenever the address cannot be validated it does not exist or is incorrect in some way NoTE The filter does not validate that the person named in the transaction data lives at that address or even that the address is currently occupied only that the address exists in the database How does the filter protect me To trick a merchant s filters fraudsters sometimes deliberately misspell or make up street names This enables the fraudster to spoof AVS geo location and high risk address filters You can identify this basic form of spoofing by using the USPS Address Validation filter to determine whether an address really exists NOTE One useful side effect of the filter is that mis keyed addresses of legitimate customers can be identified before shipping IP Address Match Filter What does the filter do This filter screens the IP address from which a transaction originates against a list of high risk IP addresses An IP Internet protocol address is a unique identifier for a computer on a TCP IP network that can identify a particular network and a particular computer on that network NoTE IP Addresses are not always fixed like the addresses to physical buildings Some computers get a new IP address each time they connect to a network The most gen
126. riggers when the distance between the IP address and the address that you provided is greater than 100 miles Note Gift purchases shipped far from the billing address will trigger the filter Every effort has been made to ensure that IP address mapping is accurate and up to date Given the nature of the Internet s architecture however some Internet Service Providers use data centers far from the customers being serviced In addition as described in the IP Address Risk List Match filter IP addresses can change dynamically For these reasons treat this filter as an indicator of suspicious activity not as a definitive result How does the filter protect me Comparing the geographical location associated with the IP address to the submitted shipping and billing information can be an effective method for identifying identity spoofing Fraudsters often pretend to live in a location but live and shop from another Fraud Protection Services User s Guide 89 OA Fraud Filter Reference High risk Customer Filters All three elements should match one realistic customer profile For example a customer with a billing address in New York would typically shop from a computer in New York and request delivery to a New York address While there may be some minor inconsistencies in the overall profile it should generally fit together Remember however that gift purchases sent to another part of the country will not fit this profile Note You sh
127. rity lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter um 1 gt lt name gt Value lt name gt lt value ype String gt Full lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt rule um 2 gt lt ruleId gt 23 lt ruleId gt lt ruleAlias gt CSCFailure lt ruleAlias gt lt ruleDescriptio gt CSC Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt CSC heck failed returned X lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter um 1 gt lt name gt Value lt name gt lt value type String gt Full lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt trigge redRules gt HP OQeB 8 gS hm ee Accepting or Rejecting Transactions That Trigger Filters You can submit a transaction request that either accepts or rejects a transaction that triggered a filter Result code 126 This is the functional equivalent of the operations discussed in Acting on Transactions that Triggered Filters on page 21 e Accept Submit the transaction for normal processing e Reject Do not submit the transaction for processing See Rejecting Transactions on page 23 Nore You must contact Customer Service to enable this feature Telephone 1 888 883 9770 E mail payflow support paypal com To accept or reject a transaction include the following values in the transaction request e TRXTYPE U e ORIGID lt PNREF returned for
128. rwarder Risk List Match Filter 0 0 o 87 USPS Address Validation Failure Filter 0 0 lt lt 87 IP Address Match Filter 2 o o 88 Email Service Provider Risk List Match Filter 88 Geo location Failure Filter a a aaa a e eo 89 IP Address Velocity Filter 0 o a 90 High risk Customer Filters 0 e o 90 Bad Lists ai is ar Noe A ee te a ew Bw ee ee ee 90 International Order Filters 2 aoaaa a a 91 Country Risk List Match Filter 2 2 ee 91 International Shipping Billing Address Filter 91 International IP Address Filter oa a e 92 International AVS Filter e 92 Accept Filters smod d gi la RR A A a da 93 Good LiStS 2s ee we aa daa a a a aa A 93 Total Purchase Price Floor Filter 0 2 022000 eee eee 94 Custom Filters 4 sesos sa a edb a a eR ed ee d 94 Appendix B Testing the Transaction Security Filters 95 Good and Bad Lists 02 000 0 ee 95 AVS Failure Filter oa ee oem 0 ee 96 BIN Risk List Match Filter 00000 pee ee 96 Country Risk List Match Filter 0 a 97 Email Service Provider Risk List Match Filler 2 98 Freight Forwarder Risk List Match Filter 0 a 98 Geo location Failure Filter 0
129. s Through the Live Transaction Security Servers Using Active Mode Phase 3 Run All Transactions Through the Live Transaction Security Servers Using Active Mode Once you have configured all filters to optimum settings you convert to Active mode Filters on the live servers examine each live transaction and take the specified action 7 Click Move Test Filter Settings to Live On the page that appears click Move Test Filter Settings to Live again 8 On the Move Test Filter Settings to Live page click Deploy to Active Mode At the top of the next hour all live transactions will be inspected by the filters 9 Use the instructions in Chapter 4 Assessing Transactions that Triggered Filters to detect and fight fraud IMPORTANT Remember that you can make changes to fine tune filter settings at any time After changing a setting you must re deploy the filters so that the changes take effect 18 Fraud Protection Services User s Guide Assessing Transactions that Triggered Filters As part of the task of minimizing the risk of fraud you review each transaction that triggered a filter You decide based on the transaction s risk profile whether to accept or reject the transaction This chapter describes how to review transactions that triggered filters and provides guidance on deciding on risk Note The Fraud Protection Services package Basic or Advanced to which you subscribe determines the number of filters that
130. s who can provide the street number and ZIP code on file with the issuing bank are more likely to be the actual account holder How does the filter protect me AVS matches however are not a guarantee Use card security code and Buyer Authentication in addition to AVS to increase your certainty Card Security Code Failure Filter What does the filter do The card security code is a 3 or 4 digit number not part of the credit card number that appears on credit card Because the card security code appears only on the card and not on receipts or statements the card security code provides some assurance that the physical card is in the possession of the buyer IMPORTANT The Card Security Code Failure filter performs the action after the transaction is processed This means that if set to reject the filter rejects the transaction after the transaction is authorized by the processor To charge the customer for such a transaction you must resubmit the transaction data About the Card Security Code The card security code is printed on the back of most cards usually in the signature field All or part of the card number appears before the card security code 567 in the example For American Express the 4 digit number 1122 in the example is printed on the front of the card above and to the right of the embossed account number Be sure to explain this to your customers Authorized Signature 2232557 The card security code check c
131. saction data or was badly formatted In special cases all filters appear here See Re running Transactions That Were Not Screened on page 24 3 Specify the action to take on the transaction Review Take no action You can return to this page at any time or reject or accept the transaction The transaction remains unsettleable Reject Do not submit the transaction for processing See Rejecting Transactions on page 22 Accept Submit the transaction for normal processing 4 You can enter notes regarding the disposition of the transaction or the reasons for taking a particular action Do not use the amp lt gt or characters 5 Click Submit to save the notes apply the action and move to the next transaction Norte You can also view the Fraud Details page for transactions that were rejected or accepted While you cannot change the status of such transactions the page provides insight into filter performance Rejecting Transactions If you decide to reject a transaction you should notify the customer that you could not fulfill the order Do not be explicit in describing the difficulty with the transaction because this provides clues for performing successful fraudulent transactions in the future Rejected transactions are never settled Fine tuning Filter Settings Using the Filter Scorecard The Filter Scorecard displays the number of times that each filter was triggered and the percentage of all t
132. screen your transactions Basic subscribers have access to a subset of the filters discussed in this chapter Advanced subscribers have full access See Filters Included with the Fraud Protection Services on page 83 for complete lists of Basic and Advanced filters In This Chapter e Reviewing Suspicious Transactions on page 19 e Fine tuning Filter Settings Using the Filter Scorecard on page 22 e Re running Transactions That Were Not Screened on page 24 Reviewing Suspicious Transactions Transactions that trigger filters might or might not represent attempted fraud It is your responsibility to analyze the transaction data and then to decide whether to accept or reject the transaction Accepting a transaction requires no further action To reject a transaction a separate void of the transaction is required The first step in reviewing filtered transactions is to list the transactions 1 Click Reports gt Fraud Protection gt Fraud Transactions The Fraud Transactions Report page appears Payflow Link Fraud Protection Services User s Guide 19 Assessing Transactions that Triggered Filters Reviewing Suspicious Transactions FIGURE 4 1 Fraud Transactions Report page Fraud Transactions Report Fraud Protection report enables you to generate a list of transactions that occurred during the date range that you specify You can specify transactions that the filters rejected accepted or set aside for review A
133. sit e http usa visa com business accepting visa ops_risk_management vbv_marketing support html or e http www securecodemerchant com Enrolling for the Buyer Authentication Service To enroll for the Buyer Authentication Service click the Buyer Authentication banner on the PayPal Manager main page Follow the on screen instructions to determine whether both your processor and your acquiring bank support the Buyer Authentication service If they both support the service then you can follow the on screen instructions to enroll Downloading the Payflow Including APIs and API Documentation The Payflow software development kit SDK is available from the PayPal Manager Downloads page as a NET or Java library or you can build your own API by posting directly to the Payflow servers via HTTPS Fraud Protection Services User s Guide 25 Activating and Configuring the Buyer Authentication Service Configuring Buyer Authentication IMPORTANT Full API documentation is included with each SDK Configuring Buyer Authentication To enable Buyer Authentication processing on your site you will need to construct two transaction requests messages and construct a frameset You can accomplish the tasks in a few hours In the standard Payflow Pro implementation when the customer submits a purchase request your website sends a single Sale transaction request with all purchase details message with tra
134. t ruleDesc ription gt BIN Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The card number is in a high risk bin list lt triggeredMessage gt lt rule gt lt rul num 5 gt lt ruleld gt 37 lt ruleld gt lt ruleAlias gt HighRiskZIPCheck lt ruleAlias gt lt ruleDesc ription gt Zip Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt High risk shipping zip lt triggeredMessage gt lt rule gt lt rule num 6 gt lt ruleld gt 16 lt ruleld gt lt ruleAlias gt BillUSPostalAddressCheck lt ruleAlias gt lt ruleDescription gt USPS Address Validation Failure lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The billing address is not a valid US Address lt triggeredMessage gt lt rulevendorparms gt lt ruleParameter num 1 gt lt name gt AddressToVerify lt name gt lt value type String gt bill lt value gt lt ruleParameter gt lt rulevendorparms gt lt rule gt lt rule num 7 gt lt ruleld gt 10 lt ruleld gt lt ruleAlias gt HighRiskEmailCheck lt ruleAlias gt lt ruleDe scription gt Email Service Provider Risk List Match lt ruleDescription gt lt action gt R lt action gt lt triggeredMessage gt The email address fraud asiamail com in billEmail was found in a high risk email provider list lt triggeredMessage gt lt rule gt lt rule num 8 gt lt ruleld gt 38 lt ruleld gt lt ruleAlias gt GeoLocationCheck lt ruleAlias gt lt ruleDes
135. t you enter in the test Product Watch List are not carried over to the configuration for the live servers so do not spend time entering a complete list for the test configuration How does the filter protect me Some products are attractive to fraudsters especially popular products with high resale value like computers or televisions The Product Watch List filter gives you the opportunity to review transactions involving such products to ensure that the order is legitimate High risk Payment Filters High risk Payment Filters identify transactions that show billing shipping discrepancies or an indication that someone other than the legitimate account holder is initiating the transaction AVS Failure Filter What does the filter do This filter compares the street number and the ZIP code submitted by the customer against the data on file with the issuer The AVS response is composed of a Y N or X value for the customer s street address and a Y N or X value for the ZIP code For example the response for a correct street number and an incorrect ZIP code is YN Fraud Protection Services User s Guide 81 Fraud Filter Reference High risk Payment Filters If AVS information is not submitted with the transaction then the response is NN TABLE A 1 AVS responses Result Meaning Y The submitted information matches information on file with the account holder s bank N The submitted information does not match information on fi
136. tch In other cases the transaction may be approved despite a mismatch The response message returned with the transaction result Exact wording varies Sometimes a colon appears after the initial RESPMSG followed by more detailed information Response messages are described in RESULT Codes and RESPMSG Values on page 68 Unique transaction ID of the payment If the TRXTYPE of the request is A then you will need the value of PPREF for use with Authorization and Delayed Capture transactions Returned for Sale Authorization and Voice Authorization transactions AUTHCODE is the approval code obtained over the phone from the processing network AUTHCODE is required when submitting a Force F transaction AVS address responses are for advice only This process does not affect the outcome of the authorization Type Length Alpha 12 numeric Numeric Variable Alpha 1 Y N X or no response Alpha Variable numeric string 17 Alpha 6 numeric Alpha 1 Y N X or no response 66 Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests c PNREF Value TABLE 8 1 Transaction response values Continued Field Description Type Length AVSZIP AVS ZIP code responses are for advice only This Alpha 1 process does not affect the outcome of the Y N X or authorization no response IAVS International AVS address responses are for advice Alpha 1 only This value does not affect
137. te 109 Unable to do logging 111 The following error occurred while initializing from message file lt Details of the error message gt 113 Unable to round and truncate the currency value simultaneously Fraud Protection Services User s Guide 75 Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values 76 Fraud Protection Services User s Guide Fraud Filter Reference This appendix describes the filters that make up part of the Fraud Protection Services Filters analyze transactions and act on those that show evidence of potential fraudulent activity Filters can set such transactions aside for your review or reject them outright depending on settings that you specify Filters are grouped to help you to assess the risk types and to take action accept reject or continue in the review state In This Appendix e Filters Included with the Fraud Protection Services on page 77 e About the Fraud Risk Lists on page 78 e Filters Applied After Processing on page 79 e Unusual Order Filters on page 79 e High risk Payment Filters on page 81 e High risk Address Filters on page 86 e High risk Customer Filters on page 90 e International Order Filters on page 91 e Accept Filters on page 93 e Custom Filters on page 94 Filters Included with the Fraud Protection Services Fraud Protection Services offers Basic and Advanced options The filters
138. ter being flagged for review by filters 131 Version Payflow client no longer supported Upgrade to the most recent version of the Payflow client Changing the Verbosity Setting Setting the default verbosity level for all transactions Contact Customer Service to set your account s verbosity setting to LOW or MEDIUM for all transaction requests Setting the verbosity level on a per transaction basis To specify a setting for verbosity that differs from your account s current setting include the VERBOSITY lt value gt name value pair in the transaction request where lt value gt is LOW or MEDIUM Note In the examples below the lt action gt tag value is the state to which the transaction has been set Values are R Review J Reject A Accept Example Response for an Authentication Transaction With Verbosity Low RESULT 12 6 amp PNREF VFHA28 926593 amp RESPMSG Under review by Fraud Service amp AUTHCODE 041 PNI amp AVSADDR Y amp AVSZI P N amp CVV2MATCH X amp HOSTCODE A amp PROCAVS A amp PROCCVV2 X amp IAVS N amp PREFPSMSG Review More than one rule was triggered for Review amp POSTFPSMSG Review More than one rule was triggered for Review Example Response for an Authentication Transaction With Verbosity Medium RESULT 126 0 amp PNREF VFHA28926593 amp RESPMSG Under review by Fraud Service Approved AUTHCODE 041PNT8AVSADDR Y8AVSZIP N8CVV2MATCH X8HOSTCOD amp PROCAVS
139. terCard Card Enrolled WORLD E F 1 Y Validation Failed Fraud Protection Services User s Guide 45 46 Performing Buyer Authentication Transactions Using the SDK ECI Values RESULT Values for Transaction Declines or Errors A RESULT value greater than zero indicates a decline or error For this type of error a RESPMSG name value pair is included The exact wording of the RESPMSG may vary Sometimes a colon appears after the initial RESPMSG followed by more detailed information TABLE 6 9 Buyer Authentication transaction decline or error RESULT values RESULT 1001 1002 1003 1004 1011 1012 1013 1014 1021 1022 1023 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 RESPMSG Explanation Buyer Authentication Service unavailable Buyer Authentication Service Transaction timeout Buyer Authentication Service Invalid client version Buyer Authentication Service Invalid timeout value Buyer Authentication Service unavailable Buyer Authentication Service unavailable Buyer Authentication Service unavailable Buyer Authentication Service Merchant is not enrolled for Buyer Authentication Service 3 D Secure To enroll log in to PayPal Manager click Security and then click the Buyer Authentication Service banner on the page Buyer Authentication Service Invalid card type Buyer Authentication Service Invalid or missing currency code Buyer Authentication Service Merchant status
140. that an abnormal shopping pattern on the part of a loyal customer for example making a purchase while on vacation overseas does not trigger a filter and delay the transaction Total Purchase Price Floor Filter What does the filter do This filter screens the total amount of a transaction including tax shipping and handling fees If a transaction amount is below the price set for this filter then the transaction is accepted and no other filters are applied How does the filter protect me Merchants with an especially high transaction volume can use this filter to reduce the number of transactions that their staff must review transactions below the specified price level are accepted without further analysis Custom Filters You create Custom filters by combining up to five existing filters A well designed Custom filter can more accurately identify suspicious transactions because it is fine tuned to the unique needs of your business for example you can specify a particular combination of amount buyer location and shipping location For this reason fewer legitimate transactions are unnecessarily held for review For example a Custom filter that triggers only when both the Card Security Code Failure and AVS Failure filters trigger will set aside transactions that are quite suspicious Norte You can create a combined maximum test plus live of 15 Custom Filters For example if you currently have 5 test Custom Filters and 10
141. the Payflow SDK Buyer Authentication Testing Procedures Example PARES Value PARES 3648 eJzdWFmTokoW isdPW9T0c3iUnLDNiKTXQUrWYU3N11EUUBAfv0kW11191TPXeb hTowRBpmHkyfPfr5gbiR1FHF6FFzZKaDFXoqry4uhTGn77PAvH4SOKp1MvmEbTnYcf4efF AVOUX Vj2HD7X3WCzskU0s1kGr9sorJKi OC kp pebE9y2RF3F6xNLLIPGO9IWLuBWcoqwtq M2J1938E JUydyfe6Pf9InHg 93IZVhXWtEvDxeliY9 gqorB3DXniHNyDa 0Ue3C zYmBYx56dbSgSXJEOtT4 zX bTT6jSTnx10 Pw3iwKG4YNkUO0 mxCN1jn1SRsfgupiN8ZG33TzqTsUxwhz0nHhbz4135U7 ecfHPh9 dnIE6N7aLeZ0eP1TqRp9XtVdfqoUzJ15X88BrmsXGWOZKb6UbLkk3Rp4rGUycg7VXRB Mbe20ZROG6ILEVw N2CuRxUaZl1c1h0d553wpwYVCFu4VzM9TO 4svK6FN3y1 Vt89JXZ79 14i2b b 2069FGRNYYZIgGOI zhFUa Pz VOQUysdd8ae0sd6xOKaB1 6e9V P8UKI 6KcJPb7p 9TJMbOBkKkU ofHsFyzqsSOCNj 18GCjmiJlgm8bHOB8v yC0 K1tW3pcq8ajhgp8ELeZatluGjIg mZr87 M Pag HLo23qv4rN3 9VHCd3m11 ixXnnMLvLK1xrgXx85qoZEVIv5Vbsbtn yDkn31R9teMetAfn3B kTb1P2hSte6ujJX13GRiaJhCppimMZvc YnMYsW9ZpOtFhxant685Lbj3r6JrLqDzbZz KU5PVsz 9vect34eig5170qyYSZkfR24qSyj6AHLitlDaoqInxXnFFdnaa LPZ1fUBNTe4b2400V1xUSiL4p Srk03BfumpbnNOcz 6MC1W7iFVLofHgLyauUqut6t2k5IhvNq77 7SL34WBbXq4eJi1W8gPKTHtKp ry IKOfEZx 0IG5VlusPJhJuElsviNmNZGKcxaGUIYnmlA93XweuvByaM9 dkn4pmSOKATAFWLD wa FEhTZHVz 6 Tu yMO8UugO0U4wUiskqkl1w0E7 Qagcmql192706tHkZ21gggqWhY5nIWOyLdLy z5t QL2 TgBMnoUKa5Bxx 93uVC0 IAgPugdw ak208Z4C4ztfomilFq6umF8cu43R x00d24D1 Wx10F7L XVWSRzw77 TF4M133eTbewY6tJoHI 6WVKkkBVOKXFXFf8pFOOXe0bDf1Ty4C3aE4rgJsdHN9ISOBU pLDPvO2mZhCJzVWRxpwDy0T D7wAYi rgvxStYIw45SuU7TsRxOKxqle552p8ZPqC0j P
142. the outcome of the Y N X or transaction no response Indicates whether AVS response is international Y US N or cannot be determined X Client version 3 06 or later is required PNREF Value The PNRFF is a unique transaction identification number issued by the server that identifies the transaction for billing reporting and transaction data purposes The PNREF value appears in the Transaction ID column in PayPal Manager reports e The PNREF value is used as the ORIGID value original transaction ID in delayed capture transactions TRXTYPE D credits TRXTYPE C inquiries TRXTYPE I and voids TRXTYPE V e The PNREF value is used as the ORIGID value original transaction ID value in reference transactions for authorization TRXTYPE A and Sale TRXTYPE S Norte The PNREF is also referred to as the Transaction ID in Payflow Link documentation PNREF Format The PNREF is a 12 character string of printable characters for example e EFHP0D426838 e ACRAF23DB3C4 Note Printable characters also include symbols other than letters and numbers such as the question mark A PNREF typically contains letters and numbers only The PNREF in a transaction response tells you that your transaction is connecting to the server Historically the contents of a PNREF indicated a test or a live transaction However this is not always the case and as a rule you should not place any meaning on the contents of a PNREF Fra
143. then HTTP POSTs the signed PARES and the unchanged value of the MD to the TermUrl that you specified Fraud Protection Services User s Guide Performing Buyer Authentication Transactions Using the SDK CEN Detailed Buyer Authentication Transaction Flow Please authenticate this customer Issuer s ACS server providing 3 D Secure Service HTTP method POST PaReq J84H To4vv6K TermUrl http merchantpage com MD lt state info gt POST and Redirect N ACS Username nn Password Password Redirect Customer Client Browser HTTP method POST PaRes Qi84 nFWpx2M93 MD lt echoed state info gt Yes the customer is the valid cardholder and here s the digitally signed Payer Authentication Response PaRes data Example ACS Redirect Code The following example HTML page redirects a customer to an ACS URL with a PAREQ and returns the URL for receiving the PARES Customize tags marked with with your information lt HTML gt lt head gt lt title gt Authentication Body lt title gt lt SCRIPT LANGUAGE Javascript gt function OnLoadEvent document downloadForm submit lt SCRIPT gt lt head gt lt body bgcolor BACKCOLOR background SBACKGROUND onload OnLoadEvent gt lt form name downloadForm action acsUrl method POST gt lt noscript gt lt br gt lt br gt lt center gt lt hl gt Processing your 3 D Sec
144. tn a 113 Example Return Values o 115 Appendix D Deactivating Fraud Protection Services 117 INOX cu ico a ts a we a a aa a a 1109 Content Preface This document describes Fraud Protection Services and explains how you can use the Payflow SDK to perform transactions that will be screened by Fraud Protection Services filters For details on how to configure and use Fraud Protection Services and to generate Buyer Authentication reports through PayPal Manager see PayPal Manager online help Intended Audience This document is intended for Payflow Pro merchants who subscribe to any Fraud Protection Services options Document Conventions This document uses the term fraudster to represent an entity typically a person attempting fraudulent activity Document Organization e Chapter 1 Overview presents the Fraud Protection Services suite e Chapter 2 How Fraud Protection Services Protect You describes the security tools that make up the Fraud Protection Services e Chapter 3 Configuring the Fraud Protection Services Filters describes how to configure Fraud Protection Services e Chapter 4 Assessing Transactions that Triggered Filters makes recommendations on how to set up and fine tune filters e Chapter 5 Activating and Configuring the Buyer Authentication Service describes activating and configuring the Buyer Authentication service e Chapt
145. to Live page prompts whether to deploy the filters in Observe modeor in Active mode Click Deploy to Observe Mode Once you deploy the filters all transactions are sent to the live servers for screening by the live filters In Observe mode each transaction is marked with the filter action that would have occurred Review Reject or Accept had you set the filters to Active mode This enables you to monitor without disturbing the flow of transactions how actual customer transactions would have been affected by active filters IMPORTANT Deployed filter setting changes are updated hourly roughly on the hour This means that you might have to wait up to an hour for your changes to take effect This waiting period only occurs when you move from one mode to the next 4 Perform testing of the filters Follow the procedures outlined in Appendix B Testing the Transaction Security Filters 5 Review the filter results by following the instructions in Chapter 4 Assessing Transactions that Triggered Filters The Filter Scorecard described on page 22 will be particularly helpful in isolating filter performance that you should monitor closely and in ensuring that a filter setting is not set so strictly so as to disrupt normal business 6 Once you are happy with your filter settings you can move to Phase 3 Fraud Protection Services User s Guide 17 Configuring the Fraud Protection Services Filters Phase 3 Run All Transaction
146. to disable it Select the filter action that should take place when the filter is triggered For some filters you set a trigger value For example the Total Purchase Price Ceiling filter trigger value is the transaction amount that causes the filter to set a transaction aside Note To make decisions about how the filters work see Appendix B Fraud Filter Reference Note If you have not enrolled for the Buyer Authentication Service then the Buyer Authentication Failure filter is grayed out and you cannot configure it Items that you enter in the Test Good Bad or Product Watch lists are not carried over to your configuration for the live servers so do not spend time entering a complete list for the test configuration For details on the Good Bad or Product Watch list filters see Appendix B Fraud Filter Reference Once you complete editing the page click Deploy IMPORTANT f you do not deploy the filters then your settings are not saved All filters are now configured and you can begin testing the settings by running test transactions Follow the guidelines outlined in Appendix B Testing the Transaction Security Filters To run test transactions you can use PayPal Manager s Virtual Terminal See PayPal Manager for online help instructions Review the filter results by following the instructions in Chapter 4 Assessing Transactions that Triggered Filters Based on your results you
147. ud Protection Services User s Guide 67 az Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values RESULT Codes and RESPMSG Values RESULT is the first value returned in the server response string The value of the RESULT parameter indicates the overall status of the transaction attempt e A value of 0 zero indicates that no errors occurred and the transaction was approved e A value less than zero indicates that a communication error occurred In this case no transaction is attempted e A value greater than zero indicates a decline or error The response message RESPMSG provides a brief description for decline or error results RESULT Values for Transaction Declines or Errors For non zero Results the response string includes a RESPMSG name value pair The exact wording of the RESPMSG shown in bold may vary Sometimes a colon appears after the initial RESPMSG followed by more detailed information TABLE 8 2 Payflow transaction RESULT values and RESPMSG text RESULT RESPMSG and Explanation 0 Approved NOTE PayPal processor Warning information may be returned that may be useful to the request applicaton See the PayPal API documentation on the PayPal website for information on corrective actions 1 User authentication failed Error is caused by one or more of the following e Login information is incorrect Verify that USER VENDOR PARTNER and PASSWORD have been entered correctly VENDOR is
148. ues on page 40 Standard Payflow Pro response values are described in Payflow Pro Developer 5 Guide XMLPay client support for Buyer Authentication is described in Payflow Pro XMLPay Developer s Guide For information on how to view Buyer Authentication reports in PayPal Manager see PayPal Manager online help Testing the Buyer Authentication Service Information on testing Buyer Authentication Service transactions appears in Appendix C Testing Buyer Authentication Transactions Using the Payflow SDK In This Chapter e Buyer Authentication Transaction Overview on page 31 e Buyer Authentication Terminology on page 32 e Buyer Authentication Server URLs on page 33 e Detailed Buyer Authentication Transaction Flow on page 33 e Example Buyer Authentication Transactions on page 37 e Buyer Authentication Transaction Parameters and Return Values on page 40 e ECI Values on page 45 e Logging Transaction Information on page 47 Buyer Authentication Transaction Overview To implement Buyer Authentication you use the Payflow SDK to write software that 1 Receives the customer s account number and determines whether it is enrolled in the Verified by Visa or MasterCard SecureCode buyer authentication program 2 If the cardholder is enrolled then your program redirects the customer to the issuing bank s buyer authentication page The customer submits their username and passwor
149. ufficient user permissions 29 Invalid XML document This could be caused by an unrecognized XML tag or a bad XML format that cannot be parsed by the system 30 Duplicate transaction Fraud Protection Services User s Guide 69 70 Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values TABLE 8 2 Payflow transaction RESULT values and RESPMSG text Continued RESULT 31 32 33 34 35 36 37 50 51 99 100 101 102 103 104 105 106 107 108 109 110 111 112 RESPMSG and Explanation Error in adding the recurring profile Error in modifying the recurring profile Error in canceling the recurring profile Error in forcing the recurring profile Error in reactivating the recurring profile OLTP Transaction failed Invalid recurring profile ID Insufficient funds available in account Exceeds per transaction limit General error See RESPMSG Transaction type not supported by host Time out value too small Processor not available Error reading response from host Timeout waiting for processor response Try your transaction again Credit error Make sure you have not already credited this transaction or that this transaction ID is for a creditable transaction For example you cannot credit an authorization Host not available Duplicate suppression time out Void error See RESPMSG Make sure the transaction ID entered has not already been voided If not then look at the Transaction Detail sc
150. untReject amp VENDOR TESTCeilingAmountReject amp ZIP 11111 ZJ El T ET2 123 S IPTOSTREET Fraud Protection Services User s Guide 103 104 Testing the Transaction Security Filters Total Purchase Price Floor Filter Expected Response Message resp mesg Service amp PRI ERRO EFPSMSG Reject CeilingAmoun RESULT 125 amp PNREF VB0A25030756 amp RESPMSG Declined by Fraud R 13 11 4 result 125 TRXTYP Ei E A Total Purchase Price Floor Filter To test the Total Purchase Price Floor filter submit a transaction with an amount lower than the trigger amount USPS Address Validation Failure Filter TRXTYPE A8ACCT 510510510510510086AMT 8 1000 008BROWSERCOUNTRYCODE 2036BROWSERTIME 2 2002 12 12 12 amp BROWSERUSERAGENT BROWSERUSERAGENT amp CITY No City amp COMMENT1 Automated testing from AdminTester amp COUNTRY US amp COUNTRYCODE US amp CUSTIP 203 81 64 19 amp CUSTREF CUSTREF amp DESC DESC amp D 2 July 11 L CA111111 amp DOB CA123456 amp EMAIL 18 fraud asiamail com amp EXPDATE 1209 amp FIRSTNAM GHTAMT 1 11 amp LASTNAME Johnson amp L_COSTO 11 11 amp L DESCO L_DE ENAME Z
151. ure Transaction lt h1 gt lt h2 gt JavaScript is currently disabled or is not supported by your browser lt br gt lt h2 gt Fraud Protection Services User s Guide 35 6 Performing Buyer Authentication Transactions Using the SDK Detailed Buyer Authentication Transaction Flow lt h3 gt Click lt b gt Submit lt b gt to continue processing your 3 D Secure transaction lt h3 gt lt input type submit value Submit gt lt center gt lt noscript gt lt input type hidden name TermUrl value SredirectUrl gt lt input type hidden name MD value messageld gt lt input type hidden name PAREQ value SpaReq gt lt form gt lt body gt lt HTML gt Call 3 Validate the PARES authentication data returned by the ACS server Your application at TermUrl performs the Validate Authentication call for security reasons You validate that the PARES is the proper data from the Issuer by sending a request for validation of the digital signature on the PARES to the Buyer Authentication server Use TRXTYPE Z The server uses the Issuer s digital certificate to validate the signature and then returns the parsed authentication information from the PARES AUTHENTICATION STATUS Y means valid signature AUTHENTICATION ID CAVV cardholder authentication verification value XID and ECI Is the PaRes valid TRXTYPE Z tars PARES Qi84 nFWpx2M93 RESULT 0 AUTH_STATUS Y IR Yes the
152. ving a PARes response to a Validate Authentication transaction an error response was received Buyer Authentication Service 3 D Secure error response is invalid An error response is received and the response is not well formed for a Validate Authentication transaction Buyer Authentication Service Invalid card type Buyer Authentication Service Invalid or missing currency code Buyer Authentication Service merchant status for 3D secure is invalid Fraud Protection Services User s Guide Responses to Credit Card Transaction Requests RESULT Codes and RESPMSG Values TABLE 8 2 Payflow transaction RESULT values and RESPMSG text Continued RESULT 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 RESPMSG and Explanation Buyer Authentication Service Validate Authentication failed invalid PARES Buyer Authentication Service Validate Authentication failed invalid Buyer Authentication Service Validate Authentication failed successful Verify Enrollment Buyer Authentication Service Validate Authentication failed validation failed for PARES Buyer Authentication Service Validate Authentication failed invalid amount in PARES Buyer Authentication Service Validate Authentication failed invalid acquirer in PARES Buyer Authentication Service Validate Authentication failed invalid Merchant ID in PARES Buyer Authentication Service Va
153. was triggered and the percentage of all transactions that triggered each filter during the time span that you specified Ensuring Meaningful Data on the Filter Scorecard The Scorecard shows the total number of triggered transactions for the time period that you specify so if you had changed a filter setting during that period the Scorecard result for the filter might reflect transactions that triggered the filter at several different settings Say for example you changed the Total Purchase Price Ceiling on August 1 and again on August 7 You then run a Filter Scorecard for July 1 to August 31 Between July 1 to August Payflow Link Fraud Protection Services User s Guide 23 NA Assessing Transactions that Triggered Filters Re running Transactions That Were Not Screened 31 three different price ceiling settings caused the filter to trigger yet the Scorecard would not indicate this fact To ensure meaningful results in the Filter Scorecard specify a time period during which the filter settings did not change Re running Transactions That Were Not Screened Perform the following steps if you wish to re run a transaction that was not screened by filters transactions with Result Code 127 1 Navigate to Reports gt Fraud Protection gt Fraud Transaction Report The Fraud Transaction Report page appears 2 Select the appropriate time period for the search and select the Not Screened by Filters option for Transaction Typ
Download Pdf Manuals
Related Search