Advance Fraud Detection Suite (AFDS) is a set of powerful, rules-based transaction filters and Internet Protocol (IP) address tools. It's designed to help online merchants identify, manage, and prevent costly fraudulent transactions.

AFDS includes multiple filters and tools that work together to evaluate transactions for indicators of fraud. Their combined logic provides a powerful and highly effective defense against fraudulent transactions.

In addition to the filters listed below, Authorize.net also offers a Daily Velocity Filter at no charge. The Daily Velocity Filter allows you to specify a threshold for the number of transactions allowed per day, a useful tactic to identify high-volume fraud attacks.

How to access and setup Advance Fraud Detection Suite?

• Log into the Merchant Interface.
• Click Fraud Detection Suite in the main left side menu.
• Click Setup Wizard.
• Follow every step in the Wizard, so your settings will be successfully applied.

You can navigate through the wizard using Save (to save the changes) or Back (to go back to a previous setting) buttons located at the bottom of the page. If you decide not to enable a certain filter or setting right away, simply click Skip›› at the bottom of the page. The only time settings are saved is when you click the Save button (regardless of whether you clicked the check box to enable the filter). You can click Exit at any time to leave the Wizard, or wait until the end to click Finish. Regardless of if you leave the Wizard early or not, any settings you save will stay saved

Advance Fraud Detection Suite Filters and Tools

• Card Testing Settings: These filters help protect your account from abuse by fraudsters who are testing credit cards, and let you identify high-volume fraud attacks.
  • Daily Velocity Filter: This filter allows you to specify a threshold for the number of transactions allowed per day. All transactions exceeding the threshold in that day will be flagged and processed according to the filter action.
  • Hourly Velocity Filter: This filter allows you to specify a threshold for the number of transactions allowed per hour. All transactions exceeding the threshold will be flagged and processed according to the filter action.
  • Suspicious Transaction Filter: This filter triggers on highly suspicious transactions using proprietary criteria identified by Authorize.net. All transactions that meet this criteria will be flagged and processed according to the filter action.
  • Transaction IP Velocity Filter: This filter allows you to specify the maximum number of transactions allowed from the same Internet protocol (IP) address per hour. All transactions that meet this criteria will be flagged and processed according to the filter action. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.
• Transaction Settings: These filters let you identify high risk transactions through Address Verification, Card Code Verification, and setting a maximum order amount.
  • Enhanced AVS Handling Filter: The Address Verification Service (AVS) is a standard feature of the payment gateway that compares the address submitted with an order to the address on file with the customer's credit card issuer. Merchants can then choose to reject or allow transactions based on the AVS response codes. AFDS includes an AVS filter that assists the decision process by allowing merchants the additional options of flagging AVS transactions for monitoring purposes, or holding them for manual review.
  • Enhanced CCV Handling Filter: Like AVS, Card Code Verification (CCV) is a standard feature of the payment gateway. CCV uses a card's three- or four-digit number to validate customer information on file with the credit card association. Like the AVS Filter, the CCV Filter allows merchants the additional options of flagging CCV transactions for monitoring purposes, or holding them for manual review.
  • Amount Filter: Set lower and upper transaction amount thresholds to restrict high-risk transactions often used to test the validity of credit card numbers. Transactions that are submitted with an amount less than your lower limit or greater than your upper limit will be flagged and processed according to the filter action selected. Be careful when setting an upper limit amount, as any combination of higher priced items may be purchased. You may want to search your transaction history for the highest transaction amounts you've processed in the past to determine an appropriate upper limit.
• E-Commerce Settings: These filters help prevent common e-commerce fraud scenarios by verifying and comparing billing addresses, shipping addresses, and IP address locations.
  • Shipping Address Verification Filter: Verifies that the shipping address received with an order is a valid postal address.
  • IP Shipping Address Mismatch Filter: Compare the shipping address provided with an order to the IP address of where the order originated from. This helps to determine whether or not the order is shipping to the country from which it originated. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.
  • Regional IP Address Filter: Flag orders coming from specific regions or countries. You can choose to customize the filter actions based on an entire geographic area, or select country by country how to process transactions flagged by the filter.
  • Shipping-Billing Mismatch Filter: Identify high-risk transactions with different shipping and billing addresses, potentially indicating purchases made using a stolen credit card. If the two addresses do not match, the transaction is flagged and processed according to the filter action selected. This filter does not consider extra white spaces (the space key) at the end of the address information and is not case sensitive when checking for a mismatch. You may want to keep in mind that address mismatches are common with gift transactions and do not always indicate suspicious transactions. In order to use this filter, you must require both shipping and billing address information on your website's payment form; otherwise the filter cannot compare information.
• IP Address Administration: These filters let you block specific customers’ IP addresses to prevent known sources of fraud. If you use our APIs, you may also specify which server IP addresses should be trusted by the payment gateway.
  • Authorized API IP Addresses: Configure a list of authorized server IP addresses from which API transactions will be accepted by the payment gateway. Any API transaction submitted from an IP address not included on this list will be rejected.
  • IP Address Blocking: IP Address Blocking allows you to block transactions submitted from IP addresses known to be the source of suspicious or fraudulent transactions. Advanced Integration Method (AIM) transactions must include the customer IP address (x_customer_ip) and user of Authorize.net API must include customerIP in order to use this tool.

Actions that can be performed on these filters

• Process as normal and report filter(s) triggered: When this action is selected, transactions that trigger this filter are processed as normal, but are also reported in the Merchant Interface as triggering this filter. This action is useful if you want to "test" your filter settings.
• Authorize and hold for review: When this action is selected, transactions that trigger this filter are sent for authorization, and upon successful authorization are placed in the Authorized/Pending Review state. Once in Authorized/Pending Review, you will have 30 days to manually review and either approve or void the transaction. If no action is taken in the 30-day period, the transaction will expire. This action is useful if you want to review authorized transactions prior to submitting for settlement.
• Do not authorize, but hold for review: When this action is selected, transactions that trigger this filter are placed in the Pending Review state prior to being sent for authorization. Once in Pending Review, you will have 5 days to manually review and either approve or decline the transaction. Once you approve the transaction, it is sent for authorization. If no action is taken in the 5-day period, the transaction will expire. This action is useful if you want to review transactions prior to authorization to avoid incurring any associated authorization fees.
• Decline the transaction: When this action is selected, transactions that trigger the filter will be declined automatically prior to authorization. This is the most severe action you can take for a transaction.

Note: In the event that a transaction triggers more than one filter, and each filter is configured with a different action, the most severe filter action will be applied to the transaction. For example, you might configure filter A to decline all triggered transactions, and filter B to authorize but hold all triggered transactions. If a transaction triggers both filters A and B, it will be declined rather than authorized and held for review.

Email Notifications

You can choose to receive AFDS e-mail notifications in the Merchant Interface:

1. Log into the Merchant Interface.
2. Click Fraud Detection Suite in the main left side menu.
3. Click Email Notification.
4. Check the boxes for the users to receive suspicious transaction notifications.
5. Click Save.

While these per-transaction notifications provide information regarding how suspicious transactions are handled, they should not be your sole source of information about transaction statuses.

For more details about our customizable solution to combat the most common types of online fraud, see our Advance Fraud Detection Suite White Paper.