Prevent fraud

Our Fraud Detection solution gives you the power to control what happens to the payments you process. Each payment that has the risk field set to true using our Payments API will be assessed against the risk assessment rules you set in the Dashboard.

We've highlighted the features that are available only in the pro version. Contact your Account Manager for more information about our pro offer.

Every payment request has an authentication and authorization stage that verifies who is making the request, and whether the payment can be accepted. Use our Fraud Detection solution to control what happens before and after this stage. We call these decision points pre-auth and post-auth.

Your decisions are made using flows in the Dashboard. You have one for pre-auth and another for post-auth. Each flow gathers information about a transaction and directs it to a specific outcome. This is referred to as routing. We go into more detail when we explain how to use the solution.

The Dashboard shows the journey of all transactions that went through a risk assessment.

There are 6 steps in a payment lifecycle. Only steps 2 and 5 are configured by you, as the rest is determined by the card issuer, cardholder or Checkout.com.

Incoming transactions – all new transactions start as incoming transactions.
Pre-auth – the first decision point you determine when creating your risk strategy.
3DS outcome – the outcome of 3DS authentication, including scenarios where it hasn’t been applied.
Auth outcome – the outcome of the authorization request.
Post-auth - the second decision point you determine when creating your risk strategy.
Current status – the last known status of the transaction.

The data displayed on the Dashboard is updated every day at midnight (UTC). You can download a report that contains a transaction-by-transaction summary of data points, rules triggered, outcomes at each stage, and whether there were fraudulent transactions.

To download a report:

Sign in to the Dashboard.
Go to the Payments > Fraud > Performance section.
Select a date range.
Select Generate report.
Select Download.

If you or your customers identify a payment as fraudulent, you can flag it in the Dashboard. Checkout.com uses this information to improve our fraud detection, and reports relevant payments to the card schemes. This helps keep the payments system secure and reduce the likelihood of repeat fraud for these payments.

To flag a fraudulent payment:

Sign in to the Dashboard.
Go to Payments > All payments.
Search for the payment you want to flag and select it.
On the Payment details screen, select Flag as fraud.
To confirm the flag, select Flag as fraud.
If you further investigate a payment and find that it's genuine, select Remove fraud flag.

For more information, contact your Account Manager or [email protected].

Each stage in the payment lifecycle has several statuses associated with it.

Status	Description
Decline	The transaction has not been processed. It will not continue to 3DS authentication or authorization.
3DS Challenge	The customer's bank has been asked to challenge the customer, but they can choose not to.
3DS Frictionless	The customer's bank has been asked to authenticate the transaction without challenging the customer, but they can still choose to do so.
Accept	The most permissive decision, resulting in the lowest friction. Where possible, our routing engine will select the most appropriate exemption to bypass Strong Customer Authentication (SCA).
Skipped	Either risk assessment was not performed or could not be performed. As a result, the default decision of accept has been applied.

Status	Description
Rejected	3DS authentication failed due to a technical issue, invalid parameters (card doesn't support 3DS), or incorrect parameters.
No 3DS	3DS authentication was not attempted.
Failed	Customer failed to pass the 3DS challenge, or the access control server’s response was not valid.
Expired	3DS authentication was not completed in the given time, usually because the customer abandoned the process.
Authenticated	Customer passed the 3DS challenge. This status includes cases where the issuer decides not to challenge the customer at all.

Status	Description
Declined	The customer’s bank has declined the payment.
Authorized	The customer’s bank has authorized the payment.

Status	Description
Void	The transaction has been voided.
Flag	The transaction has been flagged for manual review. You will be able to review it in the Dashboard, so you can make a final decision (usually within 7 days).
Capture	The transaction has been captured.
Skipped	Either the risk assessment was not performed or could not be performed. As a result, the default decision of capture has been applied.

Status	Description
Voided	The payment has been voided. This is a final status.
Captured	The payment has been captured. If the payment later becomes subject to a fraud chargeback, the status will change to Fraud chargeback.
Pending manual review	The payment has been flagged for manual review. Once you’ve chosen to capture or void it, the status will be updated accordingly. If no decision is made within 7 days, the payment will be voided.
Fraud chargeback	The payment has been subject to a chargeback. Cardholders usually have up to 6 months to request a chargeback. This means that transactions previously marked as Captured can change status to Fraud chargeback any time within 6 months of the transaction taking place.

Prevent fraud

How it works

Fraud Detection in the Dashboard

Flag fraudulent payments

Statuses

Related topics

Understand Fraud Detection

Address Verification Service

Test your fraud risk strategy

Improve your Fraud Detection integration

Integrate with Risk SDK

Retrieve fraud reports