XP Cloud:Signifyd Fraud Protection

From X-Payments Help
Revision as of 11:13, 2 March 2020 by Dohtur (talk | contribs)
Jump to: navigation, search
X-Payments Cloud User Manual
  1. X-Payments Cloud: General information
  2. Get Started with X-Payments Cloud
  3. Two-factor User Authentication
  4. General Settings
  5. Payment Configurations
  6. Services
  7. Users
  8. User Interface
  9. Payments
  10. Supported Payment Gateways
  11. What's New in X-Payments Cloud


X-Payments Cloud provides an integration with Signinfyd, a popular fraud protection solution for e-commerce.

When a buyer places an order in a store connected to X-Payments Cloud with Signifyd protection enabled, the order information gets sent to Signifyd. Signifyd creates a case for the order within the Signifyd Console evaluating the respective payment transaction via its own proprietary algorithms. As a result of this evaluation, the transaction is assigned a certain score reflecting its level of safety/riskiness for the merchant. The merchant can set a specific score threshold level that will enable them to know that a transaction is safe and may be processed automatically. If a transaction is deemed risky (potentially fraudulent), it will be marked as requiring manual review by the merchant. The merchant can then investigate the order information in the Signifyd Console and make an informed decision as to whether they should accept or decline the respective payment transaction.

More information on Signifyd is available on the Signifyd website:

Setting up your Signifyd integration

To start using Signinfyd to score the payment transactions that take place in your store connected to X-Payments Cloud, complete the following steps:

  1. Contact Signifyd Sales team to apply for a Signifyd account.
  2. Log in to X-Payments Cloud.
  3. Go to the General settings page (Settings -> General) and specify that you are going to use Signifyd as your Antifraud service:
    1. Scroll down the page to the Services section.
    2. In that section, use the Antifraud service box to select "Signifyd - Guaranteed Fraud Protection".
      Xpc select signifyd.png
    3. Click Save at the bottom of the page to save your changes.
  4. Now if you look again at the Antifraud service setting on the same page, you will see that Sygnifyd has been selected as your Antifraud service, and the page now provides a link to configure it.
    Xpc signifyd selected.png
    Click on the Configure link to access the page for Signifyd configuration and adjust the Signifyd settings:
    Xp signifyd configure link.png
    The page for Signifyd configuration opens:
    Xpc signifyd settings page.png
  5. In a new browser tab or window, go to the Signifyd console at https://app.signifyd.com/
    Xp31 signifyd app login screen.png
    Make sure you have a team set up in your Signifyd account (See "How do I create a team"). Also make sure you have an API key generated for that team (See "How do I create an API key").
  6. On the page with Signifyd configuration settings in X-Payments Cloud, find a URL in the field marked "Enter the following URL in the Webhook Address field". The URL should look like https://<your_xpayments_domain>/callback.php. Copy this URL to clipboard, switch back to the browser tab or window where you have the Signifyd console open.
  7. Go to the Notifications page, scroll down to the Webhooks section.
  8. Use the Webhooks section to add some webhooks. To create a webhook, paste the URL you have copied into the Webhook Address field, then select the proper Team and Event Type values.
    Xp31 signifyd notifications webhooks.png
    You should create webhooks for each of the following event types:
    • Case Creation,
    • Case Rescore,
    • Case Review,
    • Guarantee Completion.
      As a result, the contents of your Webhooks section should look similar to the following:
      Xp31 signifyd notifications webhooks1.png
  9. Get the API key for your Signifyd team, go back to the browser tab or window with X-Payments and paste the API key into the API Key field on the page with your Signifyd configuration settings.
  10. If you want X-Payments to give you a warning when Signifyd score for a transaction is below a certain threshold, set the threshold value using the Warning score threshold setting on the Signifyd configuration settings page in X-Payments Cloud. Signifyd score is a value from 0 to 1000; 0 indicates the highest risk of fraud, 1000 indicates the lowest risk. For example, if you set the threshold to 600, and a transaction gets a score of 473, it will be deemed potentially fraudulent and flagged for manual review.
  11. Click Save to save your Signifyd configuration in X-Payments Cloud.
    Xpc signifyd settings page1.png
  12. Make sure the status of your Signifyd configuration in X-Payments Cloud is Enabled:
    Xpc signifyd enabled.png
  13. Go back to the tab or window with the Signifyd console and test the webhooks you have created. For each of the webhooks, click the Test button. Provided that X-Payments Cloud has been connected to your Signifyd account correctly, you should see the message "Event successfully posted" shown on the same line with the webhook you are testing:
    Xp31 signifyd event successfully posted.png

That is all. Signifyd is ready to use with X-Payments Cloud.

Using Signifyd to score transactions

Signifyd results in X-Payments Cloud

Once a payment transaction is scored by Signifyd, you will be able to view the results of the check conducted by Signifyd on the Payment details page created for this payment in your X-Payments Cloud admin panel. For example, here you can see the result of a passed check (with Signifyd Warning score threshold set to 300):
Xpc signifyd fraud check passed.png
And here is the result of a check through Signifyd for a similar order paid for using the same card, but with Signifyd Warning score threshold set to 600 (Manual review is required):
Xpc signifyd fraud check review required.png
You can view the detailed Signifyd check results for the transaction by following the link "Transaction details on the Signifyd web-site: <Signifyd Case ID>". You can also control the case financial guarantee by Signifyd using the button in the same section. See more info on case guarantee

Signifyd results in your online store

To view Signifyd results in your online store's admin panel, go to the section where you view order details. The result of checking by Signifyd will be available in the order details similarly to what you see in X-Payments Cloud. For example, in X-Cart 5 you can do it as follows:

  1. On the Orders > Orders list page, select the order and open its details for viewing.
  2. Scroll down the page till you see the box with the information on the card that was used to pay for the order and click on the 'View payment information' link.
    Xpc view order xc payment info signifyd.png
    The Signifyd result will be shown along with the rest of the information regarding the payment:
    Xpc view order xc payment signifyd info.png

In your online store, the result of checking by Signifyd for can be viewed in the section "Signifyd - Guaranteed Fraud Protection result" on the order details page:

Xp31 signifyd check result manual review.png

As you can see in the screenshot above, the transaction got a score of 413 from Signifyd (which is less than the threshold of 600 we have specified in our Signifyd configuration in X-Payments) and was marked as "Manual review required". You can find out more about how Signifyd scores transactions from this article:

By clicking on the Transaction ID link in this section you can access the details of the respective case on the Signifyd end where you can learn more about the transaction to decide whether it would be safe to accept it.

Xp31 signifyd manual review.png

If you scroll up the order details page in your X-Cart 5 store, you will find the section of the order details showing payment-related information.
In the case of a transaction flagged for manual review, this section will show a warning of potential fraud risk related with this transaction and will provide the buttons Accept and Decline so you can specify whether you want to accept it:

Xp31 signifyd accept decline.png

By clicking the "View payment information" link you will be able to access more information about the payment, including its Signifyd Case ID.

Xp31 signifyd payment info.png

For a transaction with a good Signifyd score, the section "Signifyd - Guaranteed Fraud Protection result" on the order details page will look similar to the following:

Xp31 signifyd check result passed.png

(The buttons Accept and Decline will not be provided either.)