X-Payments:Signifyd fraud protection and chargeback prevention

From X-Payments Help
Jump to: navigation, search
X-Payments user manual
  1. X-Payments:General information
  2. What's New
  3. System requirements
  4. Installation
  5. Two-factor user authentication
  6. Configuring X-Payments
  7. Managing users
  8. Customizing the interface
  9. Managing payments
  10. Unistalling X-Payments
  11. Upgrading
  12. Moving X-Payments from one host to another
  13. Viewing X-Payments logs
  14. FAQ
  15. Troubleshooting
  16. Glossary
  17. Supported payment gateways


X-Payments 3.1.0 and later provides an integration with Signinfyd, a popular fraud protection solution for E-Commerce.

When a buyer places an order in a store connected to X-Payments making a payment via a payment method protected by Signifyd, the order information gets sent to Signifyd. Signifyd creates a case for the order within the Signifyd Console evaluating the respective payment transaction via its own proprietary algorithms. As a result of this evaluation, the transaction is assigned a certain score reflecting its level of safety/riskiness for the merchant. The merchant can set a specific score threshold level that will enable them to know that a transaction is safe and may be processed automatically. If a transaction is deemed risky (potentially fraudulent), it will be marked as requiring manual review by the merchant. The merchant can then investigate the order information in the Signifyd Console and make an informed decision as to whether they should accept or decline the respective payment transaction.

More information on Signifyd is available on the Signifyd website:

Setting up your Signifyd integration

To start using Signinfyd to score the payment transactions that take place in your store connected to X-Payments, complete the following steps:

  1. Contact Signifyd Sales team to apply for a Signifyd account.
  2. Make sure you are using X-Payments 3.1.0 or later and your online store is connected to X-Payments using the X-Payments connector (i.e. the connector is installed and enabled, you have an online store and at least one payment configuration configured and enabled in X-Payments, and you have connected the online store to X-Payments by deploying the configuration bundle).
  3. Log in to X-Payments.
  4. Go to the details of the X-Payments payment configuration that you intend to use with Signifyd. This can be found under Settings > Payment configurations. You can use an existing payment configuration or add a new payment configuration. Should you decide to add a new payment configuration, you will have to re-import your X-Payments payment methods into your store. To add Signifyd to the payment configuration you require, you will need to update the payment configuration settings with "Signifyd - Guaranteed Fraud Protection" selected in the Antifraud service field by clicking the Save button.
    Xp31 signifyd option.png
  5. Once the payment configuration details have been updated, a Configure link for Signifyd will be displayed near the Antifraud service field.
    Xp31 signifyd configure link.png
    Click on that link to access the Signifyd configuration settings page in X-Payments.
    As an alternative, you can access your Signifyd configuration settings via a link on the Payment Configurations page:
    Xp31 signifyd configure link2.png
    The Signifyd configuration settings page looks like the following:
    Xp31 signifyd configuration 4 auth net.png
  6. In a new browser tab or window, go to the Signifyd console at https://app.signifyd.com/
    Xp31 signifyd app login screen.png
    Make sure you have a team set up in your Signifyd account (See "How do I create a team"). Also make sure you have an API key generated for that team (See "How do I create an API key").
  7. On the page with Signifyd configuration settings in X-Payments, find a URL in the field marked "Enter the following URL in the Webhook Address field". The URL should look like https://<your_xpayments_domain>/callback.php. Copy this URL to clipboard, switch back to the browser tab or window where you have the Signifyd console open.
  8. Go to the Notifications page, scroll down to the Webhooks section.
  9. Use the Webhooks section to add some webhooks. To create a webhook, paste the URL you have copied into the Webhook Address field, then select the proper Team and Event Type values.
    Xp31 signifyd notifications webhooks.png
    You should create webhooks for each of the following event types:
    • Case Creation,
    • Case Rescore,
    • Case Review,
    • Guarantee Completion.
      As a result, the contents of your Webhooks section should look similar to the following:
      Xp31 signifyd notifications webhooks1.png
  10. Get the API key for your Signifyd team, go back to the browser tab or window with X-Payments and paste the API key into the API Key field on the page with your Signifyd configuration settings.
  11. If you want X-Payments to give you a warning when Signifyd score for a transaction is below a certain threshold, set the threshold value using the Warning score threshold setting on the Signifyd configuration settings page in X-Payments. Signifyd score is a value from 0 to 1000; 0 indicates the highest risk of fraud, 1000 indicates the lowest risk. For example, if you set the threshold to 600, and a transaction gets a score of 473, it will be deemed potentially fraudulent and flagged for manual review.
  12. Click Save to save your Signifyd configuration in X-Payments.
    Xp31 signifyd configuration 4 auth net1.png
    The status of the configuration will be updated to Enabled (Note the green status button):
    Xp31 signifyd enabled.png
  13. Go back to the tab or window with the Signifyd console and test the webhooks you have created. For each of the webhooks, click the Test button. If your X-Payments installation has been connected to your Signifyd account correctly, you should see the message "Event successfully posted" shown on the same line with the webhook you are testing:
    Xp31 signifyd event successfully posted.png

That is all. Signifyd is ready to use with your payment method.

Using Signifyd to score transactions

Signifyd results in X-Payments

Once a payment transaction is scored by Signifyd, you will be able to view the results of the check conducted by Signifyd on the Payment details page created for this payment in your X-Payments. For example, here you can see the results of such a check for a transaction with a low Signifyd score (below the threshold set in X-Payments):

Xp31 signifyd antifraud check passed.png

You can view the detailed Signifyd check results for the transaction by following the link "Transaction details on the Signifyd web-site: <Signifyd Case ID>". You can also choose to [cancel] Signifyd case guarantee by clicking the Cancel case guarantee button.

Signifyd results in X-Cart 5

In your X-Cart 5 store, transactions checked by Signifyd will be marked with a shield icon:

Xp31 signifyd order list view.png

By clicking on this icon, you can go directly to the results of the transaction check by Signifyd. The results can be viewed in the section "Signifyd - Guaranteed Fraud Protection result" on the order details page:

Xp31 signifyd check result manual review.png

As you can see in the screenshot above, the transaction got a score of 413 from Signifyd (which is less than the threshold of 600 we have specified in our Signifyd configuration in X-Payments) and was marked as "Manual review required". You can find out more about how Signifyd scores transactions from this article:

By clicking on the Transaction ID link in this section you can access the details of the respective case on the Signifyd end where you can learn more about the transaction to decide whether it would be safe to accept it.

Xp31 signifyd manual review.png

If you scroll up the order details page in your X-Cart 5 store, you will find the section of the order details showing payment-related information.
In the case of a transaction flagged for manual review, this section will show a warning of potential fraud risk related with this transaction and will provide the buttons Accept and Decline so you can specify whether you want to accept it:

Xp31 signifyd accept decline.png

By clicking the "View payment information" link you will be able to access more information about the payment, including its Signifyd Case ID.

Xp31 signifyd payment info.png

For a transaction with a good Signifyd score, the section "Signifyd - Guaranteed Fraud Protection result" on the order details page will look similar to the following:

Xp31 signifyd check result passed.png

(The buttons Accept and Decline will not be provided either.)