X-Payments:Signifyd fraud protection and chargeback prevention
X-Payments 3.1.0 and later provides an integration with Signinfyd, a popular fraud protection solution for E-Commerce.
When a buyer places an order in a store connected to X-Payments making a payment via a payment method protected by Signifyd, the order information gets sent to Signifyd. Signifyd creates a case for the order within the Signifyd Console evaluating the respective payment transaction via its own proprietary algorithms. As a result of this evaluation, the transaction is assigned a certain score reflecting its level of safety/riskiness for the merchant. The merchant can set a specific score threshold level that will enable them to know that a transaction is safe and may be processed automatically. If a transaction is deemed risky (potentially fraudulent), it will be marked as requiring manual review by the merchant. The merchant can then investigate the order information in the Signifyd Console and make an informed decision as to whether they should accept or decline the respective payment transaction.
More information on Signifyd is available on the Signifyd website:
Setting up your Signifyd integration
To start using Signinfyd to score the payment transactions that take place in your store connected to X-Payments, complete the following steps:
- Contact Signifyd Sales team to apply for a Signifyd account.
- Make sure you are using X-Payments 3.1.0 or later and your online store is connected to X-Payments using the X-Payments connector (i.e. the connector is installed and enabled, you have an online store and at least one payment configuration configured and enabled in X-Payments, and you have connected the online store to X-Payments by deploying the configuration bundle).
- Log in to X-Payments.
- Go to the details of the X-Payments payment configuration that you intend to use with Signifyd. This can be found under Settings > Payment configurations. You can use an existing payment configuration or add a new payment configuration. Should you decide to add a new payment configuration, you will have to re-import your X-Payments payment methods into your store. To add Signifyd to the payment configuration you require, you will need to update the payment configuration settings with "Signifyd - Guaranteed Fraud Protection" selected in the Antifraud service field by clicking the Save button.
- Once the payment configuration details have been updated, a Configure link for Signifyd will be displayed near the Antifraud service field.
Click on that link to access the Signifyd configuration settings page in X-Payments.
As an alternative, you can access your Signifyd configuration settings via a link on the Payment Configurations page:
The Signifyd configuration settings page looks like the following:
- In a new browser tab or window, go to the Signifyd console at https://app.signifyd.com/
Make sure you have a team set up in your Signifyd account (See "How do I create a team"). Also make sure you have an API key generated for that team (See "How do I create an API key").
- On the page with Signifyd configuration settings in X-Payments, find a URL in the field marked "Enter the following URL in the Webhook Address field". The URL should look like https://<your_xpayments_domain>/callback.php. Copy this URL to clipboard, switch back to the browser tab or window where you have the Signifyd console open.
- Go to the Notifications page, scroll down to the Webhooks section.
- Use the Webhooks section to add some webhooks. To create a webhook, paste the URL you have copied into the Webhook Address field, then select the proper Team and Event Type values.
You should create webhooks for each of the following event types:
- Get the API key for your Signifyd team, go back to the browser tab or window with X-Payments and paste the API key into the API Key field on the page with your Signifyd configuration settings.
- If you want X-Payments to give you a warning when Signifyd score for a transaction is below a certain threshold, set the threshold value using the Warning score threshold setting on the Signifyd configuration settings page in X-Payments. Signifyd score is a value from 0 to 1000; 0 indicates the highest risk of fraud, 1000 indicates the lowest risk. For example, if you set the threshold to 600, and a transaction gets a score of 473, it will be deemed potentially fraudulent and flagged for manual review.
- Click Save to save your Signifyd configuration in X-Payments.
The status of the configuration will be updated to Enabled (Note the green status button):
- Go back to the tab or window with the Signifyd console and test the webhooks you have created. For each of the webhooks, click the Test button. If your X-Payments installation has been connected to your Signifyd account correctly, you should see the message "Event successfully posted" shown on the same line with the webhook you are testing:
That is all. Signifyd is ready to use with your payment method.
Using Signifyd to score transactions
Signifyd results in X-Payments
Once a payment transaction is scored by Signifyd, you will be able to view the results of the check conducted by Signifyd on the Payment details page created for this payment in your X-Payments. For example, here you can see the results of such a check for a transaction with a low Signifyd score (below the threshold set in X-Payments):
You can view the detailed Signifyd check results for the transaction by following the link "Transaction details on the Signifyd web-site: <Signifyd Case ID>". You can also choose to [cancel] Signifyd case guarantee by clicking the Cancel case guarantee button.
Signifyd results in X-Cart 5
In your X-Cart 5 store, transactions checked by Signifyd will be marked with a shield icon:
By clicking on this icon, you can go directly to the results of the transaction check by Signifyd. The results can be viewed in the section "Signifyd - Guaranteed Fraud Protection result" on the order details page:
As you can see in the screenshot above, the transaction got a score of 413 from Signifyd (which is less than the threshold of 600 we have specified in our Signifyd configuration in X-Payments) and was marked as "Manual review required". You can find out more about how Signifyd scores transactions from this article:
By clicking on the Transaction ID link in this section you can access the details of the respective case on the Signifyd end where you can learn more about the transaction to decide whether it would be safe to accept it.
If you scroll up the order details page in your X-Cart 5 store, you will find the section of the order details showing payment-related information.
In the case of a transaction flagged for manual review, this section will show a warning of potential fraud risk related with this transaction and will provide the buttons Accept and Decline so you can specify whether you want to accept it:
By clicking the "View payment information" link you will be able to access more information about the payment, including its Signifyd Case ID.
For a transaction with a good Signifyd score, the section "Signifyd - Guaranteed Fraud Protection result" on the order details page will look similar to the following:
(The buttons Accept and Decline will not be provided either.)