XP Cloud:NoFraud Fraud Prevention
X-Payments Cloud provides integration with NoFraud. NoFraud is a comprehensive fraud prevention service that employs every known fraud prevention technology in a single centralized system, producing the most precise decision-making fraud prevention application. NoFraud sits between your store site and your payment gateway reviewing payment transactions in real time through complex algorithms so that only the legitimate transactions are sent to the gateway for processing. Any transactions declined by NoFraud are bounced back to the customer while they are still at the cart. Approved transactions are passed along to the gateway for uninterrupted processing. For the small percentage of transactions where a Pass or Fail decision is not available, NoFraud can contact the cardholder for verification. This eliminates the need for manual review of transactions and prevents the declining of legitimate customers. NoFraud takes just a few minutes to set up and does not require training or dedicated staff to run or maintain. With no setup fees and low per-transaction billing rates, NoFraud allows anyone to try the system with little risk. All you need to do is choose a plan to match your needs. You can even get a free trial by contacting NoFraud at email@example.com or 888-773-3669.
Getting started with NoFraud
To start using NoFraud, complete the steps below:
- If you have not yet done so, sign up for a NoFraud account.
- After creating your NoFraud account, log in to the Account Manager portal.
On the bottom left of your portal account, you will see a few tabs that require merchant information input. Make sure all the required information for your account has been provided correctly. NoFraud provides some help guides and references in the "Resources" section that you may find helpful. For example, the NoFraud Portal Guide provides a thorough explanation of all the settings.
Please pay particular attention to the "Integration" tab. Through this tab, you will need to select the type of integration you are using. From the 'Add new integration' menu, select the 'Direct API' method. After adding your integration in your portal account, you will get an API key code for your integration (this code is generated automatically).
You will need to copy this code from your account and input it into the appropriate field in the X-Payments Cloud admin panel, so for now simply copy the code to clipboard.
- In a new browser tab or window, log in to the X-Payments Cloud admin panel, go to the General settings page (Settings -> General) and specify that you are going to use NoFraud as your Antifraud service:
- Now if you look again at the Antifraud service setting on the same page, you will see that NoFraud has been selected as your Antifraud service, and the page now provides a link to configure it.
Click on the Configure link to access the page for NoFraud configuration and adjust the NoFraud settings:
The page for NoFraud configuration opens:
- Adjust the settings on the NoFraud settings page. Be sure to click Save to save your changes.
- Status (Not configured / Enable / Disable): This setting indicates whether NoFraud module is active. For now just leave it as is. After you provide the rest of the required settings (below) and save the changes, NoFraud module will be enabled automatically. You will then be able to use this setting to disable/re-enable NoFraud for your current payment configuration as you require.
- API key: Use this field to input the API key code you have obtained in your NoFraud portal account.
- Test/Live mode: Set the mode for your NoFraud integration. Note that this setting must match the mode you have chosen for your NoFraud integration in your portal account settings.
- Make sure NoFraud fraud prevention service is enabled:
That is all; NoFraud service has been activated. From now on, any payment transactions via X-Payments Cloud will be screened by NoFraud.
Once activated in X-Payments Cloud, NoFraud works automatically for all the incoming payments.
What happens when a buyer submits their credit or debit card info to pay for an order in a store accepting payments via X-Payments Cloud and protected by NoFraud?
Technically, the process involves three steps:
At the first step, X-Payments Cloud makes a call to NoFraud to invoke NoFraud fraud screening service. In this call, information about the payment transaction (including the IP address, email address, shipping address, card details, billing info, order details, etc.) is submitted to NoFraud. This happens for each new card prior to contacting the payment gateway. NoFraud’s fraud screening service uses proprietary algorithms to check the information submitted to it and applies the custom rules configured for the merchant's account. NoFraud account settings provide substantial flexibility for configuring the rules. In practice, NoFraud will consider a lot of factors such as the buyer's country, how far the buyer's location is from the location of the store where the purchase is being made, whether the buyer is telling the truth about their location (based on whether the address submitted by the buyer matches the geolocation info collected by the service regarding the IP address from which the purchase is being made), the type of products being purchased (for example, if the buyer has a history of consistently using the card to buy car parts and suddenly pays for $2000 worth of makeup and beauty products) and so on. As a result, NoFraud’s fraud screening service responds with a decision as to what should be done about the transaction in question (whether the transaction looks safe and should be processed, or whether it looks suspicious and should be declined). X-Payments will honor the decision returned by NoFraud. If the decision is to process the transaction, X-Payments Cloud will continue with the transaction processing by submitting the details to the payment gateway. If the risk decision is to decline the transaction, X-Payments Cloud will block the transaction and not contact the payment gateway. This way high risk transactions are blocked automatically before they become a problem, and the merchant does not have to pay the payment processor for processing a card that might have been stolen.
At the second step, X-Payments Cloud contacts the payment gateway for order processing. This, of course, does not happen for transactions that have been blocked.
At the third step, X-Payments Cloud once again contacts NoFraud to find out the transaction result, including the results of the CVV и AVS checks. NoFraud's fraud screening service also stores this information for future use.
The results of checking by NoFraud can be viewed in X-Payments Cloud, in the admin panel of the online store and in the NoFraud portal.
To view NoFraud results in X-Payments Cloud:
- Go to the Payments page and locate the payment for which you would like to view the NoFraud results.
- Open the payment details for viewing.
On the Payment details page, you will be able to see whether the NoFraud check has been passed successfully of failed in the 'NoFraud - Full Service Fraud Prevention' section:
If NoFraud is not able to set either 'passed' or 'failed' status right away, it sets the status 'Being reviewed by NoFraud'.
The status 'Being reviewed by NoFraud' means that NoFraud needs time to conduct additional customer verification. Once the process is completed, NoFraud will send the final verification result to the X-Payments Cloud administrator by email. Note that the NoFraud status of the payment in X-Payments Cloud will not be updated.
To view NoFraud results in your online store's admin panel, go to the section where you view order details. The result of checking by NoFraud will be available in the order details similarly to what you see in X-Payments Cloud. For example, in X-Cart 5 you can do it as follows:
- On the Orders > Orders list page, select the order and open its details for viewing.
- Scroll down the page till you see the box with the information on the card that was used to pay for the order and click on the 'View payment information' link.
The NoFraud result will be shown along with the rest of the information regarding the payment: