Risk Management Online
The CrefoPay risk management allows for sophisticated fraud prevention including real-time B2B and B2C solvency checks. You effectively reduce losses due to shortfall in payment to a minimum and are able to automatically use the most suitable B2B credit check product for each individual transaction.
This document describes which risk management functions you can find in your merchant service area and which configuration options you have. As soon as this functionality is enabled, the new menu item ‘Risk Management’ will appear in the merchant service area where those options become accessible. Changes in configuration are instant and will always be documented in the menu item "Configuration log".
Check result breakdown
Here you can find a list with possible rule hits, as they are displayed on the transaction details page in the merchant service area, and under which names they can be found in the documentation.
Rule hit | Rule type |
---|---|
ADDRESS_MISMATCH | Delivery and billing address comparison |
BLACKLIST | Blacklist |
COUNTRY_AMOUNT | Country amount limit |
ISSUER_AND_DELIVERY | Issuer and delivery mismatch |
LIMIT | Limit rule |
OUTSTANDING_DEBT | Outstanding debt control |
SANCTIONLIST | Sanction list |
USER_STATUS | User status rule |
VELOCITY | Velocity rule |
WHITELIST | Whitelist |
Addiontally, for limit and velocity hits rule details are displayed. Here is a list of possible rule details and to which rule type they refer:
Rule details | Rule type |
---|---|
DELIVERY_ADDRESS | Delivery address |
SINGLE_TRANSACTION | Transaction |
PAYMENT_METHOD | Payment method |
USER | User |
TRANSACTION_COUNT | Transaction count |
AMOUNT | Amount |
PI | Payment instrument |
Limits
Thresholds
Here you are able to define 'spending' limits for different parameters. You will be able to determine how the system reacts if a limit is reached (if a limit of 1000 EUR has been set, the rule will take effect when a 1000 EUR or higher transaction is processed).
Create a new threshold
To create a new limit, click on the button 'Add'.
The risk class threshold defines at which customer risk class the rule will apply. The customer risk class is set on transaction creation. This risk class allows to handle certain customer differently. This means for known customers for example, a different rule set could apply, or no rules at all. If the extended risk classes are not used, then it is recommended to use the standard risk class of 1.0.
You can select whether this rule should apply for private users or for business users. This option is relevant if you target both private and business customers and wish to set up different rules for each user type. If you want the rule to apply for both user-types, please select "all".
You will first need to select a parameter, under 'Type', for which the limit should apply to.
You can select between:
Check type | Description |
---|---|
Transaction | Checks if the basket value exceeds the specified (high spending) limit. |
Customer | Checks if the total amount of all purchases, which a user has made within a defined period in one shop, exceeds the defined limit. |
Payment instrument | Checks if the total amount of all purchases, which a user has spent by using a specific payment instrument (bank account or credit card) within a defined period in one shop, exceeds the defined limit in cumulative transaction amounts. |
Payment method | Checks if the total amount of all purchases, which a user has spent by using a specific payment method(s) within a defined period in one shop, exceeds the defined limit. This check can be made on multiple payment methods. |
Once you have chosen the type, you will then need to select an 'action'. This determines how the system should react if the limit is reached.
Action | Description |
---|---|
Offer only secure payment methods | Only payment methods that are configured as secure will be shown to the customer. Please ask the CrefoPay team which payment methods are configured as secure for your shop, if you are unsure. All payment methods except |
direct debit and invoice are usually configured as secure. | |
Decline | The transaction will be declined and the user will not be able to finish it |
Manual review | The user can finish the transaction, but it will stay in status FRAUDPENDING until it has been manually reviewed and approved by you. You can review your FRAUDPENDING transactions under the submenu item "Manual Review" |
If you choose 'User', 'Payment Instrument' or 'Payment Method', you must also define a time period which applies to the limit.
You can select between:
- Second
- Minute
- Hour
- Day
- Week
- Month
- Year
We recommend you start with using the intervals "Day", "Week" and "Month", as these are the most common.
Once you have defined the limit, simply click 'save'.
The limit check appears in the overview and is active instantly.
Active cards per user
This check counts the number of cards a customer uses.
You can define the number of cards a customer is allowed to use. Once you have done this, you can determine how the system should react if the allowed number of cards exceeds the defined amount.
You can select between:
- Offer only secure payment methods
- Decline
- Manual review
Once you have done this, simply check activate and then click 'save'.
Velocity
The velocity check allows you to define a threshold for purchase frequencies and determine how the system should react if a specific velocity has been surpassed (if a velocity of 10 per minute has been set, the rule will take effect at number 11).
Create a new velocity check
Click 'Add' and a create form will open.
The risk class threshold defines at which customer risk class the rule will apply. The customer risk class is set on transaction creation. This risk class allows to handle certain customer differently. This means for known customers for example, a different rule set could apply, or no rules at all. If the extended risk classes are not used, then it is recommended to use the standard risk class of 1.0.
You can select whether this rule should apply for private users or for business users. This option is relevant if you target both private and business customers and wish to set up different rules for each user type. If you want the rule to apply for both usertypes, please select "all".
You will first need to select a parameter, under 'Type', for which the threshold should apply to.
You can select between:
Check type | Description |
---|---|
Customer | Checks if the number of purchases a user did in one shop within a specific interval exceeds the defined threshold. (Regardless of basket size) |
Payment instrument | Checks how often a user has used a specific payment instrument within a defined interval and if it exceeds the defined threshold. |
Delivery address | Checks how often a delivery address has been used within the defined interval for a purchase. |
Payment method | Checks if the number of transactions, which a user has done in a shop by using one or more payment methods in a defined interval, exceeds the defined threshold. This check can be made on several payment methods. |
IP address | Checks how often an IP address has been used within the defined interval for a purchase. |
Once you have chosen the type, you will then need to select an 'action'. This determines how the system should react if the limit is reached.
Action | Description |
---|---|
Offer only secure payment methods | Only payment methods that are configured as secure will be shown to the customer. Please ask the CrefoPay team which payment methods are configured as secure for your shop, if you are unsure. All payment methods except |
direct debit and invoice are usually configured as secure. | |
Decline | The transaction will be declined and the user will not be able to finish it |
Manual review | The user can finish the transaction, but it will stay in status FRAUDPENDING until it has been manually reviewed and approved by you. You can review your FRAUDPENDING transactions under the submenu item "Manual Review" |
Then select an interval:
- Minute
- Hour
- Day
- Week
- Month
Once you have defined the threshold, simply click ‘save’.
The velocity check appears in the overview and is active instantly.
Address Based Checks
Address based checks compare different addresses. In case of a variation you can define how the system should react.
Compare Billing and Delivery Address
This check determines if the billing address matches the delivery address.
Please select the user type and how the system should react in case the addresses differ under the 'action' drop down menu.
Once you have done this, simply select 'Save' then save your settings.
Compare Issuing Country and Delivery Country
This check compares the country where the card has been issued and the country where the goods are due to be delivered.
To activate the check please click on button 'Add'. You will then see the following:
Please then choose an action. This determines how the system should react when the card issuer country does not equal the delivery country.
You can select between:
Action | Description |
---|---|
Offer only secure payment methods | Only payment methods that are configured as secure will be shown to the customer. Please ask the CrefoPay team which payment methods are configured as secure for your shop, if you are unsure. All payment methods except |
direct debit and invoice are usually configured as secure. | |
Decline | The transaction will be declined and the user will not be able to finish it |
Manual review | The user can finish the transaction, but it will stay in status FRAUDPENDING until it has been manually reviewed and approved by you. You can review your FRAUDPENDING transactions under the submenu item "Manual Review" |
You need to select the specific card issuing country to be compared with the delivery country. You are able to select more than one country. If you want to search for a specific country you can simply use the search functionality. You should then choose the delivery country which should be compared. Using Control + A allows you to select all countries at once.
Once you have done this, you can then activate your settings by selecting 'Active' then save.
The new risk check is then immediately live.
Creditreform B2B Check
The configuration of the Creditreform B2B credit check allows you to decide which actions should be taken dependent on the results of your solvency check.
To add a new rule set click on the 'Add' button.
Created rules can activated or deactived using the checkbox "Enable rule".
The checkbox "Perform Solvency Check on API Call" defines whether this rule should be transaction dependent, or transactions independent. If the checkbox is ticked, then this rule will not apply in the checkout process. Instead it will apply for requests made to the solvencyCheck-API, or for solvency checks performed directly in the merchant service area.
The risk class threshold defines at which customer risk class the rule will apply. The customer risk class is set on transaction creation. This risk class allows to handle certain customer differently. This means for known customers for example, a different rule set could apply, or no rules at all. If the extended risk classes are not used, then it is recommended to use the standard risk class of 1.0.
Each rule set applies to one payment method, which is selected in the upper area. Commonly only insecure payment methods such as bill payment and direct debit are selected here.
Further you can configure the action which should be taken, if the company of your customer is unknown to Creditreform according to the check.
The cost saving mode allows you to configure how long the result of a credit check should be saved, until the check is repeated for a specific customer.
Only the Creditreform products for which you have a Creditreform account and which are switched on for you by the CrefoPay team are displayed here.
If you are using multiple Creditreform B2B credit check products, you can decide which product should be used for which basket value range: In the "Basket value threshold" area you are able to configure the thresholds of your different Creditreform products. These decide which check should be used for which basket value.
It is also possible to trigger credit check products based on the open debt of a customer. If both basket value thresholds and open debt thresholds are enabled, then the order of the enabled products must be identical for both configurations. This allows the system to set the priority of each product.
In general, credit check products with higher thresholds with be treated as more valuable and therefore have more priority. Example: If a traffic light check is configured for a basket amount of 5.00€, and a compact report for 50.00€, then the compact report will have priority. If the cost saving mode is enabled, these priorities decide whether a new check will be performed, or if an existing result can be re-used. Scenario 1: For a customer a traffic light check was performed in the past, and later they complete another transaction with a basket amount of 50.00€. In this case, a new check using the product compact report will be performed, as the threshold for it was reached, and the compact report is ranked higher in priority. Scenario 2: For a customer a compact report was requested in the past, and later they complete another transaction with a basket amount of 5.00€. In this case the existing result of the compact report will be re-used, as the compact report is ranked higher in priority and is therefore treated as more reliable. This means no additional solvency check will be performed.
Risk check configuration: The action configured here will be taken, if the provided condition, named above the action-dropdown box, is met
Traffic light configuration: Here you can decide on which action should be taken dependent on the result of the traffic light check. For result 'green' no action will be taken by default.
eCrefo configuration: Here you can set a score threshold and the action to be taken if the result is black. The result is considered "black" if the score of the customer is higher than the defined solvency index threshold.
Furthermore it is possible to define score thresholds depending on the basket amount(in cent or equivalent) of a transaction. This way transactions with higher basket amounts can be treated more strictly, while lower amounts are accepted more easily. Should the transaction basket amount be outside of the defined ranges, then the default score threshold will apply.
Compact report configuration:
- Take over credit limit: If the compact report contains a credit limit and this option is enabled, then it will be saved on customer level. If a customer specific limit is set, it will take priority over a general credit limit.
- Score handling: In this area actions can be defined for variable score ranges. The score can range from 1 to 600.
- Legal form handling: Here actions can be defined depending on the legal form of the customer. Legal forms from DE/LU/AU are available.
- Line of business handling: Here actions can be defined depending on the line of business of the customer. The text field accepts comma separated WZ 2008 line of business keys. Click "Download WZ 2008 key list" to receive a list of all options.
- Email domain comparison: An action can be set in case the customers email domain (the part after the "@") differs from the email address contained in the compact report. Another action can be defined for the case in which the report contains no email address at all.
- Company age handling: Here actions can be defined depending on the company age in years.