Sorry, we didn't find any relevant articles for you.

Send us your queries using the form below and we will get back to you with a solution.

Security

Topics on Security

MinFraud

What should we set the Minfraud Value to? We default the value to 20 as that come ...

What should we set the Minfraud Value to?

We default the value to 20 as that comes from what Minfraud have suggested. The lower the number, the lower the risk tolerance and the more likely the Minfraud checks will fail a Payment. The higher the score, the higher your risk tolerance is and the more likely a transaction will be accepted.

Please see MaxMind Minfraud for some details about how the scoring works - please also go into the learn more on the Minfraud page. You may also wish to review their Understanding Risk Scoring page as well.

We have provided the ability for your organisation to change these values up or down. This will depend on the level of risk your organisation wishes to take and that is for you to determine. See the MinFraud Set Thresholds for the Risk Score for some guidance.

Minfraud is included as part of Payments2Us and provides an important role as one of the methods used to avoid fraud and card testing.

 
 

Can I disable Minfraud?

We have added Minfraud protection for a good reason. It is not our recommendation to disable.

However, if you wish to disable, set the Minfraud Scores to blank or 0 (zero) on the Merchant Facility.

 
 

What is the impact of disabling Minfraud

We do not recommend disabling Minfraud. It is an important security check. There are a lot of other checks as well and this is just one component.

You'll see some links and references in the What should we set the Minfraud Value to? as to how the risk scoring works. At a high level it checks the data entered to see if all all matches and makes sense. This means, even if someone were to complete Captcha's successfully, they still could be pick up as fraudulent.

The risk of disabling is card testing or fraudulent transactions could be completed on your payment form.

 
 

General Security related Questions

I have now allowed an IP Address, will the Transaction go through, or does the us ...

I have now allowed an IP Address, will the Transaction go through, or does the user need to re-submit

The card holder will need to resubmit the transaction.  The transaction was blocked.

 
 

I have marked an IP Address as allowed.  How long does it take until this comes into effect?

It should take effect straight away.

However, sometimes the forms are cached and it remembers previous settings. Doing a control+refresh should work to clear the cache.

Also, double check it has not been blocked again. The IP addresses are related to Merchant Facilities, so check that it is marked as allowed for all Merchant Facilities that you want to allow it for.

If still having issues, check the Error Log - Payments2Us as that describes the error in more detail.