Table of Contents
iSpyFraud is a rule-based transaction scrubber that will block transactions from fully processing if they trigger one or more rules set within the software. iSpyFraud touches all sources of processing on the Gateway, and can be set on a “per processor” basic, or all processors as needed.
iSpyFraud will not stop a card spinner from attacking a website, and cannot keep users from accessing a website; the service requires the transactions to reach the NMI gateway in order to scrub them against the Merchant’s set rules, and block or mark them for review accordingly.
The service can be used to enforce a minimum/maximum transaction amount, block or whitelist IPs, email addresses, countries, credit card numbers, and more. It can also be set to adhere to daily, weekly or monthly usage thresholds such as restricting a consumer from changing their credit card number over a certain number of times during a specific time range.
iSpyFraud has three sections in which a Merchant can access rules and thresholds, and two sections to review the results of those rules and thresholds.
Thresholds: This page allows you to set the parameters of your fraud protection, based on the amount of money charged per transaction, the number of transactions charged, etc.
User Ban: This page allows you to ban specific users, by the IP address of their computer, by their credit card number, by country, or by their user information in your system.
Exceptions: This page allows you to make exceptions to the fraud ban system for users you know are legitimate.
Waiting Review: Transactions that have been flagged as possibly fraudulent will appear on this page, waiting for your review. If you find them harmless, do nothing. If you believe the transactions are fraudulent, you may cancel the charges put through by going to your gateway.
History Log: This page allows you to see recent transactions performed, with a color-coding chart for easy reference as to whether the transaction was accepted, denied, etc.
Q: What types of merchants need iSpyFraud?
A: Though all merchants can benefit from the reassurance a fraud scrubbing utility offers, it’s true that some merchants are more likely to be targeted by fraudsters than others. For example, merchants
who process international transactions are considered higher risk, as are those in certain verticals,
such as online gambling, online dating, membership-only websites with adult content, or even
unexpected ones like consumer electronics. Non-profits that accept donations are also at risk and
can benefit from iSpyFraud, as they are often used by fraudsters for card testing/spinning schemes.
It’s also anticipated that as EMV cards become standard in card present transactions, there will be a
rise in card not present fraud, meaning more e-commerce merchants will be at risk. iSpyFraud is an
ideal solution to combat the predicted spike in online credit card fraud.
Q: Does iSpyFraud work in card present transactions?
A: Although iSpyFraud was originally designed for e-commerce, it works equally well for card present transactions. The software’s thresholds and rules do not discriminate between retail and keyed
transactions, nor is the utility’s scrubbing ability restricted by transaction origin (API, Virtual
Terminal, Batch Upload, etc.).
Q: Can iSpyFraud block someone from coming to my website?
A: No, iSpyFraud can only take action on transactions sent to the Gateway. It cannot block activity happening on a website prior to data being sent to the Gateway. Merchants can speak to their
hosting provider or web developer if they need to block an individual from accessing their website
Q: I’d like to use iSpyFraud on my website, but I don’t want to use the Gateway to process. Is this
A: No, iSpyFraud is an additional service that can be added onto a Gateway account to scrub
transactions processing through it. It cannot be used as a standalone service. Merchants must be processing through the Gateway to take advantage of the iSpyFraud scrubbing service.