Beagle Anti-Fraud
Beagle uses GEO-IP rules to block or flag potential fraudulent transactions. Rules
are declared within the eWAY Business Centre and notifications are sent via e-mail
for any transactions that do not pass the Anti-Fraud rules. Beagle is integrated
by passing two additional fields (IP address and country code) while using the Merchant
Hosted Payment solution.
The Gateway URL is https://www.eway.com.au/gateway_cvn/xmlbeagle.asp
Setting Your Beagle Rules
Once you have activated Beagle, you will need to set the anti-fraud rules that best
suit your own business model. The following rules are available to merchants in
their Business Centre to provide the level of fraud detection they need.
|
Rule
|
Description
|
Action
|
|
Country Matching
|
Block transactions where the country of the IP address does not match the billing
address.
|
Block/Allow
|
|
Australia Only Transactions
|
Block transactions where the country of the of the card issue, billing address of
IP Address are not Australia.
|
Block/Allow
|
|
High Risk Country
|
Block transactions where the IP address country or billing address country is in
a commonly regarded high-risk country (Ghana, Nigeria or Vietnam).
|
Block/Allow
|
|
Anonymous Proxy
|
Block transactions where IP address is Anonymous Proxy - Anonymous Proxies are used
to attempt to bypass Geolocation controls (anonymous proxy = very high risk).
|
Block/Allow
|
|
Transparent Proxy
|
Block transactions where IP address is in our database of known transparent (high
risk) proxy servers.
|
Block/Allow
|
|
Free Email
|
Block transactions where Email is from a free e-mail provider.
|
Block/Allow
|
|
Maximum Risk Score
|
Block transactions where Risk Score is greater than your specified value
|
Block/Allow
|
If a rule is set to be Block and a transaction breaches that rule, the transaction
will be not be sent to your merchant bank for processing. As a merchant, you can
also set a notification method for whenever each rule is breached. Merchants can
be notified by email to allow them the opportunity to contact the customer to determine
if they are a bona fide purchaser, and refund them if they feel the transaction
may be risky.
Linking to eWAY
Below are the specifications for using the eWAY Beagle solution,
including fields sent and returned by the gateway and field descriptions.
|
eWAY Fields Sent
|
Maximum Field Length (Characters)
|
Required Fields
|
|
ewayCustomerID
|
8
|
|
|
ewayTotalAmount
|
12
|
|
|
ewayCustomerFirstName
|
50
|
|
|
ewayCustomerLastName
|
50
|
|
|
ewayCustomerEmail
|
50
|
|
|
ewayCustomerAddress
|
255
|
|
|
ewayCustomerPostcode
|
6
|
|
|
ewayCustomerInvoiceDescription
|
255
|
|
|
ewayCustomerInvoiceRef
|
50
|
|
|
ewayCardHoldersName
|
50
|
|
|
ewayCardNumber
|
20
|
|
|
ewayCardExpiryMonth
|
2
|
|
|
ewayCardExpiryYear
|
2
|
|
|
ewayTrxnNumber
|
16
|
|
|
ewayOption1
|
255
|
|
|
ewayOption2
|
255
|
|
|
ewayOption3
|
255
|
|
|
ewayCVN
|
4
|
|
|
ewayCustomerIPAddress
|
15
|
|
|
ewayCustomerBillingCountry
|
2
|
|
|
eWAY Fields Returned
|
Maximum Field Length (Characters)
|
Required Fields
|
|
ewayTrxnStatus
|
6
|
|
|
ewayTrxnNumber
|
16
|
|
|
ewayTrxnReference
|
50
|
|
|
ewayTrxnOption1
|
255
|
|
|
ewayTrxnOption2
|
255
|
|
|
ewayTrxnOption3
|
255
|
|
|
ewayAuthCode
|
6
|
|
|
ewayReturnAmount
|
12
|
|
|
ewayTrxnError
|
100
|
|
|
ewayBeagleScore
|
6
|
|
|
eWAY Field Name
|
Description
|
|
ewayCustomerID
|
Your unique eWAY customer ID assigned to you when you join eWAY. eg 11438715
|
|
ewayTotalAmount
|
The total amount in cents for the transaction, eg $1.00 = 100
|
|
ewayCustomerFirstName
|
The first name of your customer making a purchase at your site.
|
|
ewayCustomerLastName
|
The last name of your customer making a purchase at your site.
|
|
ewayCustomerEmail
|
The email address of your customer making a purchase at your site.
|
|
ewayCustomerAddress
|
The address of your customer making a purchase at your site including state, city
and country.
|
|
ewayCustomerPostcode
|
The postcode of your customer making a purchase at your site.
|
|
ewayCustomerInvoiceDescription
|
A description of the products or services purchased.
|
|
ewayCustomerInvoiceRef
|
A reference to your own invoice system for the purchase.
|
|
ewayTrxnReference
|
See 'eWAYTrxnNumber'.
|
|
ewayOption1
|
This value is returned to your website. An additional field for you to pass and
receive information from eWAY.
|
|
ewayOption2
|
This value is returned to your website. An additional field for you to pass and
receive information from eWAY.
|
|
ewayOption3
|
This value is returned to your website. An additional field for you to pass and
receive information from eWAY.
|
|
ewayTrxnStatus
|
This value is returned to your website. For a successful transaction "True"
is passed and for a failed transaction "False" is passed. This allows you
to make your own logging on your website for transaction status.
|
|
ewayTrxnNumber
|
This value is returned to your website. You can pass a unique transaction number
from your site. You can update and track the status of a transaction when eWAY returns
to your site.
NB. This number is returned as 'ewayTrxnReference'. The number returned as
'ewayTrxnNumber', is actually the unique eWAY Transaction number, created
by eWAY itself.
|
|
ewayAuthCode
|
If the transaction is successful, this is the bank authorisation number. This is
also sent in the email receipt.
|
|
eWAYReturnAmount
|
Can be used a check that the transaction is processed for the same amount as you
request from your website.
|
|
ewayTxnError
|
This is the response returned by the bank, and can be related to both successful
and failed transactions.
|
|
ewayBeagleScore
|
Fraud score representing the estimated probability that the order is fraud, based
off of analysis of past Beagle transactions.
|
Example XML Layout
Please do not copy/paste the following XML example for your code as it is presented
here for display purposes only. Please refer to our source code for more information.
XML Sent
XML Returned
Viewing Beagle Details
The following information is recorded by Beagle, and can be viewed in the details
of each transaction when Beagle is enabled by a merchant:
|
Field
|
Format
|
Description
|
|
Geographical & IP Address Location Checks
|
|
Country Match
|
Yes or No
|
Whether country of IP address matches billing address country (mismatch = higher
risk)
|
|
Country Code
|
Two-letter ISO-3166 code
|
Country Code of the IP address
|
|
High Risk Country
|
Yes or No
|
Whether IP address or billing address country is in Egypt, Ghana, Indonesia, Lebanon,
Macedonia, Morocco, Nigeria, Pakistan, Romania, Serbia and Montenegro, Ukraine,
or Vietnam.
|
|
Distance
|
Rounded integer
|
Distance from IP address to Billing Location in kilometers (large distance = higher
risk)
|
|
IP Region
|
Two character string ISO-3166-2/FIPS 10-4 code
|
Estimated State/Region of the IP address, ISO-3166-2/FIPS 10-4 code
|
|
IP City
|
String
|
Estimated city of the IP address
|
|
IP Latitude
|
Degrees
|
Estimated latitude of the IP address
|
|
IP Longitude
|
Degrees
|
Estimated longitude of the IP address
|
|
IP ISP
|
String
|
ISP of the IP address
|
|
IP Organization
|
String
|
Organization of the IP address
|
|
Proxy Detection
|
|
Anonymous Proxy
|
Yes or No
|
Whether IP address is an anonymous proxy (anonymous proxy = very high risk)
|
|
Proxy Score
|
Decimal from 0 to 10
|
Likelihood of IP Address being an Open Proxy
|
|
Transparent Proxy
|
Yes or No
|
Whether IP address is in our database of known transparent proxy servers, returned
if forwarded IP is passed as an input
|
|
E-mail Checks
|
|
Free Mail
|
Yes or No
|
Whether e-mail is from free e-mail provider (free e-mail = higher risk)
|
|
Carder Email
|
Yes or No
|
Whether e-mail is in database of high risk e-mails
|
|
Issuing Bank BIN Number Checks
|
|
BIN Country
|
Two-letter ISO-3166 code
|
Country code of the bank which issued the credit card based on BIN number
|
|
BIN Name
|
String
|
Name of the bank which issued the credit card based on BIN number. Available for
approximately 96% of BIN numbers
|
|
BIN Phone
|
String
|
Customer service phone number listed on back of credit card. Available for approximately
75% of BIN numbers
|
|
Address & Phone Number Check
|
|
Shipping Forward Address
|
Yes, No, or NA
|
Shipping address is in database of known mail drops
|
|
Beagle Scores
|
|
Score
|
Decimal from 0 to 10
|
Overall fraud score based on outputs listed above. This is the original fraud score,
and is based on a simple formula
|
|
Explanation
|
String
|
A brief explanation of the score, detailing what factors contributed to it, according
to our formula
|
|
Risk Score
|
Decimal from 0 to 100
|
Fraud score representing the estimated probability that the order is fraud, based
off of analysis of past Beagle transactions
|
In order for merchants to utilise the Beagle Anti-fraud service in real time, some
additional fields are required to be passed to the eWAY gateway:
ewayCustomerIPAddress
This field is used to pass the IP Address of the customer making the purchase. This
assists in detecting fraudulent behaviour by allowing eWAY's Beagle to pinpoint
the physical location of the computer that the customer is using for the transaction.
This field allows Beagle to match the country related to the IP address to both
the country associated with the Credit Card issuing bank, as well as the billing
country as entered by the customer themselves. If these do not match, the transaction
may be fraudulent.
Beagle also uses this field to search in our database of known anonymous and high
risk IP's. Anonymous IP addresses are used by people to 'fake' their actual physical
location, and get around Geolocational checking, such as that performed by Beagle.
Field Specification
The customers IP address is made up of 4 numbers (each up to 3 digits long), separated
by decimal points. e.g. 202.58.56.1
This information can easily be retrieved by your web developer, as it is available
in the Server Variables of each Web page request, which can be accessed by most
programming languages.
ewayCustomerBillingCountry
This field is used to pass a 2 character country code, which relates to the billing
address which was entered by the customer making the purchase. This is used be eWAY's
Beagle to match against both the country related to the IP address and the country
associated with the Credit Card issuing bank. If these do not match, the transaction
may be fraudulent.
Field Specification
The billing country code is made up of 2 characters which correspond to a particular
country.
To assist with your integration, we have created a drop down list with all countries,
and their country code: