Guides
Start typing to search…

Fraud Modules

The Fraud modules in PaidYET provide customizable tools to help merchants reduce risk and prevent unauthorized or suspicious transactions. These settings can be managed via the Merchant Dashboard, and must be configured individually per merchant. Settings do not carry over across merchant accounts or sub-merchants.

How to Access Fraud Module Settings

  1. Log in to your PaidYET Merchant Dashboard.
  2. From the left navigation, click on Settings.
  3. Under the Tools tab, you have access to your Default Security settings in addition to access points that can be individually activated and configured.

Default vs. Custom Settings

Default Settings

By default, settings under Default Security Settings will apply to all payment forms and behavior across your merchant account.

To update your Default Security Settings:

  1. Locate the Default Security Settings tile.
  2. Click the Edit Settings link.
  3. Configure the modules with preferred thresholds or parameters.

Custom Module Settings

To apply Custom Security Settings to an access point:

  1. Toggle the access point on in the top right corner of the corresponding tile to activate it.
  2. Set the slider located below Settings / Security to Custom status.
  3. Click the edit icon located within the Custom option.
  4. Configure the modules with preferred thresholds or parameters.

Note: You can revert back to global defaults anytime by changing the custom toggle back to the Default status.

Available Modules

Block an IP Address

Prevent transactions from a specific IP address.

{
  "ip_address": "192.0.0.1"
}

Note: If using this module via the API, theip_address field must be included in the transaction

Velocity Check

Restrict the number of transaction attempts within a specified time window. This is useful to block card testing and other high-frequency fraud attacks.

Settings:

  • Authorizations (e.g., 3)
  • Time Window (e.g., 60 seconds)
  • Option to limit by IP address

Note: If using this module via the API, theip_address field must be included in the transaction

Note Requirements

Require additional fields in the transaction request to enforce data integrity.

Options:

  • Notes field required
  • Invoice field required

Duplicate Check

Prevent accidental or malicious duplicate submissions. This checks the last four digits of the card, amount, and invoice number.

Customizable:

  • Time window (in minutes)
    • Can also check purchase_order or external_id

Note: If using this module via the API, theip_address field must be included in the transaction

International

  • Block International Cards: Prevents transactions that are using cards issued outside of the U.S.
  • Block International Locations: Prevents payments from IP addresses located outside of the U.S.

Contacts

Enable this to allow payments only from customers who:

  • Appear in your Customers list
  • Access the payment page through a unique invoice link sent via your merchant account

Card Types

  • Allow Credit Transactions
  • Allow Debit Transactions
  • Allow AMEX Cards

Note: These settings depend on card brand data from third parties and may not always be accurate.

Amounts

Define transaction amount restrictions. Any transactions that are not within the set amounts will be blocked.

  • Minimum Transaction Amount: Helps block micro-fraud or accidental low charges
  • Maximum Transaction Amount: Limits high-risk, large transactions

API Integration Notes

Many fraud modules depend on transaction-level data such as ip_address, invoice_number, or external_id. Be sure to include these fields where applicable to fully utilize the protections provided.

Updated 12 days ago