User Guide
Table Of Contents
- Intended Audience
- Revision History
- Introducing Fraud Management Filters
- Setting Up Fraud Management Filters
- Using Fraud Management Filters
- Customizing Websites to use Fraud Management Filters
- Fraud Management Filters Summary
- Fraud Management Filters Operating Principles
- Index
Fraud Management Filters June 23, 2009 35
Customizing Websites to use Fraud Management Filters
Fraud Management Filters API Prerequisites
Any of these APIs could return a SuccessWithWarning status indicating that the
transaction was pended.
IMPORTANT: You may lose payment transactions if you do not handle
SuccessWithWarning acknowledgements.
z You must capture and evaluate the return code associated with a SuccessWithWarning
acknowledgement.
z If you process authorizations or orders, you must be able to analyze the short message
associated with a capture failure
Because a payment cannot be captured until it is taken out of the pending state, a capture
failure may occur because the transaction was pended or it may occur for some valid
reason. You must be able to distinguish between different kinds of failures.
z Your shipping process must not allow shipping before the payment has been accepted.
If the payment status is Pending, you must ensure that you do not ship merchandise until
you review the transaction. You can use the PayPal website or the
ManagePendingTransactionStatus PayPal API operation to either accept or deny
pending transactions.
NOTE: Pending payments are held 30 days unless explicitly denied or accepted. After 30
days, a pending payment is automatically reversed.
z If you use Direct Payment Recurring Billing (for Website Payments Pro merchants), your
subscription creation process must handle a SuccessWithWarning acknowledgement
and associated return codes. Specifically, it must handle the situation in which only the first
payment is pended; payments thereafter will not be placed in pending.
If you cannot accept these prerequisites; for example, if your shipping process would require
substantial rework, you can still use Fraud Management Filters to flag or deny riskier
payments, which provides you with additional risk review options, without changing your site.
In this case, do not set any Fraud Management Filters to Review.
NVP Example
For a pended transaction, the NVP response would contain PAYMENTSTATUS set to Pending
and the response would also contain the following fields:
ACK=SuccessWithWarning
L_ERRORCODE0=11610
L_SHORTMESSAGE0=Payment%20Pending%20your%20review%20in%20Fraud
%20Management%20Filters
L_LONGMESSAGE0=
L_SEVERITYCODE0=Warning