iQ Protect

iQ Protect

website maker

What is iQ Protect?

iQ Protect is a fraud management tool used to set rules and filters to prevent and detect suspicious transactions. Transactions can be declined/approved pre and post-authorization.

Who benefits from it?
Card-not-present merchants, especially eCommerce merchants, who are looking for an automated way to deter fraudulent transactions.
**Note** Rules set within iQ Protect will not apply to retail transactions processed through an EMV peripheral/terminal. 

Who qualifies for it?
Any iQ Pro merchant. iQ Protect is Included in iQ Pro base package that also includes Virtual Terminal with Vault and Recurring Billing.

Is there a cost to the merchant for iQ Protect?
BASYS does not bill merchants a separate fee for iQ Protect. It is included in their iQ Pro package.

How to Enable iQ Protect:

How to enable iQ Protect at the gateway level:

  • • Select Manage > iQ Protect
  • • Toggle “Enable iQ Protect” on
  • • Set Pre Rules and/or Post Rules accordingly

How to Enable iQ Protect at the Merchant User Level:


• iQ Protect is a Permission toggled ON at the gateway level and can be turned on or off at the user level.

• The user must have the permission enabled to access iQ Protect

  1. Select Manage > Users
  • 2. Select the pencil icon next to the user to edit
  • 3. Toggle “Manage Rule Engine” on/off accordingly

How to Enable iQ Protect Trigger Notifications:

How to enable virtual terminal notifications when a velocity rule is triggered:
• If the “Trigger Notifications” checkbox is selected on each individual iQ Protect rule, the merchant will receive an error message if a velocity rule is triggered

How to Enable the Trigger Notifications per Rule:

  • 1. Add the rule
  • 2. Then, check the box for “Trigger Notification” next to the rule
  • • In the example shown above, the pre-rule is set to deny a transaction equal to $1.00. If the merchant attempts to run a $1.00 transaction, an error message will appear and the transaction status on the transaction details screen will show as “Unknown”
  • • If the trigger notification checkbox is not selected, the transaction will decline, and will show the decline reason in the “Processor Response Text”

iQ Protect Pre Rules

What are Pre Rules?
• Rules set to accept or deny transactions BEFORE the authorization request is sent to the issuer.

iQ Protect Pre Rule Descriptions/Definitions

See descriptions on each pre-rule below

Amount – Filter based on the Amount.
• Use Case #1: A merchant with a $10 average ticket may want to automatically deny transactions greater than $1000 because a sale that large would be rare and potentially fraudulent, warranting investigation before holding funds on a card and shipping product.
• Configure Rule as: If Amount is greater than $1000.00, Deny the transaction.

• Use case #2: An eCommerce or Simple Pay merchant could deny transactions under $1.00 to prevent card testing.
• Configure Rule as: If Amount is less than $1.00, Deny the transaction.

IP Velocity Check 1Hour
• Number of transactions per 1 hour from the same IP address

IP Velocity Check 24Hours
• Number of transactions per 24 hours from the same IP address

IP Velocity Check 72Hours
• Number of transactions per 72 hours from the same IP address

Velocity Check 1Hour
• Number of transactions per 1 hour

Velocity Check 24Hours
• Number of transactions per 24 hours

Velocity Check 72Hours
• Number of transactions per 72 hours

Account Velocity Check 24Hours
• Deny transactions once the number of transactions exceeds the allowed occurrences in a 24-hour period.
• This is the best way for a merchant to prevent excessive losses associated with card testing. Ecommerce and Simple Pay merchants need to utilize this filter.
• Use case #1: An eCommerce or Simple Pay merchant who averages 50 transactions per day could deny all transactions after the 100th transaction in a 24 hour period.
• Configure Rule as: If Account Velocity Check 24Hours is greater than 100, Deny the transaction.

Account Velocity Check 72Hours
• Deny transactions once the number of transactions exceeds the allowed occurrences in a 72-hour period.

Account Velocity Check 30Days
• Deny transactions once the number of transactions exceeds the allowed occurrences in a 30-day period.

Address Match
• Filter based on address
• Merchant can choose to deny or accept transactions based on whether the transaction address matches or does not match to the address set within the rule

Bin Range
• Filter based on card bin number
• A credit card BIN is the first 6 digits in a credit card number and identifies the issuing bank
• If card testing is done on a unique BIN, a rule can be set to deny transactions run on cards with that BIN

Card Type
• Filter based on card type.
• Accept or deny credit or debit transactions.

Card Brand
• Filter based on card brand.
• Accept or deny Visa, Mastercard, Discover, or American Express.

CVV on Card Payment
• Filter based on if CVV field is required/not required on the virtual terminal
• Note: CVV check is a Post Rule
• If CVV matches/does not match then accept/deny

Vault Create on Card Payment
• Filter based on if Vault Create is required/not required on the virtual terminal

IP Address
• Filter based on IP address
• This is where the merchant can set their list of trusted IP addresses
• Use Case: A MOTO merchant wants to deny transactions that originate from IP addresses outside his business or home.
• Configure rule as: If IP Address is not equal to [insert IP Address(es)], Deny the transaction.

Email Domain
• Filter based on email domain
• This is where the merchant can prevent payments from being processed for a certain email domain
• Use Case: An eCommerce/Simple Pay merchant that wants to prevent transactions from being processed for certain email addresses to prevent fraud

IP Proxy
• Filter based on IP Proxy
• This is where the merchant can prevent payments from being processed for certain IP Proxy servers

Country
• Filter based on country
• Merchant can choose to deny transactions on cards that are issued from a certain country or deny transactions if the issuing country is not equal to United States.

Billing State
• Filter based on billing state
• Merchant can choose to deny transactions from a certain billing state

Billing State Card Only
• Filter based on billing state (card only)

iQ Protect Post Rules

What are Post Rules?
• Rules set to accept or decline transactions based on the response from the issuer.

  • Post Rules include:
  • • CVV
  • • AVS

CVV
• Filter based on CVV response.
• Merchant can choose to deny transactions if the response is not a match.
**Note** Most issuers will decline a transaction if the CVV does not match.

AVS
Filter based on AVS response.
This is where the merchant can set their desired AVS level. For example, a merchant may want to require at least one element of the address to match, or the gateway declines the transaction.
They would set the filter to Deny the transaction If AVS is not equal to:

• X – Exact match, 9-character numeric ZIP
• Y – Exact match, 5-character numeric ZIP
• D – Street address Match for international
• M – Address match only international
• A – Address match only
• B – Address match only international
• W – 9-character numeric ZIP match only
• Z – 5-character Zip match only
• P – Postal Code match international
• L – Postal Code match international (amex)
• OR, they could set the filter to Deny the transaction if AVS is equal to:
• N – No address or ZIP match
• C – Incompatible format (international)
• U – Address unavailable
• G – Non-U.S. Issuer does not participate
• I – Not verified (International)
• R – Issuer system unavailable
• E – Not a mail/phone order (This is how it’s labeled in UI but this really indicates that AVS data is invalid)
• S – Service not supported
• 0 – AVS Not Available



Share
Tweet
Share
Buffer
Email