TabaPay Defense: Out-of-the-Box Essentials
Coming Soon
Interested in TabaPay Defense: Out-of-the-Box Essentials ?
To learn more about how TabaPay Defense can enhance your transaction monitoring capabilities, please reach out to your TabaPay representative or email [email protected] for further information.
About
TabaPay Defense: Out-of-the-Box Essentials offer a seamless, turnkey solution for comprehensive transaction security, allowing you to focus on core business operations while benefiting from state-of-the-art payment protection.
These Out-of-the-Box Essentials are a powerful set of real-time transaction safeguards implemented and managed by TabaPay across your entire payment volume. This robust system enables both existing and new TabaPay clients to leverage instant protection without the need for additional integration time or technical resources for coding and maintenance.
By utilizing these pre-configured controls, businesses can:
- Enhance operational efficiency with automated, real-time transaction blocking capabilities
- Reduce costs associated with network integrity fees when unmanned
- Ensure 24/7 protection, even during non-business hours and holidays
- Fight fraud in days instead of months, at a fraction of the cost of a stand-alone implementation. With no additional API calls or engineering work, going live is fast and seamless. Uncover more fraud, deploy strategies to fight it more effectively, and respond to new risks with unprecedented agility.
Features offered by TabaPay Defense: Out-of-the-Box Essentials
TabaPay Defense | Out-of-the-Box Essentials offers a comprehensive suite of features designed to help you detect, prevent, and combat fraud effectively, and include the following out-of-the-box features:
| Features | Availability |
|---|---|
| TabaPay Defense Dashboard | Access to TabaPay Defense Dashboard included 10 user seats. |
| Block Rules | |
| Card Block List | Available out-of-the-box. TabaPay Client can enable, disable, or modify the Card Block List via TabaPay Defense Dashboard. |
| BIN Block List | Available out-of-the-box. TabaPay Client can enable, disable, or modify the BIN Block List via TabaPay Defense Dashboard. |
| Country Block List | Available out-of-the-box. TabaPay Client can enable, disable, or modify the Country Block List via TabaPay Defense Dashboard. |
| Limits & Velocity | |
| Card Limit & Velocity | Available out-of-the-box. TabaPay Client can enable, disable, or modify the limit and velocity via TabaPay Defense Dashboard. |
| Transaction Limit & Velocity | Available out-of-the-box. TabaPay Client can enable, disable, or modify the limit and velocity via TabaPay Defense Dashboard. |
| Client/Sub-Client Limit & Velocity | Available out-of-the-box. TabaPay Client can enable, disable, or modify the limit and velocity via TabaPay Defense Dashboard. |
| Location-based Velocity | Available out-of-the-box. TabaPay Client can enable, disable, or modify the limit and velocity via TabaPay Defense Dashboard. |
| Transaction Processing Excellence | |
| Network Excessive Retries | Available out-of-the-box. TabaPay client can enable or disable the rule via TabaPay Defense Dashboard. These rules cannot be modified. |
| TabaPay Tracker | |
| Chargeback Tracker | Available out-of-the-box. TabaPay client can enable or disable the rule via TabaPay Defense Dashboard. These rules cannot be modified. |
| Reported Fraud Tracker | Available out-of-the-box. TabaPay client can enable or disable the rule via TabaPay Defense Dashboard. These rules cannot be modified. |
| Card Monitoring Tracker | Available out-of-the-box. TabaPay client can enable or disable the rule via TabaPay Defense Dashboard. These rules cannot be modified. |
| BIN Monitoring Tracker | Available out-of-the-box. TabaPay client can enable or disable the rule via TabaPay Defense Dashboard. These rules cannot be modified. |
| Professional Services | |
| Professional service hours | Contact the TabaPay team for information on charges for professional service hours. |
Out-of-the-Box Essentials 101
TabaPay Defense | Essential Controls offer a comprehensive, dynamic shield against fraudulent transactions, providing TabaPay Clients with a list of powerful controls in different levels:
- Block Rules
- Card Block
- BIN Block
- Country Block
- Limits and Velocity
- Card Limit & Velocity
- Transaction Limit & Velocity
- TabaPay Client or Sub-Client Limit & Velocity
- Location-based Velocity
- Transaction Processing Excellence
- Network Excessive Retries
- TabaPay Trackers
- Chargeback Tracker
- Reported Fraud Tracker
- Card Monitoring Tracker
- BIN Monitoring Tracker
Block Rules
Card Block
Prevent transactions from individual cards flagged for suspicious behavior. Clients can define and manage the card block list.
| Use cases and Benefits |
|---|
| The client has full control over which cards to block, leveraging their past experiences and insights to make informed decisions. For instance, if unusual activity is detected on a card based on the client's internal observations, they can update their block list to restrict that card. |
BIN Block
Instantly block transactions from specific Bank Identification Numbers. Clients can define and manage the BIN block list.
| Use cases and Benefits |
|---|
| The client has full control over which BINs to block, leveraging their past experiences and insights to make informed decisions. For instance, if unusual activity is detected on a specific BIN, issuer, or issuer country, based on the client's internal observations, they can update their block list to restrict that BIN. |
Country Block
Reject transactions destined to high-risk countries or regions. Clients can define and manage the country block list.
| Use cases and Benefits |
|---|
| - Fraud prevention: The primary reason for blocking certain countries is to minimize the likelihood of fraudulent transactions, as some regions have a higher prevalence of fraudulent activities like identity theft or stolen credit card usage. |
| - Legal compliance: In some cases, blocking certain countries may be necessary to comply with government regulations and sanctions, preventing transactions with entities from restricted regions. |
| - Risk management: By identifying high-risk countries, TabaPay Clients can proactively limit potential losses from fraudulent transactions, allowing them to allocate resources more effectively. |
| - Targeted marketing: Blocking certain countries can also be used to focus marketing efforts on regions where TabaPay Clients have a higher chance of success, optimizing customer acquisition strategies. |
Limits & Velocity
Card Limit & Velocity
Instantly block transactions if they exceed the per-card limit or velocity. For example, the total amount of all push transactions associated with a single card cannot exceed $1,000.
| Use cases and Benefits |
|---|
| - Fraud Prevention: By capping the total transaction volume per card, this control minimizes the risk of fraudulent activity, such as excessive or unauthorized transactions on a compromised card. |
| - Mitigation of Money Laundering Risks: Enforcing per-card limits aids in detecting and preventing suspicious patterns, such as large-volume transactions often linked to money laundering. |
| - Improved Risk Management: Helps businesses manage their exposure to high-risk cards, ensuring that a single card cannot cause significant financial losses. |
Transaction Limit & Velocity
Instantly block transactions if they exceed the per-transaction limit or velocity. For example, a single push transaction can't exceed $500.
| Use cases and Benefits |
|---|
| - Enhanced Fraud Prevention: By instantly blocking transactions that exceed the set per-transaction limit, merchants can prevent high-value fraudulent transactions before they occur. |
| - Regulatory Compliance*: Helps businesses adhere to industry regulations and internal policies by ensuring that no single transaction surpasses predefined thresholds. |
| - Operational Efficiency: Automating transaction blocking based on set limits minimizes manual reviews, saving time and resources while maintaining security. |
Client/SubClient Limit & Velocity
Instantly block transactions if they exceed the per-Client or per-Sub-Client limit/velocity. For example, the total amount of all push transactions under a Sub-Client cannot exceed $10,000.
| Use cases and Benefits |
|---|
| - Prevents Excessive Fund Movement: Ensures that a single client or Sub-Client does not exceed predefined transaction limits, reducing the risk of unauthorized or excessive fund transfers. |
| - Improved Risk Management By setting per-client and per-Sub-Client limits, businesses can maintain better control over transaction flows and mitigate financial risks. |
| - Operational Efficiency: Automating transaction blocking based on set limits minimizes manual reviews, saving time and resources while maintaining security. |
Location-based Control
Decline transactions if multiple cards with the same name are used within the same zip code area for high-value transactions.
| Use cases and Benefits |
|---|
| - Geo-Based Fraud Prevention: This control leverages point-of-sale geographic information to identify and block geo-related fraud patterns. By analyzing the location of transactions, it helps detect and prevent fraudulent attempts originating from high-risk or unusual areas, enhancing overall security. |
| - Fuzzy User Match: This control addresses scenarios where user identifiers are incomplete or unavailable. By utilizing a fuzzy match based on attributes like name and zip code, it allows merchants to identify potential fraud patterns or enforce transaction limits. This feature provides a flexible and intelligent approach to detecting suspicious activity and improving risk management. |
Transaction Processing Excellence
Network Excessive Retries
To avoid negative impacts to cardholders and the processing systems caused by erroneous authorizations that are not authorized, reversed or cleared according to their requirements, card networks Visa and MasterCard run integrity programs to promote good behavior.
You may be familiar with Visa's Processing Integrity Fee program and MasterCard's Transaction Processing Excellence. In a concerted effort to promote and maintain these good authorization practices prescribed by the networks, TabaPay insists all integrating clients are aware of these integrity programs, adhere to them, and understand the implications with avoidance of these programs.
Transaction Processing Excellence Integrity Fees
When Visa and MasterCard impose Processing integrity fees when processing integrity requirements are not met, TabaPay will pass these fees to integrating clients.
Read more here.
| Use cases and Benefits |
|---|
| This control helps TabaPay Clients automatically block repeated attempts after initial failures, reducing the risk of brute-force attacks as well as stay on top of network mandates. In other words, automatically deploy and run rules to mitigate network fees associated with network mandates. (Please refer to our Network Fee guide for details) |
TabaPay Tracker
No modifications allowed.
Unlike other rules, rules associated with TabaPay-Level Signals cannot be modified by TabaPay Clients.
However, TabaPay Clients can enable or disable them at any time using the TabaPay Defense Dashboard.
Chargeback Tracker
Block a transaction if fraud patterns are detected in the card's chargeback activity across all transactions processed by TabaPay. For example, a transaction may be blocked if the card has recently reported a fraud-related chargeback that is not visible to the merchant but is visible to TabaPay.
| Use cases and Benefits |
|---|
| - Reduced Chargeback: By proactively blocking suspicious cards with recent fraud chargeback records across one or multiple merchants within TabaPay's network, merchants can significantly reduce the number of chargebacks they receive. This ensures fewer disputes from customers claiming unauthorized charges, improving operational efficiency and lowering chargeback-related costs. |
| - Reduced Fraud: Fraud-related chargebacks serve as a critical signal for identifying fraudulent activity. By leveraging TabaPay's robust fraud detection signals, collected from transactions processed across its network, merchants can detect and prevent fraud more effectively and at an earlier stage. This enhances overall security and reduces financial exposure to fraudulent transactions. |
Reported Fraud Tracker
Block a transaction if recent fraud is reported on the card by the networks. VISA and MasterCard provides reported fraud records (TC 40 reports from VISA for example) that contains the purchase (pull/debit) transactions that have been reported as fraudulent by the cardholder/cardholder’s issuing bank to Mastercard and Visa.
| Use cases and Benefits |
|---|
| - Reducing Fraud: This control helps reduce fraud by leveraging reported fraud records from VISA and MasterCard. It automatically blocks card numbers identified in these reports, enabling proactive fraud prevention and minimizing exposure to high-risk transactions. |
| - Network Monitoring Programs: This control helps merchants improve fraud performance and avoid detection by network monitoring programs. At the beginning of each month, VISA and MasterCard identifies merchants that have met or exceeded the program thresholds for fraud activity (See Network Monitoring Program ). Networks requires that issuers report on all transactions reported as fraudulent by the cardholder, regardless of whether a chargeback is filed or whether a 3DS liability shift applies. A merchant's fraud activity is based on these reported fraud records. The networks uses fraud and sales transactions reported or processed in the previous calendar month. |
BIN Monitoring Tracker
TabaPay identifies BINs that are corresponding to high-risk issuers or recently have high fraud rate. Transactions can be blocked if BIN is within TabaPay's monitoring.
| Use cases and Benefits |
|---|
| - High-risk Issuing BINs: Block BINs corresponding to high-risk issuers so as to not accept those cards issued by them. These issuers tend to have lower KYC requirements and these transactions are prone to higher fraud. Unlike generic fraud detection methods, BIN blocking allows for targeted prevention by focusing on specific card issuers with a history of fraudulent activity |
| - Blocking BIN due to BIN attacks: Blocking an issuing BIN during a BIN attack significantly reduces the risk of fraudulent transactions by preventing a whole range of cards associated with that specific bank from being used to make purchases, effectively stopping a fraudster from attempting numerous transactions using stolen card details from that particular issuing bank, thus protecting both you and the cardholder from potential financial losses. |
| - Streamlined Fraud Prevention: Implementing BIN blocking allows merchants to quickly react to emerging fraud threats by actively blocking high-risk BINs. By stopping fraudulent transactions early, blocking a BIN helps protect customer sensitive information from being compromised. |
| - Reduced Chargeback: By proactively stopping suspicious transactions, merchants can minimize the number of chargebacks they receive from customers claiming unauthorized charges. |
Card Monitoring Tracker
Block a transaction based on any other fraud patterns TabaPay identified from card usage history all transactions processed by TabaPay.
| Use cases and Benefits |
|---|
| Suspected Fraud: If unusual activity is detected on a card, like a large purchase from a different location than the cardholder's usual location, then the card may be blocked to investigate further and prevent potential fraudulent charges. |
| Fraud prevention: Stop further fraudulent charges if card details are compromised, as new transactions will be declined when the card is blocked. |
| Lost card protection: If a cardholder loses or misplace their card, blocking it immediately prevents anyone else from using it until it is found. |
| Mitigate Account Takeover Fraud: Blocking a card helps prevent account takeover by essentially restricting access to the financial account, making it difficult for a fraudster to use the card to make unauthorized purchases, effectively limiting their ability to take over the account and drain funds. |
TabaPay Defense Dashboard
TabaPay Clients can make changes to their rules or block lists using a self-serve Dashboard, a user-friendly dashboard for real-time monitoring and management of security rules.
- Ability to be able to add new BIN/Card/Countries for blocking.
- One-click activation or deactivation of individual rules to adapt to emerging threats.
- Customizable rule parameters to fine-tune protection based on your business needs.
How does this work
Step 1: Receive Essential Controls attributes from TabaPay via our API and Reports.
TabaPay Create Transaction API as well as TabaPay Daily Transaction Report includes these four values:
1. TabaPay Account ID
TabaPay stores and manages payment cards and bank accounts securely for you. We call this TabaPay Tokens (aka TabaPay Vault).
This capability allows you to be an efficient fintech while letting us manage the burden of PCI-DSS compliance for you. While we take on the complexities of storing these payment instruments safely and securely, you get to focus on your core value proposition! For every payment card or bank account, TabaPay validates the incoming payment instrument and stores them as Account ID.
-
Where to find it in the API: This Account ID is what is provided back to you in the Create Account API Response, so you do not have to manage the 16-digit payment card number or bank account. You will be able to utilize the Account ID within our Unified API (Create Transaction API) to Push and Pull.
-
Where to find it in the Daily Transaction Report: https://developers.tabapay.com/docs/transactions
2. TabaPay Transaction ID
It is an ID sent by TabaPay in the Create Transaction API response and is a unique ID to represent a transaction request within the TabaPay environment.
-
Where to find it in the API: Every Create Transaction API includes the TabaPay Transaction ID.
-
Where to find it in the Daily Transaction Report: https://developers.tabapay.com/docs/transactions
3. Payment Account Reference (PAR)
A Payment Account Reference (PAR) is a unique identifier associated with a specific cardholder PAN and its affiliated tokens. This 29 character identification number can be used in place of sensitive consumer identification fields, and transmitted across the payments ecosystem to facilitate consumer identification.
What's PAR?
Read more here.
-
Where to find it in the API: PAR will be returned for transactions performed using Visa and MasterCard payment credentials, where the payment credential is either a PAN or a network token.
-
Where to find it in the Daily Transaction Report: Coming soon.
4. Network ID
Network ID corresponds to the ID generated by the underlying card network associated with the transaction.
- Where to find it in the API: Today, all TabaPay Clients receive Network ID in our response to the Create Transaction API.
- Where to find it in the Daily Transaction Report: https://developers.tabapay.com/docs/transactions
5. Country Code:
The ISO 3166-1 Alpha-3 Code representing a destination country where a Push transaction is sent to.
Step 2: In the TabaPay Defense Dashboard, perform any of these:
For Block Lists:
- Add BIN-factors for BIN blocks
- Add Card-factors for Card blocks
- Add Country-Codes for Country blocks
- Note:
- Excessive Retry rules are canned rules, and cannot be modified
- At this time, TabaPay Clients will have to raise an email request to delete BINs/Cards/Country Codes that are part of the block list. In other words, only 'Add' is allowed.
| Attribute | BIN Block factor? | Card Block factor? | Country Block factor? | Excessive Retry Control factor? |
|---|---|---|---|---|
| TabaPay Account ID | Yes - the BIN corresponding to the Account ID is used to block | Yes - the underlying card number corresponding to the Account ID is used to block | - | - |
| TabaPay Transaction ID | Yes - the BIN corresponding to the TabaPay Transaction ID is used to block | Yes - the underlying card number corresponding to the TabaPay Transaction ID is used to block | - | - |
| Payment Account Reference (PAR) | Yes - the BIN corresponding to the PAR is used to block | Yes - the card number corresponding to the PAR is used to block | - | - |
| Network ID | Yes - the BIN corresponding to the Network ID is used to block | Yes- the card number corresponding to the Network ID is used to block | - | - |
| Country Code | - | - | Yes (ISO 3166-1 Alpha-3 Code of the destination country of a Push transaction) | - |
| Pre-set Retry Rules | - | - | - | Yes |
For Block Rules:
- Visit a list of pre-set rules provided by TabaPay
- Modify the rule parameter if needed
- Enable or disable the rule
Step 3: Create Transaction API and Defense Essentials
- You send the Create Transaction Request
- Real-time decisioning engine is enabled with Out-of-the-Box Essential Controls
- Transaction is approved and sent to the network
Or - Transaction is blocked and you receive the notification
- Transaction is approved and sent to the network
- Transactions are queued to review
- You review any transactions for follow-up case management
How to Use TabaPay Defense Dashboard
- Select the rule you want to enable, and click publish button to enable it.
- Enter the rule edit page, modify the rule paramter based on your needs.
Things to Note
| What | Note |
|---|---|
| Time Limit | Blocks are applied indefinitely. To undo a block, please email TabaPay at [email protected] |
| Cost | There is a fee associated with the use of Out-of-the-Box Essential Controls. Please work with your TabaPay representative to know more. |
| Support | Adding blocks across BIN/Card/Country is DIY through TabaPay Defense Dashboard. Please ensure your team has adequate access to the tool. |
Updated about 3 hours ago