APPENDIX A Frequently Asked Questions

The following are answers to questions often asked about the CyberSource Fraud Manager.

What is the CyberSource Fraud Manager?

The CyberSource Fraud Manager (CFM) is fraud detection software that allows you to create real-time custom fraud checks. Fraudulent orders can be stopped before they are accepted. You can change your fraud checks to respond to customer and industry trends. The CyberSource Fraud Manager is comprised of three different kinds of fraud checks:

Velocity checks

Hot List checks

Boolean checks

You manage and modify each check method.

What is a Velocity check?

A Velocity check screens out a series of attempted transactions where one field is constant while other fields vary over a chosen time period. You control the sensitivity of a Velocity check by defining the monitoring time period and number of attempts allowed before a transaction is flagged. CFM performs the following Velocity checks:

Account number by expiration date

Account number by ship-to street number and ship-to zip code

Ship-to street number and ship-to zip code by account number

Phone number by account number

What are Hot List checks?

Hot List checks identify repeat fraudulent attempts by comparing each order to a database of known fraudulent information including:

Credit card numbers

Ship-to addresses

Email addresses

Phone number

CFM provides a database table to which you can import lists and add entries.

What are Boolean checks?

Boolean checks allow you to create specific checks suited to your business. Your rules are compared against incoming transactions to flag undesirable orders. Several data elements can be manipulated to flag event combinations.

How can I create new checks within the Hot List and Boolean checks?

Create new checks in simple text format, then import the checks to the CFM server. The new checks are immediately deployed on the next incoming transaction. You can track and monitor checks by designating a unique two-digit code identifying the check group, purpose and priority.

How will I know if a Hot List check, Velocity check or Boolean check is violated?

If any check if violated, CFM returns up to three two-digit codes per transaction. These codes identify which check was violated.

Is CyberSource Fraud Manager compatible with any payment server?

The CyberSource Fraud Manager is integrated with the CyberSource Payment Manager (version 3.1 or higher) and is fully operational in Windows NT. This provides the flexibility to establish customized authorization and fraud screen order flow.

If you use an alternative payment server, CFM can be installed using the published API. Integration requires sending requests to CFM for processing and integrating the responses into your order flow processing system. If you need assistance with this integration, contact CyberSource Professional Services. See Contacting CyberSource for contact information.

How does CyberSource Fraud Manager integrate with the order flow processing system?

CFM is flexible and accommodates several integration options. CFM can be run before authorization, after authorization, or during the authorization, or itcan be left out of the order flow.

What are the difference between the transaction processing order flows?

The four transaction processing order flow are as follows:

Pre-authorization -- Submits orders through the CFM check before being sent to the merchant bank. If any CFM flag is raised, the order is declined, and you are not charged for the card authorization.

Post-authorization -- Submits all orders to the merchant bank for authorization. If the authorization is approved, then the transaction is submitted to CFM.

Simultaneous authorization and fraud check -- Submits all orders to the merchant bank and CFM in parallel.

No fraud check -- Orders bypass CFM. Might be desirable if a third party is running CFM for multiple companies, and one of the companies is not exposed to high levels of fraud.

Can CyberSource Fraud Manager prioritize the Boolean checks?

Yes. However, it is not necessary since CFM is designed to pass each transaction through all Boolean checks.

Does CyberSource Fraud Manager conduct an Address Verification System (AVS), Card Verification Value (CVV2) or Mod 10 data check?

No, because CFM is coupled with the CyberSource Payment Manager. These basic authorization checks occur within the CyberSource Payment Manager.

If a business has several CyberSource Payment Manager systems, do they need multiple CFM systems?

No. A single CFM system can receive requests from multiple CPM systems. This can be done by configuring each CPM system to the CFM system.

Can CyberSource Fraud Manager support multiple businesses?

Yes, in the same manner that CPM is designed to support multiple businesses. Merchant IDs established within CPM can be used to configure custom Hot List checks and Boolean checks, or a company can share these across the entire base within a single locally-managed CFM system.

Can CyberSource Fraud Manager support multiple sales channels?

Yes. CFM provides flexibility for businesses that process authorizations from various sales channels, such as Web stores, call centers, or points of sale. Business can design specific Hot List checks and fraud rules for those particular sales channels, or share those checks across their entire company base.