Shift4

Fraud prevention

Fraud Rules and Fraud Lists

Fraud Rules are objects that allow merchants to enhance and customize fraud prevention. They allow for the preapproval or preemptive banning of a customer or a card suspected of illegal activity. To access Fraud Rules, log into your dashboard.

Fraud Rules

Fraud Rules enable merchants to easily prevent or manage charges based on criteria such as email, card number, BIN, country, and more.
Shift4 provides 2 types of Fraud Rules:

Approve rules - these rules are beneficial for merchants who want to ensure that their trusted customers can always make a purchase unless a processing errors occur.
Decline rules - these rules block the creation of a charge. They help protect against cyberattacks and fraudulent transactions.

Premises

Rules are based on the “first win” philosophy. This means that during the creation of a charge, the Rules are verified in a strict order:

1. Approve Rules - a charge is automatically approved when a specific criterion is met.

2. Decline Rules - a charge is automatically declined when a specific criterion is met.

Once a match is found, the verification process stops and - depending on the matched item - charge is processed or declined.

Example: A merchant may block cards from a specific country by placing them in a Decline rule. However, if a customer’s email address appears in an active Approve Rule, the origin of the card will no longer be a concern. Approve Rules are prioritized in the verification process, so when a match is found, the Decline Rules are disregarded.

The Rules view provides information on charges impacted by a specific rule. You can view the number of charges affected by the rule in the main view. To see the list of transactions associated with a particular item, simply click on it.

Charges impacted by a fraud rule will be clearly marked as such in the charge view. It will also include a reference to the fraud rule applied.

Default Fraud Rules

Two rules are created by Shift4 by default:

Approve Fraud Rule if charge contains values from default Shift4 Approve Lists
Decline Fraud Rule if charge contains values from default Shift4 Decline Lists

Values from default Lists will be applied by the default Fraud Rules.
More information on default Lists can be found here.

How to Create a Fraud Rule From the Fraud Rules View:

1. Navigate to Fraud on the left side panel..

2. Click the Add rule button in the upper right corner.

3. Select the type of rule you would like to create.

4. Follow the on-screen instructions to manually create a fraud rule.

5. Create a rule out of three basic elements:

attribute (an object such as an email or card BIN)
operator (instructions on how to evaluate an attribute)
value (specific value stored in a field named in the Attribute element). An example of a simple fraud rule that automatically approves charges made by customer registered under email [email protected]:

User can decide if the new rule is disabled or immediately active.

You can create more advanced rules by combining multiple clauses with the logical operator AND. Note that all specified requirements must be met so that the rule can be applied. There is no limit to the number of clauses that can be combined within a single Fraud Rule. Please refer to the complete list of attributes and operators at the end of the article.

6. Click on the Add rule button located below the rule editor.

Once rules are created, they can be deleted or disabled, but they cannot be edited.

Fraud Lists

Fraud Lists offer a clearer overview and facilitate the handling of criteria used for fraud protection. Rather than creating numerous rules for specific types of values, you can simply establish a single rule that applies to the values from a list. The default view of the Fraud Lists consists of lists created by Shift4. These lists cannot be deleted. Default lists can be extended by adding values from a charge view or customer view

Merchants can also create their own Fraud Lists

Please note that items added to the Approve list cannot be included in the Decline list. For example, you cannot pre-approve and ban an email address at the same time.

Please note that fraud lists and fraud rules are not retroactive, meaning they only apply to charges created after the introduction of the rule or the addition of an item to the list. Charges that have been declined or approved based on the fraud rule will retain their status, even if the rule is later edited or deleted.

Relationship between Default Fraud Lists and Default Fraud Rules

How to Add a Custom Fraud List

1. Navigate to the Fraud on the left side panel, then select Lists.

2. Click on the + Add List button located in the upper right corner.

3. Choose a data type that should be stored in the list. Select String as a criterion for fraud rules processing metadata.

4. Confirm by clicking Add. A new list should now be visible on the main view.

5. To populate the list, simply click on it and then use the Add Value button.

When you add an item to the list, you can expand it with a new value and review the existing values and associated fraud rules. Additionally, you can easily edit the list’s name by using the context menu next to the Add Value button.

How to Delete a Custom Fraud List

1. Navigate to the Fraud on the left side panel, then select Lists.

2. Choose a list you'd like to delete. Note it is only possible to delete a custom list created by a user. Default lists created by Shift4 cannot be removed.

3. Click on the three horizontally aligned dots at the end of a line and choose option Delete.

4. Confirm by clicking Delete on the on-screen communicate.

How to Add a Value to a Fraud List From the Charge View

1. Navigate to Charges on left side panel

2. Click on the selected charge.

3. Click the Add To List button in the upper right corner.

4. Choose a field to which a fraud rule should be applied, and specify the type of rule (Approve or Decline). There are no limitations on the number of fields you can pre-approve or ban in the same action.

5. Once you confirm the changes by clicking Save at the bottom of the modal, new items will appear on respective default fraud lists. You can select a field from the metadata; if there is no custom list available for this field, one will be automatically created and populated. Note: if you choose to use metadata as a criterion for a fraud rule, a new default fraud list will be created. Like other lists created by Shift4, this new list cannot be removed.

How to Add a Value to the Fraud List From the Customer View

1. Navigate to Customers on the left-side panel

2. Click on the selected customer.

3. Click the Add To List button in the upper right corner. Customer email address will be added to a default Approve or Decline List

Complete list of attributes and operators

Attributes:

Simple:

Attribute	Characteristics
email	eg. “[email protected]”
email_domain	eg. “gmail.com”
card_bin	a sequence of six whole numbers, eg. “237066”
card_bin_country	values provided in the form of a country code compliant with ISO 3166-1, eg. "US", "UK", "FR"
card_fingerprint	a string of letters and numbers given to a card in Shift4’s system, eg. “BxekgrklfnqqWHqM”
ip_country	values provided in the form of a country code compliant with ISO 3166-1, eg. "US", "UK", "FR"
card_issuer	eg. Visa
ip_address	IPv4 or IPv6, eg. “2001:0db8:85a3:0000:0000:8a2e:0370:7334”
shipping_country	values provided in the form of a country code compliant with ISO 3166-1, eg. "US", "UK", "FR"
user_agent	data on the device from which a request was sent, eg. ”Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Mobile Safari/537.36”
shipping_address	eg. “Maple Street 3017, Chicago, MI, USA”

With a parameter:

Attribute	Characteristics
metadata[{your value}]	eg. metadata[{my_invoice}]

Operators:

Attribute	Characteristics
=	simple comparison of a single number or a single string of letters
>	simple comparison of a single number
>=	simple comparison of a single number
<	simple comparison of a single number
<=	simple comparison of a single number
!=	simple comparison of a single number or a single string of letters
in	value on the left is listed on a fraud list whose alias is provided in the fraud rule
not_in	value on the left is not listed on a fraud list whose alias is provided in the fraud rule
start_with	value on the left starts with the value on the right side of the operator
ends_with	value on the left ends with the value on the right side of the operator
contains	value on the left contains the value on the right side of the operator; applicable for string values only
contains_any_of	the rule is effective if a value or part of the value provided in a charge is listed in a named fraud list

Types of values:

Attribute	Characteristics
bin	four subsequent digits
country	a string of two letters compliant with the country code listed in ISO 3166-1, eg. "US", "UK", "FR"
email	a string of characters
email_domain	a string of characters
ip_address	a string of characters
card_fingerprint	a string of characters
decimal	a string of characters
string	a string of characters