Risk detection

cross river risk detection digital transactions are always getting more complex this exposes merchant partners—our customers—to greater risk ensuring the security and trust of our customers and their cardholders is always cross river’s top priority our aim is to provide our partners with peace of mind while they conduct digital transactions key services these are the key services that support the cross river fraud prevention efforts token validation service (tvs) tokenization replaces sensitive card data with unique security tokens cross river tvs ensures that the token used in a transaction is authentic and hasn't been tampered with this reduces the risk of data breaches ofac requirements ofac screening is required to ensure that card payment transactions comply with the law ofac screening checks transactions against the u s ofac list, which contains sanctioned people and organizations – those not allowed to make transactions in the u s ofac screening identifies and prevents financial interactions with restricted entities partners are required to perform ofac screening docid\ d69gbt8mlz14oy5l9fr36 (avs) avs plays a key role in attempting to identify fraudulent transactions before they occur during a transaction, the consumer provides a billing address they do this through the merchant’s website avs checks the billing address against the address that’s in the hands of the card issuer by confirming this information across systems, cross river can detect potential mismatches instantly those differences could indicate a possible unauthorized transaction docid\ d69gbt8mlz14oy5l9fr36 (ani) service ani confirms that the account holder's name is the same one listed at the issuing bank this provides an added layer of verification this check is important because it attempts to identify mismatches between the cardholder's name and the transaction details here too, those differences could indicate a fraud attempt docid\ d69gbt8mlz14oy5l9fr36 (cvv2) cvv2 offers extra defense against unapproved card usage the cvv2 is a three (or four ) digit code that code appears on the back of a payment card when buying something with their payment card, the consumer is often prompted to enter this code into the merchant’s website as the merchant acquiring bank, cross river forwards this code to the card network then, the network can get payment approval from the cardholder’s bank cvv2 ensures that the person making the transaction owns the card address verification (avs) address verification service (avs) checks the validity of the provided billing address to help prevent fraudulent transactions importance of avs when customers transact online, the card is not visible to the merchant by confirming card details with the issuing bank online, we can detect possible fraud activity we can also find out if it's likely the transaction is unauthorized avs helps protect consumers, our merchant partners, and cross river how avs works when a customer enters their billing address, cross river sends it to the card issuing bank the issuing bank, in turn, compares the address with the one they have on file if the address is a match, the transaction proceeds smoothly however, if there is a mismatch, this could be a sign of potential fraud note that non matching avs responses will not decline a transaction automatically that’s because there could be a few valid reasons for the mismatch for example, the consumer may have mixed up digits in the zip code ultimately, it is up to the merchant to decide whether to accept the transaction they make this decision based on avs results as well as other key data the results of checking avs are held in the add a card (post api) function call this call contains the following key attribute as part of its response addressverfied (true/false) if the merchant isn't configured for the avs service, contact your cross river relationship manager for details on how to connect to avs key benefits of avs fraud detection tool aids in identifying potentially fraudulent transactions from occurring additional verification address mismatches are flagged before transactions are authorized, potentially preventing unauthorized charges ensure trust consumers trust their merchant sites a lot more when they know the merchant acquiring bank is working with their issuing bank to keep transactions secure promote efficiency automate the verification process this makes transactions go more smoothly for consumers account name inquiry (ani) the ani service matches and verifies the name of an account holder it checks whether the name on file at the issuing bank is the same as the one the consumer provides during a transaction this happens in a way that is similar to address verification (avs) ani is vital for ensuring secure and accurate card payments importance of ani similar to avs, ani strengthens security, minimizes fraud risk, and maintains the accuracy of transactions this helps create a safe payment experience that consumers, merchant partners, and card issuers can trust ani also helps check for ineligible transactions for example, a cardholder requesting earned wage access via push to card may have given an incorrect name this could indicate that the card details may not really belong to the cardholder how ani works based on partner configuration, cross river initiates an ani verification transaction during card authorization this step is essential before making any aft or oct request this compares if the names that the transaction initiator provided match the data held by the card issuing bank if a card issuer doesn't yet support the ani service, the merchant gets a response code this code indicates that the cardholder's name is unverified because their card issuing bank doesn't support ani the results of checking ani are held in the response to the docid\ cff80nphrpp3buz2ycqra api this call contains the following key attribute as part of its response nameverificationused indicates whether cross river tried to contact the ani service this attribute value will also let you know if the merchant isn't configured for the ani service in that case, we recommend contacting your cross river relationship manager for details on how to connect to ani nameverificationresult indicates whether the initiator provided card details match fully, partially, or not at all, or if they are unknown it is important to note that card token creation is not rejected based on the result of an ani verification it is the responsibility of the partner to decide if they will allow the card to be authorized key benefits of ani enhance security adds extra security by verifying the accuracy of the card holder fraud prevention tool detects unauthorized transactions in real time, providing an additional layer of security build customer trust verifies account details before problems occur ensure accuracy reduces errors in transactions by ensuring the person making the transaction is the real card holder comply with standards ani information supports efforts to help meet security and verification standards for payment transactions card validation value (cvv2 / cvc2) the card validation value 2 (cvv2) service provides a critical security layer in card payments cross river provides cvv2 validation to ensure safer credit and debit card transactions cvv2 is a unique 3 digit (or in the case of amex 4 digit) code printed on the back of all cards during online transactions where the card isn’t physically present, cvv2 helps authenticate the cardholder it does this by making sure the cardholder has the card with them at the time they are initiating the transaction this deters fraud importance of cvv2 cvv2 confirms that the person using a card physically has the card the cvv2 appears only on the back of the actual card and in the issuing bank’s files this way, requiring the cvv2 code adds an extra level of protection against unauthorized transactions initiated from stolen card credentials how cvv2 works? when a consumer makes an online or phone transaction, the merchant may require them to provide the cvv2 code the merchant provides this code as part of the transaction data sent to cross river the card issuing bank, in turn, checks that the cvv2 code the consumer enters matches the code on record then, the issuing bank returns a match or mismatch response finally, cross river provides this matching response to the merchant note that card issuers may still approve transactions with mismatched cvv2 codes it is the merchant’s responsibility to consider the matching data when deciding if to proceed with the transaction key benefits of cvv2 stronger security cvv2 protects transactions by requiring the unique code for verification deterring unauthorized use cvv2 discourages unauthorized users from trying to make transactions that are not allowed card not present protection cvv2 should not be stored electronically or magnetically this way, it protects online and phone transactions it does this by requiring a code that only the cardholder should know consumer confidence consumers feel more secure using their cards knowing cvv2 is available and being enforced by merchants and banks