Presentation

E-merchants processing a large volume of transactions must protect themselves by monitoring fraudulent activity and avoiding potential financial losses.

Monext Online offers two features Card Blacklisting and Control Flow to control financial flows.

Card blacklisting 

The processing checks the registered cards references of buyers declared as fraudsters.
Thus the procedure detects these unreliable buyers on several filters (PAN CARD, TOKEN PAN, ENCRYPTED PAN) and blocks the transaction.

This processing is done upstream and before payment is processed, legitimate users and the user experience will not be affected.

Flow control

The processing is used to control the flow and limit the number called web services per merchant.
Thus, in the event of attacks or hacking of a merchant information system, the Monext Online payment platform guarantees stability and maintains the availability of services to all other merchants.

Then abusive payment requests during a mass attack or fraudulent will not be realized.

Denial of service or DoS (Denial of Service) is a network attack that prevents the legitimate use of a server's resources by overloading it with requests.

Profits

• Merchant protection. These treatments protect you against attacks from buyers exhibiting abnormal behavior.
  
  
• Automated solution. Transactions are verified at checkout and automatically blocked when suspicious, saving you time.

Available functions

These features are available for the WebPayment API and the DirectPayment API.

How to use these procedures ?

Processing activation is carried out by our Monext Online technical department.
You must process these HTTP return codes in your checkout journey payment to ensure user experience.

Card blacklisting

All   payment   requests will be processed upstream of the payment module and an HTTP = 423 code in first step and a return code 92423 with the status REFUSED: "Card blocked - request will not be processed" will be returned in response.
The payment journey steps cannot be completed. The Retry function should be not performed.

In Web and Direct mode available.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">   
   <soapenv:Header/>   
   <soapenv:Body>      
      <impl:doAuthorizationResponse xmlns:impl="http://impl.ws.payline.experian.com" xmlns:obj="http://obj.ws.payline.experian.com">         
      <impl:result>          
          <obj:code>92423</obj:code>            
          <obj:shortMessage>REFUSED</obj:shortMessage>            
          <obj:longMessage>Card blocked - request will not be processed</obj:longMessage>         
      </impl:result>      
      </impl:doAuthorizationResponse>   
    </soapenv:Body>
 </soapenv:Envelope>

Flow control

All web services calls are processed handled upstream of the payment module and an HTTP = 429 code and a return code of 91429 with status ERROR: "Too many requests: please try again later" will be returned in response.

In Web mode, the widget will perform the Retry function automatically.
In Direct mode, you must use the Retry function.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header/>
   <soapenv:Body>
      <impl:doAuthorizationResponse xmlns:impl="http://impl.ws.payline.experian.com" xmlns:obj="http://obj.ws.payline.experian.com">
         <impl:result>
            <obj:code>91429</obj:code>
            <obj:shortMessage>ERROR</obj:shortMessage>
            <obj:longMessage>Too many requests - please try again later</obj:longMessage>
         </impl:result>
      </impl:doAuthorizationResponse>
   </soapenv:Body>
</soapenv:Envelope>

How to realize tests ?

To carry out a test, please contact support: a procedure will be put in place to simulate a card or an HTTP return code.

Return codes

You can view the list of HTTP codes processed by Monext Online here .

Pages linked