E-commerce Payment Gateway Documentation – Beta Version 1.0 is now available.
Read Me
FAQMerchant APIHow-ToYour Access

Fraud prevention

EGW includes an advanced Fraud Prevention module that safeguards merchants, customers (PSUs), and acquiring banks from fraudulent activity. Designed as a fully configurable component, it combines real-time risk assessment, rule-based decisioning, and dynamic list management (Block and Allow lists) to secure transactions across both A2A and Card payment flows.

Key Functional Capabilities

  • Rule Engine - A powerful core component that evaluates each transaction based on pre-configured risk rules and behavioral thresholds, determining whether to decline or flag a transaction as suspicious.

  • Block & Allow List Management:

    • Block Lists proactively prevent high-risk transactions using identifiers like IP addresses, BIN ranges, emails, etc.

    • Allow Lists permit trusted cards or sources to bypass specific fraud checks, with configurable transaction limits and monitoring.

  • Transaction Flow Integration:

    • For A2A Payments, fraud checks occur after bank selection, using attributes like geolocation, IP, device data, and more.

    • For Card Payments, fraud checks are triggered post-card input, analyzing cardholder data, token details, and transaction context.

  • Risk Events & Actions - Supports event-driven fraud rules (e.g., multiple failed attempts, abnormal volumes, geo mismatches) that trigger actions like decline or suspicious flagging.

  • Historical Pattern Analysis - Rules can be based on merchant-specific historical behavior (e.g., average volumes, frequency of events) .

  • Configurable Rule Lifecycle:

    • Rule creation via Drools (DRL) or / and UI

    • Built-in testing tools with historical data simulation

    • Controlled activation using 4-eyes principle

  • User Interfaces:

    • Merchant Portal - Transaction viewer, block/allow list management, downloadable reports, and fraud flag review.

    • Bank Admin Portal - Full rule management, event tracking, analytics, and fraud response tools at both global and merchant levels.

Example Use Cases

Auto-decline if 4 card attempts with different amounts are made within 1 minute.

Flag as suspicious if daily sales exceed 150% of merchant’s historical average.

Block transactions where user IP geo doesn’t match shipping address country.

Detect BIN attacks based on Mastercard thresholds (e.g., 100+ auths/BIN/hour).

Integration with Core Payments

The Fraud Prevention logic is embedded within the transaction flow, ensuring timely risk checks based on the availability of key attributes, while maintaining a seamless customer experience.

Fraud Insights & Reporting

Each transaction carries fraud evaluation results in its response, including reason codes and rule IDs. This enables full traceability via the Merchant and Admin portals, where suspicious transactions can be reviewed, filtered, downloaded, or used to update fraud rules or lists in real-time.

PreviousPayout managementNextPayment reliability

Last updated

Was this helpful?