Show 

Home > Risk management

What is Risk Management?

The Risk Management service consists of a range of automated checks that Worldpay applies to credit cards and Direct Debit payment attempts.

These checks are extra to the standard checks in Worldpay's payment service. They help reduce the risk of chargebacks from credit card companies or banks.

How you use it

You can use the Risk Management page to add details (IP addresses, email addresses, cardholder names) to referral lists.

You may want to add entries to referral lists when, in the course of trading online, you encounter shoppers who abuse their card privileges or you suspect are involved in fraud attempts.

When a shopper makes a purchase from your website, our Risk Management service runs automated checks, and as part of these checks, entries on your referral lists are compared with data in a shopper's payment. If a match is found then payment processing is stopped before the authorisation request is made to the card issuer, and the transaction is given a payment status of REFUSED.

How it works

If it is active on your system, the Risk Management service works as follows:

1.       Worldpay subjects all payment attempts to a number of risk screening checks.

2.       Each check assigns a value, called the risk score, to payment attempts that trigger that particular check. The risk scores are set to default scores when your system is installed.

3.       The sum of the risk scores indicates the likeliness of a fraudulent payment.

4.       If a payment attempt obtains a total risk score over 50, a Caution message is displayed. If the total risk score is over 75, a Warning message is displayed. If the total risk score is equal to, or larger than, the predefined risk score limit of 100, it is automatically refused before being sent to the acquirer for authorisation. Note also that scores can be negative ('whitelists') or positive.

Types of risk check

There are five types of check:

After authorisation

For merchants who offer credit card payment methods with Card Validation (CVC/CVV) or Address Verification (AVS), additional checks can be applied on the CVC/CVV and AVS response from the acquirer after the payment has been authorised.

If one of these post-authorisation checks is triggered, its risk score is added to the existing total risk score of the payment. Authorised payments with a total risk score equal to, or larger than, a predefined risk score limit of 100 are automatically cancelled (rather than refused).

For more information about Risk Management, refer to the Risk Management Service Guide.