Introducing Fraud Management Filters

PayPal Fraud Management Filters enable you to identify potentially fraudulent transactions. You must configure Fraud Management Filters to meet your needs; they are not active until you configure them.

Fraud Management Filters Overview

PayPal provides many Fraud Management Filters, which make it easier for you to detect and respond to fraudulent transactions. You must configure the filters before they take effect.

Fraud Management Filters (FMF) provide you filters that identify potentially fraudulent transactions. There are 2 categories of filters:

  • Basic filters screen against data such as the country of origin and the value of transactions. PayPal provides basic filters for Business accounts and PayPal Payments Pro (previously known as Website Payments Pro) accounts.
  • Advanced filters screen data such as credit card and addresses information, lists of high-risk indicators, and additional transaction characteristics. PayPal Payments Pro merchants can upgrade to use these filters.
    Note: Using advanced filters might incur additional charges.

Fraud Management Filters checks for payment characteristics that may indicate fraudulent activity. You set up Fraud Management Filters to provide the tightest control possible over payments so that you can deny payments that are likely to result in fraudulent transactions and accept payments that are not typically a problem. Payments that may require further investigation or intervention, such as comparing prior orders or contacting the customer for more information, can be flagged or put on hold or pended for review.

The following diagram, conceptually shows how Fraud Management Filters work in three steps:



  1. Configure your Fraud Management Filters to flag, hold for review, or deny riskier payments.
  2. Based on your settings, your filters review incoming payments.
  3. Your filters automatically, flag, deny, or hold payments for review; typically, most payments are accepted because they do not show characteristics indicating fraud

A flexible fraud management configuration enables you to select the filters to use and to test your strategy before denying payments or pending transactions for review. Advantages of using Fraud Management Filters include

  • time savings from having the computer do more to review transactions, and review them consistently, which allows you to focus on transactions that are truly risky
  • cost savings from identifying potentially risky transactions, which reduces chargebacks and lowers your cost of doing business
  • more accepted payments because you apply rules evenly with greater accuracy

Fraud Management Filters Examples

These examples show ways to configure Fraud Management Filters to flag or review transactions and accept or deny payments. You must configure your filters before they take effect.
Consider an example using four of the many kinds of filters provided by PayPal:

  • Maximum Transaction Amount filter, which identifies transactions whose value exceeds a specified amount
  • Country Monitor filter, which identifies transactions based on the country of origin
  • Card Security Code Mismatch filter, which identifies transactions with differences in the credit card security code
  • Total Purchase Price Minimum filter, which identifies transactions that are less than a specified amount

The Maximum Transaction Amount filter and the Country Monitor filters are examples of basic filters, which are available to business account holders and PayPal Payments Pro merchants. The Total Purchase Price Minimum filter and Card Security Code Mismatch filter are examples of advanced filters, which are available to PayPal Payments Pro merchants at additional cost.

Reviewing High-Value Transactions

In this example, consider a scenario in which your average transaction amount is $100 and you seldom expect orders over $1,000. Although you have received large orders before, you want to verify for yourself that the order is legitimate and not an attempt to defraud you of merchandise. In this case, you could set the Maximum Transaction Amount filter to Review for transactions over $1,000.
The following diagram shows the effect of pending a transaction:



A transaction is pended when the maximum transaction amount specified by the filter is exceeded, which in this example is $1,000, meaning that these transactions await a decision whether to accept or deny the payment. Other filters execute because the payment has neither been accepted or denied. When there are no more filters to execute and another filter has not caused the payment to be denied or approved, a pended transaction is ready to be reviewed. The following diagram shows this logic:



You can review a transaction and accept or deny a payment

  • from the PayPal website. You examine the transaction details.
  • from your website or application, by using the ManagePendingTransactionStatus API operation; for more information, see the Name-Value Pair API Developer Guide and Reference or SOAP API Developer Reference.
  • from your shopping cart vendor, if they provide this feature for you.

Denying Transactions From High-Risk Countries

In this example, consider a scenario in which your experience indicates that transactions originating from some countries have always been attempts to defraud. You can set the Country Monitor filter to deny payments from these countries, as shown in the following diagram:



Filtering stops if the payment is denied. If the transaction originates from a country not on the list, filtering continues.

Flagging Transactions With Invalid Card Security Codes

In this example, consider a scenario in which your experience indicates that customers routinely mistype their credit card security code; however, in some cases, it is not an honest mistake and can indicate fraud. Before you decide to review or deny this kind of payment, you may decide to flag them first. After reviewing the flagged transactions, you can decide if further action is necessary.
In this case, you could set the Card Security Code Mismatch filter to Flag, which would flag the transaction:



Regardless of whether the transaction has been flagged, the next enabled filter is applied. Flagging a transaction does not approve or deny a payment or pend the transaction for review.

Accepting Transactions Using the Total Price Minimum Filter

For the purpose of thinking about the operation of filters, the Total Price Minimum filter determines the universe of payments on which the other filters operate. If the Total Price Minimum filter is not enabled, the Fraud Management Filters universe includes all payments; otherwise, the Fraud Management Filters universe includes all payments above the amount specified by this filter.

Note: This filter is also the only filter that uses Accept to indicate that the filter does not deny payments less than the specified amount.

Consider the following example in which the Total Price Minimum filter is set to Accept for $10, In this case a $10 payment will be accepted and other filters will not be executed. If the payment was for $11, other filters execute.



Using Multiple Filters

If you enable more than one filter, the filters are applied in the order determined by the kind of payment method until one of them causes the payment to be accepted or denied. If all filters have been applied and the transaction has not been pended for review, it is automatically accepted. For information about the order in which filters are applied, see Fraud Management Filters Operating Principles.
Consider the four filters in the following diagram, which are shown in the order used for Direct Credit Card and Virtual Terminal payments.



  1. If the total amount of the transaction is less than the amount specified by the Total Purchase Price Minimum filter, the payment is accepted and processing stops; otherwise, the next filter is applied.
  2. If the total amount of the transaction is greater than the amount specified by the Maximum Transaction Amount filter, the transaction is pended awaiting review; regardless of whether the transaction is pended, the next filter is applied.
  3. If the transaction's country of origin matches a country specified by the Country Monitor filter, the payment is denied and processing stops; otherwise, the next filter is applied.
  4. If the customer's credit card security code does not match a valid code, the Card Security Code Mismatch filter flags the transaction and processing continues; the next filter is applied.
  5. When there are no more filters to apply and the transaction has not been pended, the payment is accepted; otherwise, you must decide whether to accept or deny the payment.

Modifying the Examples to Meet Your Needs

These examples use specific filters, which are set to take specific actions. Your needs dictate how you use these and other filters to reduce risk to a manageable level without significantly increasing the effort required to process an order.
You need not use the same filters shown in the examples and you can take different actions if you do use them. The following items are just some of the alternatives for you to consider:

  • You may decide not to use the Total Purchase Price Minimum filter or use it with a lower transaction value.
  • You may decide to pend transactions from high-risk countries rather than deny their payments.
  • You may decide to flag high-value transactions rather than pend them for review.

Setting up Fraud Management Filters requires both experimentation and iteration.

Merchants With Third-Party Shopping Carts

Merchants that use a shopping cart provider, should consult with their vendor about their level of support for Fraud Management Filters.
You can use Fraud Management Filters with a third-party shopping cart. You should check with your vendor about their level of support for Fraud Management Filters because the business procedures you use to review transactions may be different depending on your shopping cart's level of support.

For example, your cart vendor may support all features of Fraud Management Filters, in which case, you would review and accept or deny payments from their service. If your cart vendor does not provide any additional support for Fraud Management Filters, you will need to log onto PayPal to review and accept or deny payments or provide your own solution using the PayPal API to develop a custom application.