What is a Payment Fraud Blacklist?

Payment fraud blacklists are systems that examine account data from payment processing systems to stop fraudulent purchases. Blacklists can consist of different attributes of the fraudulent purchase, like the card number, email, or shipping address. Depending on the merchant, the blacklists can also be tailored based on chargeback reports or fraud reports from the various credit card systems (i.e., Visa TC40, Mastercard SAFE).

For every payment, fraud blacklists are able to prevent fraud by checking payment data against fraud data. If a purchase matches fraud data, the system will act according to these protocols.

• Hard Decline: The payment request is marked with a code that indicates that the process has finished without further authorization steps.
• Flag for Review: The payment is marked by the system, and a manual review is conducted.
• Step-up Authentication: An extra verification, such as 3D Secure, may be initiated for the customer.

The effectiveness of a fraud blacklist is connected to the types of information collected.

Here are the differences between the three types:

• A blacklist refers to a list that restricts certain transactions or users based on predefined requirements. 
• A whitelist is maintained to identify transactions or users that meet established acceptance criteria and move forward through the process with standard checks. 
• A greylist serves an intermediary role by directing selected transactions to further assessment or authentication for a final decision. 

Using blacklists, whitelists, and greylists, organizations apply tailored processes to review and manage transaction activity in accordance with specific protocols.

Les listes noires de fraude sont examinées et mises à jour selon des calendriers établis en fonction des procédures de chaque organisation, généralement sur une base quotidienne. Les mises à jour impliquent des actions telles que la suppression d'entrées qui ne sont plus applicables, y compris les adresses IP qui ont été réaffectées. Des programmes automatisés ajoutent des données provenant de sources telles que les fichiers de transactions, les journaux de rejets de débit (chargebacks), les flux TC40 et SAFE, et d'autres enregistrements externes. Ces programmes ont pour fonction de faire correspondre les informations de la liste noire aux données actuellement présentes dans ces sources.

Managing a blacklist includes complying with privacy and information security standards along with technical procedures:

• Conformité réglementaire:
  • RGPD/CCPA: Individuals have defined options related to how their personal data is used, with the possibility to request changes or removal of outcomes generated through automatisation.
  • Sécurité des données: Blacklisted data is processed using standard methods such as Cryptage ou la tokenisation in order to meet privacy requirements.
• False Positive Gestion:
  • Blacklist parameters are routinely checked as part of ongoing system evaluation activities.
  • Applying broad network or geographic blacklists (like blocking an entire country or a shared public Wi-Fi IP) can affect the distribution and volume of existing transactions.

A blacklist uses specific rules to match transactions against a predetermined set of data linked to unwanted activity. A fraud scoring system, on the other hand, assigns a risk value after reviewing multiple factors, such as user behavior information, device details, transaction frequency, and relevant historical events. 

Blacklists provide straightforward filtering and operate on a defined set of entries, while fraud scoring systems process various data points to produce a quantitative risk evaluation. 

Frequently, la gestion des fraudes processes include both methods to review transactions from different perspectives.