English
API ReferenceSign In

XenShield

Last updated 09/28/2019

XenShield, Xendit's in-house fraud detection system, utilizes a combination of machine learning as well as preset rules to assess the fraud risk of incoming card payments, in real-time. Our system analyzes data pertaining to the relevant business in question, juxtaposing this with data across other businesses, to make a prediction.

Risk Outcomes

Our machine learning models and rules assess the likelihood of a payment being fraudulent. The risk levels that XenShield assigns to a payment are:

  1. High Risk
  2. Medium Risk
  3. Low Risk

High Risk

XenShield assesses a payment as high risk when our system considers it likely to be fraudulent. When a transaction is assessed to be high risk, the action taken by Xendit is to block it by default.

alt text center

A high risk transaction displayed on the Xendit Dashboard

Examples of reasons on why a transaction would be assessed as high risk include:

  • High velocity of transactions using the same card
  • Single IP address making payment using multiple cards, including the blocked payment
  • IP address of payment source comes from a country not normally within that business’s typical customers

If Xendit ever blocks a payment which the merchant believes to be genuine, the merchant is able to prevent future blocks by using the Xendit Dashboard. From the Transaction Details page, the Merchant can click on the “Allow” button to add the card to the Allow List. A merchant can perform this action at anytime.

alt text

Adding a payment to the Allow List does not retry the payment, but it will stop blocks on future payment attempts using that card. Note that this does not guarantee that a payment will be successful (e.g. the card could still be declined), but simply prevents Xendit from blocking the payment for fraud.

Medium Risk

XenShield assesses a payment as medium risk when our system considers that the chance of the payment being fraudulent is increased. When a payment is assessed to be medium risk, Xendit does not block it, but we alert you about it so you can consider whether it is legitimate or not.

alt text

A medium risk payment displayed on the Xendit Dashboard

Similar to when a payment is assessed to have high risk, there is a variety of factors that can contribute towards a payment being medium risk. Our machine learning algorithms for risk scoring takes into account a multitude of indicators, such as:

  • Whether the payment source IP address is masked
  • The transaction amount compared against the typical transaction amounts for that business

If you believe that a payment is likely to be fraudulent, you can block payments processed using that card from the Xendit Dashboard. From the Transaction Details page, click on the “Add” button to add the card to the Block List.

alt text

Adding a card to the Block List does not mean that future transactions from that card will be blocked. Rather, future attempts to charge that same card will be blocked.

A merchant can perform this action at anytime, and not only when they are experiencing high or medium risk payments.

Normal Risk

Normal risk level payments have fewer signs that would indicate fraud than medium or high risk payments. Nevertheless, this does not guarantee that the payment will be completely legitimate and you should still be vigilant in fulfilling the related order.

alt text

A low risk payment displayed on the Xendit Dashboard

Example of why a payment could be considered as normal risk:

  • The card that is being used is having a normal usage of transaction attempts
  • Same IP address does not use multiple cards in the short amount of time interval

If you believe that a payment is likely to be fraudulent, you can block payments processed using that card from the Xendit Dashboard. From the Transaction Details page, navigate to the card art containing the card details, and click on the "..." button. From there, you can add the card to the Block List.

Adding a card to the Block List does not mean that future transactions from that card will be blocked. Rather, future attempts to charge that same card will be blocked.