Working with Miscellaneous Frauds (WMFF)

Working with Miscellaneous Frauds (WMFF)

Purpose: You can establish miscellaneous frauds based on postal code, check, credit card, email address, or IP address.

The system checks the Miscellaneous Fraud file only if the Fraud Checking (A68) system control value is set to Y.

Defining miscellaneous frauds: The Type field indicates the type of information that is evaluated for fraud. Once you define the Type, enter the information that is fraudulent in the Code field.

Fraud Type	Results
C (credit card)	The system compares the credit card number on a credit card pay type against the credit card numbers in the Miscellaneous Fraud file. If the credit card number on a credit card pay type matches a credit card number in the Miscellaneous Fraud file, the system places the order pay type on CF (credit card fraud) hold. Note: If you Use Credit Card Encryption (I97) or Credit Card Tokenization, you cannot define miscellaneous fraud based on credit card.
E (email address)	The system compares the email addresses related to the order against the email addresses in the Miscellaneous Fraud file. If the email address that matches the Miscellaneous Fraud record is from the: • bill-to customer: EB hold. The order goes on hold regardless of whether the bill-to is on the order, or just assigned to the sold-to customer. • order-level (F14) or permanent (F7) shipping address: ES hold. • sold-to customer: EC hold. The order goes on hold only if the customer’s primary email address defaults to the order and matches the Miscellaneous Fraud record. • order-level email address: EC hold • individual customer: EI hold, provided the Default Individual Email Address (J17) system control value is set to N (otherwise, the order goes on EC hold). The order goes on hold only if the individual is the placer on the order; the email addresses of other individuals associated with the sold-to customer, including the order originator, are not evaluated. • recipient (F2) customer: SH hold. The order goes on hold for a recipient customer only if the matching email is the recipient’s primary email address and defaults to the order; additional email addresses are not evaluated.
	Exact match or wild card? Miscellaneous Fraud records for email addresses can match based on: • wildcard: If the Miscellaneous Fraud record starts with an asterisk (), any email address that includes the exact string of characters following the asterisk is considered a match. For example, if the Miscellaneous Fraud record is: • name.com: Matches include jackjones@name.com and JJones@TheName.com. However, jackjones@name.org or jackjones@names.org are not matches, because they do not contain the exact string of characters. • @domain: Matches include barryjones@domain.edu and bartjones@domain.gov. However, barbdomain@email.org is not a match. • abble: Matches include mdrabble@funmail.com and jjones@scrabbles.org. • exact match: If the Miscellaneous Fraud record does not start with an asterisk (), only an email address that matches the entire Miscellaneous Fraud record exactly is considered a match. Note:* If the asterisk is not the first character in the Miscellaneous Fraud record, then it is considered an ordinary character for matching. For example, if the Miscellaneous Fraud record is jackj@funmail, then jackj*@funmail.com is a match, but jackjones@funmail.com is not a match.
I (IP address)	When creating an order through the generic order API, the system updates the IP address in the Order Header Extended file if an ip_addr is provided in the Inbound Order XML Message (CWORDERIN) or, when creating an order through the e-commerce interface if the ip_addr is provided in the CWCreateOrder message. The system then compares the IP address for the order with the IP addresses in the Miscellaneous Fraud file. IP address matching is based on a full or partial IP address specified in the Miscellaneous Fraud file, which permits asterisks to be used as “wild cards.” Example: If the Miscellaneous Fraud record is 1.2.., then any IP addresses that begin with 1.2 will cause orders to go on hold (1.2.3.4, 1.2.99.7, etc.).
	About IP address: The IP (internet protocol) address identifies where an order originates. The IP address is expressed as a series of four numbers separated by three periods (for example, 12.34.167.8). Each number in the series must be from 1 to 255. Depending on the type of network where the customer is logged in, the first one, two, or three numbers between the periods typically represent the hosting network itself. The remainder of the IP address can be permanently assigned to the user’s location (static IP address), or can be temporarily assigned each time the user logs in (dynamic IP address). In the case of a dynamically assigned IP address, creating a Miscellaneous Fraud record for the entire address would not be helpful, because the last portion of the address will be different every time. In this case, you can create a Miscellaneous Fraud record for the beginning portion(s) of the IP address, because this portion of the IP address identifies the hosting network. If the ip_addr matches the Miscellaneous Fraud record, the system puts the order on IP (IP address) hold and writes a message such as SYS HLD---IP ADDRESS HOLD (where IP ADDRESS HOLD is the description of the hold reason code) to the Order Transaction History file.
K (check)	The system compares the micra number (routing number) on a check pay type against the micra numbers in the Miscellaneous Fraud file. If the micra number on the check pay type matches a micra number in the Miscellaneous Fraud file, the system places the order pay type on KF (check fraud) hold.
Z (zip code)	The system compares the postal code defined for a customer address against the postal codes in the Miscellaneous Fraud file. If the postal code for a customer matches a postal code in the Miscellaneous Fraud file, the system: • places the order bill to customer on ZB (bill to zip fraud) hold (the postal code for the bill to is fraudulent). • places the order sold to customer on ZS (sold to zip fraud) hold (the postal code for the sold to is fraudulent). • places the order ship to customer on ZH (ship to zip fraud) hold (the postal code for the ship to is fraudulent).

See Introducing Order Hold Reason Codes for more information on defining fraudulent hold reason codes.

In this topic:

• Work With Miscellaneous Frauds Screen

• Create Miscellaneous Fraud Screen

• Display Miscellaneous Fraud Screen

Work With Miscellaneous Frauds Screen

How to display this screen: Enter WMFF in the Fast Path field at the top of any menu or select this option from a menu.

Note: Depending on the user’s authority to credit card information, the system writes a record to the Credit Card Audit file when this screen is displayed. See Logging Credit Card Data Access for more information.

OER0310 DISPLAY Work with Miscellaneous Frauds 12/30/13 10:16:04

EZK Mail Order

Opt Type Code

Type options, press Enter.

2=Change 4=Delete 5=Display

C 4788********1443****

E i_am_a_fraud@hotmail.com

I 1.7.1.1

I 1.*.*.*

I 1.2.*.*

I 1.2.3.*

I 1.2.3.4

I 152.*.*.*

K 605

Z 66215

F3=Exit F6=Create F12=Cancel F21=Print list

Field	Description
Type	Indicates the type of information that is evaluated for fraud. Valid values are: K (check) = the system compares the micra number (routing number) on a check pay type against the micra numbers in the Miscellaneous Fraud file. C (credit card) = the system compares the credit card number on a credit card pay type against the credit card numbers in the Miscellaneous Fraud file. Note: If you Use Credit Card Encryption (I97) or Credit Card Tokenization, you cannot define miscellaneous fraud based on credit card. E (Email) = the system compares the email address against the email addresses in the Miscellaneous Fraud file. I (IP address) = the system compares the ip_addr in the Inbound Order XML Message (CWORDERIN) when creating an order through the generic order API, or in the CWCreateOrder message when creating an order through the e-commerce interface. Z (zip) = the system compares the postal code defined for a customer address against the postal codes in the Miscellaneous Fraud file. Alphanumeric, 1 position; optional.
Code	The information that is considered fraudulent, based on the code defined in the Type field. Check code The micra number located on the check. The micra number is also referred to as a routing number. Alphanumeric, 15 positions, optional. Credit card code The credit card number defined for a credit card pay type. If you do not have authority to the Display Full Credit Card Number (B14) secured feature, the credit card number displays in the default format specified at the Credit Card Number Layout Screen. For example, ***********1443 may display instead of the entire credit card number. See Credit Card Number Format for an overview. Alphanumeric, 15 positions, optional.*
	Email address The email address defined for an order or customer (individual, sold to, bill to, or ship to). The email address can be an exact match or can use wildcard searching if the entry starts with an asterisk (). See E (email address) above for a discussion and examples. Alphanumeric, 50 positions; optional.* IP address The full or partial IP address received for an e-commerce or generic order API order. The IP address specified here can include asterisks () for “wild card” matching. For example, if the Miscellaneous Fraud record is 1.2.., then any IP addresses that begin with 1.2 will cause orders to go on hold (1.2.3.4, 1.2.99.7, etc.). Zip code* The postal code defined for the customer’s address. You can enter an extended, non-hyphenated code, or the initial 5 digits of the postal code. Alphanumeric, 9 positions, optional.

Screen Option	Procedure
Create a miscellaneous fraud customer	Press F6 to advance to the Create Miscellaneous Fraud Screen.
Change miscellaneous fraud information	Enter 2 next to a fraudulent customer to advance to the Create Miscellaneous Fraud Screen, with the existing fraud information displayed. You can change the Fraud information but not the Fraud type. Note: Depending on the user’s authority to credit card information, the system writes a record to the Credit Card Audit file when this screen is displayed for a C (credit card) fraud record. See Logging Credit Card Data Access for more information.
Delete a miscellaneous fraud record	Enter 4 next to a fraudulent customer to delete it.
Display a miscellaneous fraud	Enter 5 next to a fraudulent customer to advance to the Display Miscellaneous Fraud Screen.

Create Miscellaneous Fraud Screen

To create: Use this screen to add a fraudulent postal code, check, email address, or credit card to the Miscellaneous Fraud file.

How to display this screen: At the Work With Miscellaneous Frauds Screen, press F6.

OER0312 ENTER Create Miscellaneous Fraud 2/13/04 10:25:37

EZK Mail Order

Fraud Type . . . . (K=Check, C=Credit Card, E=Email, Z=Zip, I=IP Address)

Fraud Information .

(Micra #/Credit Card #/Email Address/Zip Code/IP Address)

F3=Exit F12=Cancel

Field	Description
Fraud type	Indicates the type of information that is evaluated for fraud. Valid values are: K (check) = the system compares the micra number (routing number) on a check pay type against the micra numbers in the Miscellaneous Fraud file. C (credit card) = the system compares the credit card number on a credit card pay type against the credit card numbers in the Miscellaneous Fraud file. Note: If you Use Credit Card Encryption (I97) or Credit Card Tokenization, you cannot define miscellaneous fraud based on credit card. E (Email) = the system compares the email address against the email addresses in the Miscellaneous Fraud file. I (IP address) = the system compares the ip_addr in the Inbound Order XML Message (CWORDERIN) when creating an order through the generic order API, or in the CWCreateOrder message when creating an order through the e-commerce interface. Z (zip) = the system compares the postal code defined for a customer address against the postal codes in the Miscellaneous Fraud file. Alphanumeric, 1 position; required.
Fraud information	The information that is considered fraudulent, based on the code defined in the Type field. Check code The micra number located on the check. The micra number is also referred to as a routing number. Alphanumeric, 15 positions, required. Credit card code The credit card number defined for a credit card pay type. If you do not have authority to the Display Full Credit Card Number (B14) secured feature, the credit card number displays in the default format specified at the Credit Card Number Layout Screen. For example, ***********1443 may display instead of the entire credit card number. See Credit Card Number Format for an overview. Alphanumeric, 15 positions, required.* Email address The email address defined for an order or customer (individual, sold to, bill to, or ship to). The email address can be an exact match or can use wildcard searching if the entry starts with an asterisk (). See E (email address) above for a discussion and examples. Note:* If your entry starts with an asterisk, the system does not confirm that the entry is a valid email address. For example, an entry can end with the @ sign. Alphanumeric, 50 positions; required.
	IP address The full or partial IP address received for an e-commerce or generic order API order. The IP address specified here can substitute asterisks () as “wild cards” for one or more of the four numbers that make up the IP address. For example, if the Miscellaneous Fraud record is 1.2.., then any IP addresses that begin with 1.2 will cause orders to go on hold (1.2.3.4, 1.2.99.7, etc.). The system validates that your entry includes four numbers between 1 and 255, separated by three periods. Matching begins at the first number of the series and works back, which means that one or more numbers in the series can consist of a “wild card” asterisk; however, once the IP address includes an asterisk, the remainder of the IP address cannot include any more numbers. The system displays an error message if your entry: • includes any non-numeric characters • begins with a wild card (for example, .22.33.44) • includes a wild card but does not end with one (for example, 12..33.4 or 11.2..4) • includes both a wild card and a number between periods (for example, 123.45.67. or 1.2.3.4) • includes a number greater than 255 • includes any blank spaces Alphanumeric, 15 positions; required.* Zip code The postal code defined for the customer’s address. You can enter an extended, non-hyphenated code, or the initial 5 digits of the postal code. Alphanumeric, 50 positions; required.

Display Miscellaneous Fraud Screen

To display: Enter 5 next to a fraudulent customer at the Work With Miscellaneous Frauds Screen to advance to the Display Miscellaneous Fraud screen. You cannot change any information on this screen. See Create Miscellaneous Fraud Screen for field descriptions.

Note: Depending on the user’s authority to credit card information, the system writes a record to the Credit Card Audit file when this screen is displayed for a C (credit card). See Logging Credit Card Data Access for more information.

Working with Customer Fraud Files (WCFD)

Contents

SCVs

Search

Glossary

Reports

Solutions

XML

Index

Selecting Held Orders (ERHO)

CS08_03 CWDirect 18.0.x 2018 OTN