Understanding Policies - Risk

Owned by Miles Graves
Last updated: Feb 03, 2024
49 min read

Policies, sometimes referred to as “Risk Policies”, is a comprehensive risk management system designed to automate and streamline decision-making processes for Merchants and transactions on the platform. Facilitators can create and configure Policies that serve as a set of rules and conditions governing how various risk services and checks are applied.

Policies provide a powerful and customizable platform for automating risk management decisions, leveraging a variety of native and third-party risk review services and checks, and offering a flexible framework to adapt to the dynamic nature of Merchant and Transaction risk assessment.

A Policy is made up of 7 components: Stage, Target Decisions, Sub-Decisions, Rules, Dependencies, and Failover Dependencies.

Policy Component

Description

Stage

The Merchant boarding or Transaction processing stage where the Policy will be applied.

Target

The Partition (Facilitator portfolio), Division (a Referrer’s portfolio), or Entity (Referrer or Merchant).

Status

Whether or not the Policy will be actively applied (Active or Inactive).

Decisions

A configuration of risk rules allowing Facilitators or Referrers to set specific risk criteria to determine the automated action that should occur to a transaction or entity.

Sub-Decisions

Specific Decision criteria used to initiate the Decision Action.

Rules

Conditional Sub-Decision criteria to further refine the Decision Action requirement.

Dependencies

The result of another Decision acts as a prerequisite to trigger the current policy.

Failover Dependencies

The action that should be taken if a Decision dependency fails or an error occurs to avoid the Decision action.

Stage

The Stage determines at what Merchant Boarding or Transaction processing status that the Policy should take effect:

Stage

Description

Status Type

Stage

Description

Status Type

Create Entity

When an entity is created.

Merchant Boarding

Pre-board

When the entity is created, but not yet boarded.

Merchant Boarding

Underwriting

When an entity is being risk-reviewed for boarding.

Merchant Boarding

Post-board

After the entity has passed risk review and completed boarding.

Merchant Boarding

Transaction

For any transaction processing event.

Transaction Processing

Activation

When a payment terminal is activated in a payment transaction.

Transaction Processing

Auth

When a credit card is authorized for a transaction.

Transaction Processing

Post-Auth

After a credit card has already been authorized for a transaction.

Transaction Processing

Capture

When a credit card payment is captured.

Transaction Processing

Refund

When a transaction refund is issued.

Transaction Processing

E-Check

When an eCheck transaction is processed.

Transaction Processing

Change Review

When a bank account change request occurs from an entity.

Merchant Boarding

Decisions

Decisions serve as the central control points within a Policy, coordinating the application of Sub-Decisions, Rules and Dependencies with the initially specified risk service.

You can find all available Decisions here:

Decision

Description

Available Sub Decisions

Decision

Description

Available Sub Decisions

Realtime Member Search

Designed to identify Individuals who have been designated risks by the US and Foreign governments.

  • Entity Score

  • Address Conflict

  • Citizenship Conflict

  • Country Conflict

  • DOB Conflict

  • Entity Type Conflict

  • Gender Conflict

  • ID Conflict

  • Phone Conflict

Realtime Business Search

Designed to identify Businesses who have been designated risks by the US and Foreign governments.

  • Entity Score

  • Address Conflict

  • Citizenship Conflict

  • Country Conflict

  • DOB Conflict

  • Entity Type Conflict

  • Gender Conflict

  • ID Conflict

  • Phone Conflict

MasterCard MATCH

A database that houses information about businesses (and their owners) whose credit card processing privileges have been terminated for a set of very specific reasons. Submissions can be flagged based on a partial, full, or no match indicator.

  • Possible Matches

  • Name

  • Doing Business As Name

  • Address

  • Phone Number

  • Alt Phone Number

  • Country Subdivision Tax ID

  • National Tax ID

  • Service Provider Legal

  • Service Provider DBA

  • Representative Name

  • Representative Address

  • Representative Phone Number

  • Representative Alt Phone Number

  • Representative National ID

  • Representative Drivers License

  • ID Theft Rep National ID

  • ID Theft Rep National Tax ID

  • Termination Reason Code

Business Instant ID

Validates and verifies Business information, and TIN across multiple databases using a powerful, proprietary search and comparison process.

  • Business Score

  • Verification Code

  • Company Name Verification

  • Street Address Verification

  • City Verification

  • State Verification

  • ZIP Verification

  • Phone Verification

  • EIN Verification

  • Risk Indicator Code

  • OFAC Watch List Match

  • Global Watch List Match

  • Business Risk Address Match

  • Business to Rep Link Index

  • REP CVI Score

  • REP Risk Indicator Score

  • REP DOB Code

  • REP NAS Code

  • REP Watch List Match

  • REP PO Box Address

  • REP Decedent Match

Consumer Instant ID

Validates and verifies a consumer's identity information, and DOB across multiple databases using a powerful, proprietary search and comparison process.

  • CVI Code

  • Risk Indicator Code

  • NAS Code

  • NAP Code

  • Decedent Match

  • SSN Match

  • DOB Code

  • PO Box Address

  • Watch List Match

  • Red Flag Code

Consumer Instant ID Basic

 

  • CVI Code

  • Risk Indicator Code

  • NAS Code

  • NAP Code

  • Decedent Match

  • SSN Match

  • DOB Code

  • PO Box Address

  • Watch List Match

ThreatMetrix

A comprehensive digital identity to authenticate each connecting user by combining information relating to devices, anonymized identity information, behavior patterns, and threat intelligence.

  • Review Status

  • Policy Score

  • Reason Codes

  • Risk Rating

Transaction ThreatMetrix

 

  • Review Status

  • Policy Score

  • Reason Codes

  • Risk Rating

ThreatMetrix Emailage

 

  • Fraud Risk Score

  • Risk Reason

  • Risk Band

  • Digital Identity Score

  • Total Hits

  • Unique Hits Level

  • Fraud Type

  • Email Exists

  • Email Creation Days

  • First Seen Days

  • Name Match

  • Domain Risk Level

  • Domain Exists

  • Domain Relevant Info

  • Domain Creation Days

  • Domain Country Name

  • Domain Corporate

  • IP Risk Level

  • IP Risk Reason

  • Email To IP Confidence

  • Email to Phone Confidence

  • Email to Name Confidence

  • IP to Phone Confidence

  • IP to Name Confidence

  • Email Owner Friend Count

  • Phone Status

  • Phone Owner Match

  • Phone Carrier Type

  • Reason Codes

ThreatMetrix Fraudpoint

 

  • Score

  • Manipulated Identity Index

  • Friendly Fraud Index

  • Stolen Identity Index

  • Suspicious Activity Index

  • Synthetic Identity Index

  • Vulnerable Victim Index

  • Risk Indicator Codes

  • Transaction Status

  • Transaction Reason Code

  • Product Status

  • Reason Codes

ThreatMetrix PhoneFinder

 

  • Consumer Time Last Seen With Phones

  • Consumer Time with Phones

  • Deceased Indicators

  • Phone Verification Message

  • Primary Identity Full Name

  • Primary Phone Carrier

  • Primary Phone Type

  • Primary Phone Risk Count High

  • Primary Phone Risk Count Medium

  • Primary Phone Risk Count Low

  • Primary Phone Risk Indicator Messages

  • Primary Phone Risk Indicator Status

  • Primary Phone Status

  • Primary Phone Verification Indicator

  • Reason Codes

LegitScript Register

Boards the merchant for online compliance review against the operating regulations of Visa, Mastercard, and other major payment networks.

  • Correlation ID

Equifax Consumer Credit Report

 

  • FICO Score

  • Reason Code

Charity Check

Ensure charities are compliant with key databases including IRS Publication 78, IRS Business Master File, Internal Revenue Bulletin, Automatic Revocation of Exemption, and OFAC Specially Designated National list.

  • Subsection Code

  • PUB78 Verified

GIACT Inquiry

GIACT Inquiry

  • Account Response Code

  • Customer Response Code

  • Verification Response

GIACT Txn Inquiry

GIACT Inquiry for Transaction

  • Account Response Code

  • Customer Response Code

  • Verification Response

GIACT gAuthenticate

 

  • Verification Result

  • Account Verification Result

  • Account Authentication Result

  • Account Owner Signer

GIACT Transaction gAuthenticate

 

  • Verification Result

  • Account Verification Result

  • Account Authentication Result

  • Account Owner Signer

Payload Attribute

 

  • Entity Type

  • Entity Public

  • Entity Client IP

  • Entity TC Date

  • Entity TC Accept Date

  • Entity TC Version

  • Entity TIN Status

  • Entity Industry

  • Merchant Environment

  • Merchant Annual Credit Card Sales

  • Monthly Volume

  • Merchant Average Ticket

  • Merchant Established Date

  • Merchant MCC

  • Plaid Verification

  • Custom

  • Members Significant Responsibility

  • Members Politically Exposed

  • Members SSN

  • TIN

  • Global Business ID

  • Email Domain

  • Routing Number

  • Change Request

  • Division ID

Payload Transaction Attribute

 

  • Entity Type

  • Entity Public

  • Entity Client IP

  • Entity TC Date

  • Entity TC Accept Date

  • Entity TC Version

  • Entity TIN Status

  • Entity Industry

  • Merchant Environment

  • Merchant Annual Credit Card Sales

  • Monthly Volume

  • Merchant Average Ticket

  • Merchant Established Date

  • Merchant MCC

  • Plaid Verification

  • Custom

  • Transaction Payment Method

  • Transaction Total

  • Routing Number

  • Imported

  • Type

  • Card on File Type

  • Origin

  • Token

Risk Rating

 

  • Credit Card Exposure

  • Credit Risk Level

  • Total Exposure

  • ACH Exposure

  • AML Risk Level

  • AML Score

  • AML Risk Category

Transaction Size

 

  • Transaction Total

Transaction Attribute

 

  • Transaction Token

  • Transaction CVV Status

  • Transaction CVV Sent

  • Transaction Card-on-File Type

  • Transaction Auth Code

  • Transaction IP Created

  • Transaction Type

  • Merchant Last Activity

Transaction Authorization

 

  • Auth Code

AVS Response

 

  • Transaction Result AVS Code

Country Block

 

Country Code

Transaction Metrics

 

  • Daily All Transactions Count

  • Daily All Transactions Amount

  • Daily Declined Transactions Count

  • Daily Declined Transactions Amount

  • Daily Card Transactions Count

  • Daily Card Transactions Amount

  • Daily Declined Card Transactions Count

  • Daily Declined Card Transactions Amount

  • Daily Cards Present Transactions Count

  • Daily Cards Present Transactions Amount

  • Daily Declined Cards Present Transactions Count

  • Daily Declined Cards Present Transactions Amount

  • Daily Cards-Not-Present Transactions Count

  • Daily Cards-Not-Present Transactions Amount

  • Daily Declined Cards-Not-Present Transactions Count

  • Daily Declined Cards-Not-Present Transactions Amount

  • Daily Bank Transactions Count

  • Daily Bank Transactions Amount

  • Daily Declined Bank Transactions Count

  • Daily Declined Bank Transactions Amount

  • Daily Refunds Count

  • Daily Refunds Amount

  • Daily Declined Refunds Count

  • Daily Declined Refunds Amount

  • Daily Sales

  • Daily Bad Authentications

  • Daily Successful Authentications

  • Weekly All Transactions Count

  • Weekly All Transactions Amount

  • Weekly Declined Transactions Count

  • Weekly Declined Transactions Amount

  • Weekly Card Transactions Count

  • Weekly Card Transactions Amount

  • Weekly Declined Card Transactions Count

  • Weekly Declined Card Transactions Amount

  • Weekly Cards Present Transactions Count

  • Weekly Cards Present Transactions Amount

  • WeeklyDeclined Cards Present Transactions Count

  • Weekly Declined Cards Present Transactions Amount

  • Weekly Cards-Not-Present Transactions Count

  • Weekly Cards-Not-Present Transactions Amount

  • Weekly Declined Cards-Not-Present Transactions Count

  • Weekly Declined Cards Not Present Transactions Amount

  • Weekly Bank Transactions Count

  • Weekly Bank Transactions Amount

  • Weekly Declined Bank Transactions Count

  • Weekly Declined Bank Transactions Amount

  • Weekly Refunds Count

  • Weekly Refunds Amount

  • Weekly Declined Refunds Count

  • Weekly Declined Refunds Amount

  • Weekly Sales

  • Weekly Bad Authentications

  • Weekly Successful Authentications

  • Monthly All Transactions Count

  • Monthly All Transactions Amount

  • Monthly Declined Transactions Count

  • Monthly Declined Transactions Amount

  • Monthly Card Transactions Count

  • Monthly Card Transactions Amount

  • Monthly Declined Card Transactions Count

  • Monthly Declined Card Transactions Amount

  • Monthly Cards Present Transactions Count

  • Monthly Cards Present Transactions Amount

  • Monthly Declined Cards Present Transactions Count

  • Monthly Declined Cards Present Transactions Amount

  • Monthly Cards-Not-Present Transactions Count

  • Monthly Cards-Not-Present Transactions Amount

  • Monthly Declined Cards-Not-Present Transactions Count

  • Monthly Declined Cards-Not-Present Transactions Amount

  • MonthlyBank Transactions Count

  • MonthlyBank Transactions Amount

  • Monthly Declined Bank Transactions Count

  • Monthly Declined Bank Transactions Amount

  • Monthly Refunds Count

  • Monthly Refunds Amount

  • Monthly Declined Refunds Count

  • Monthly Declined Refunds Amount

  • Monthly Bad Authentications

  • Monthly Successful Authentications

TIN Check

Validates your recipient's Name/TIN information in real-time against the IRS database, the Office of Foreign Assets Control list (OFAC), and the Death Master File (DMF) to ensure you have valid recipient Name/TIN information.

  • TIN Score

  • Status Code

Trulioo Identity Document Verification (IDV)

 

  • Record Status

  • Surname

  • Given Name

  • Address Line 1

  • Postal Code

  • Day of Birth

  • Month of Birth

  • Year of Birth

  • Telephone Number

  • State or Province Code

  • Email Address

Trulioo Business Verification

 

  • Record Status

  • Address Line 1

  • Postal Code

  • City

  • State or Province Code

  • Business Name

  • Business Registration Number

  • Jurisdiction of Incorporation

  • TIN

  • Found in Directors Officers

  • Found in Company Ownership

Trulioo Async Business Verification

 

  • Record Status

  • Address Line 1

  • Postal Code

  • City

  • State or Province Code

  • Business Name

  • Business Registration Number

  • Jurisdiction of Incorporation

  • TIN

  • Found in Directors Officers

  • Found in Company Ownership

TruliooAmlIdv

 

  • Record Status

  • Surname

  • Given Name

  • Address Line 1

  • Postal Code

  • Day of Birth

  • Month of Birth

  • Year of Birth

  • Telephone Number

  • State or Province Code

  • Email Address

PlaidGetIdentity

 

  • Available

  • Current

  • ISO Currency Code

  • Unofficial Currency Code

  • Official Name

  • Type

  • Depository Subtype

  • Phone-Email Mismatch

  • Email-Zip Code Mismatch

PlaidIdentityMatch

 

  • Legal Name Score

  • Phone Number Score

  • Email Address Score

  • Address Score

  • Business Name Detected

  • First or Last Name Match

  • Postal Code Match

TxnPlaidIdentityMatch

 

  • Legal Name Score

  • Phone Number Score

  • Email Address Score

  • Address Score

  • Business Name Detected

  • First or Last Name Match

  • Postal Code Match

TxnPlaidGetIdentity

 

  • Available

  • Current

  • ISO Currency Code

  • Unofficial Currency Code

  • Official Name

  • Type

  • Depository Subtype

  • Phone-Email Mismatch

  • Email-Zip Code Mismatch

TxnPlaidGetAuth

 

  • Available

  • Current

  • Limit

  • ISO Currency Code

  • Unofficial Currency Code

  • Last Updated Date and Time

  • Official Name

  • Type

  • Depository Subtype

  • Verification Status

  • Insufficient Funds

BaselineTxnMetricsOutlierTicketSize

 

Sub-Decision

Outlier Ticket Size

Transaction Number

Transaction Percentile

Transaction Base

 

Sub-Decisions

Decisions utilize a modular approach called Sub-Decision to break down decisions tied to individual risk services like Realtime Member Search, ThreatMetrix, Equifax Consumer Credit Report, and more.

Policy Component

Description

Subtype

The specific risk service or check corresponding to a distinct Decision type.

Match Rule

Decides how the Sub-Decision is applied, either “All” (every owner meeting the criteria) or “Any” (only one owner having to meet the criteria).

Risk Level

Optional prioritization based on the Merchant’s Risk Score (0-100), with Low (67-100), Medium (34-67), or High (0-33).

Operator

Criteria filters determining the action based on the provided data from the risk service.

Value

Specific data values associated with specific Operators.

Action

The automated process(es) triggered when the Operator and Value criteria are met.

Subtypes

Subtypes are used to further specify the criteria needing to be met by the specific risk service data returned.

See the subtypes available for each decision below:

Realtime Member Search

Sub-Decision

Description

Operators

Valid Values

Sub-Decision

Description

Operators

Valid Values

Entity Score

A score indicating confidence in the identity match.

  • Greater Than or equal to threshold

  • Less Than or equal to threshold

Score values: 0 - 100

Address Conflict

Whether the address information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

Citizenship Conflict

Whether the citizenship information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

Country Conflict

Whether the country information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

DOB Conflict

Whether the Date of Birth information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Entity Type Conflict

Whether the Entity Type information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Gender Conflict

Whether the Date of Birth information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

ID Conflict

Whether the ID information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Phone Conflict

Whether the ID information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Realtime Business Search

Sub-Decision

Description

Operators

Valid Values

Sub-Decision

Description

Operators

Valid Values

Entity Score

A score indicating the confidence in the identity match.

  • Greater Than or equal to threshold

  • Less Than or equal to threshold

Score values: 0 - 100

Address Conflict

Whether the address information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

Citizenship Conflict

Whether the citizenship information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

Country Conflict

Whether the country information for screening list entity matches.

  • Truthy

  • Falsy

No value. Operators serves as the value.

DOB Conflict

Whether the Date of Birth information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Entity Type Conflict

Whether the Entity Type information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Gender Conflict

Whether the Date of Birth information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

ID Conflict

Whether the ID information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Phone Conflict

Whether the ID information for screening list entity matches

  • Truthy

  • Falsy

No value. Operators serves as the value.

Mastercard Match

Sub-Decision

Description

Operators

Valid Values

Sub-Decision

Description

Operators

Valid Values

Possible Matches

Indicates that any match was made with the MATCH watchlist.

  • Truthy

  • Falsy

No value. Operators serves as the value.

Name

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

DoingBusinessAsName

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Address

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Phone Number

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Alt Phone Number

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Country Subdivision Tax ID

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

National Tax ID

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Service Provider Legal

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Service Provider DBA

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative Name

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative Address

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative Phone Number

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative Alt Phone Number

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative National ID

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Representative Drivers License

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

ID Theft Rep National ID

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

ID Theft Rep National Tax ID

 

  • Matches Value

  • No Match

  • M00 - No Match

  • M01 - Exact Match

  • M02 - Phonetic Match

Termination Reason Code

 

 

  • Matches Value

  • No Match

  • 1 - Account Data Compromise

  • 2 - Common Point of Purchase (CPP)

  • 3 - Laundering

  • 4 - Excessive Chargebacks

  • 5 - Excessive Fraud

  • 6 - Reserved for Future Use

  • 8 - Mastercard Questionable Merchant Audit Program

  • 9 - Bankruptcy/Liquidation/Insolvency

  • 10 - Violation of Standards

  • 11 - Merchant Collusion

  • 12 - PCI Data Security Standard Noncompliance

  • 13 - Illegal Transactions

  • 14 - Identity Theft

Definitions from Mastercard available here.

Business Instant ID

Sub-Decision

Description

Operators

Valid Values

Sub-Decision

Description

Operators

Valid Values

Business Score

The BVI (business verification index) is an index that summarizes the verification of the business information

  • Greater Than or equal to threshold

  • Less Than or equal to threshold

  • Matches Value

  • No Match

  • 0 - Nothing found to confirm the existence of the business.

  • 10 - Significant contradictory findings or an OFAC match exists or only single input elements are valid.

  • 20 - Partial verification of input data; business may exist but can’t be positively confirmed.

  • 30 - Business identity confirmed, but failure to verify all identity elements.

  • 40 - Strong verification of the input data is confirmed.

  • 50 - Business is verified with no contradictory findings.

Verification Code

 

  • Matches Value

  • No Match

  • 0 - No business inputs verified on this source.

  • 1 - One of the following verified: Input Business name, address, phone or federal EIN.

  • 2 - Two of the following verified: Input Business name, address, phone, and/or federal EIN.

  • 3 - Three of the following verified: Input Business name, address, phone, and/or federal EIN.

  • 4 - All input business information verified.

Company Name Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

Street Address Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

City Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

State Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

ZIP Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

Phone Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

EIN Verification

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

Risk Indicator Code

 

  • Matches Value

  • No Match

  • 10 - The input business name matches OFAC file.

  • 11 - The input business name matches non-OFAC global watchlist(s)

  • 12 - Bankruptcy on record suggests the business may be defunct

  • 13 - Business not in good standing according to the Secretary of State

  • 14 - Business inactive according to the Secretary of State

  • 15 - Business is not registered at Secretary of State of input business state

  • 16 - The input business TIN is associated with a different business name and address

  • 17 - Unable to verify business name, address, TIN and phone on business records

  • 18 - Unable to verify business name on business records, but alternate business name found in business records

  • 19 - Unable to verify business name on business records

  • 20 - Unable to verify business address on business records

  • 21 - Unable to verify business TIN on business records

  • 22 - Unable to verify business phone number on business records

  • 23 - Business first reported in last 12 months

  • 24 - Business first reported in last 24 months

  • 25 - The input business address may be a previous address

  • 26 - Address mismatch between the input business city/state and zip code

  • 27 - The input business address is a vacant address

  • 28 - The input business phone number may be disconnected

  • 29 - The input phone number is associated with a different name and address

  • 30 - The input business may be associated with a post office box

  • 31 - The input business phone number is a mobile number

  • 32 - The input business zip code has a prison within the zip code area

  • 33 - The input business zip code is a military only zip code

  • 34 - The input business address may be a residential address (single family dwelling)

  • 35 - The input business phone number may be associated with a residential listing

  • 36 - The input business phone number and business address on record are geographically distant (> 10 miles)

  • 37 - The input business TIN is not found

  • 38 - No updates to business record in the past 36 months

  • 39 - No updates to business record in the past 24 months

  • 40 - No updates to business record in the past 12 months

  • 41 - Business operates or has operated at multiple locations

  • 42 - Business has been banned from doing business with the government

  • 43 - The input business address may be invalid according to postal specifications

  • 44 - The input business phone number is potentially invalid

  • 45 - The input business TIN is potentially invalid

  • 46 - The input business name matches the input alternate business name

  • 47 - The input business name may have been miskeyed

  • 48 - The input business address may have been miskeyed

  • 49 - The input business phone number may have been miskeyed

  • 50 - The input business TIN may have been miskeyed

  • 51 - The input business name was missing

  • 52 - The input business address was missing

  • 53 - The input business phone was missing or incomplete

  • 54 - The input business TIN was missing or incomplete

OFAC Watch List Match

 

Is Present

The operator serves as the value.

If any result is present, trigger the Decision action.

Global Watch List Match

 

Is Present

The operator serves as the value.

If any result is present, trigger the Decision action.

Business Risk Address Match

 

Is Present

The operator serves as the value.

If any result is present, trigger the Decision action.

Business to Rep Link Index

 

  • Matches Value

  • No Match

  • 0 - The input authorized rep cannot be linked to the business

  • 10 - The input authorized rep’s address is the same as the input business address.

    • The input authorized rep’s first or last name appears as part of the input business name.

    • The input authorized rep’s phone is the same as the input business phone.

  • 20 - The input authorized rep’s SSN is the same as the input business FEIN.

    • The input authorized rep’s address and first or last name is the same as the input business’ address and part of the name.

  • 30 - The input authorized rep’s address matches the business address on record.

    • The input authorized rep’s first or last name appears as part of the business name on record.

    • The input authorized rep’s phone matches the business phone on record.

  • 40 - The input authorized rep’s address matches the personal address of a business contact on record.

    • The input authorized rep’s SSN matches the business FEIN on record.

    • The input authorized rep’s address and first or last name matches the business’ address and part of the name on record.

  • 50 - The input authorized rep’s first and last name matches the first and last name of a business contact on record.

    • The input authorized rep’s SSN matches the SSN of a business contact on record.

REP CVI Score

 

  • Matches Value

  • No Match

  • 0 - The input authorized rep cannot be linked to the business

  • 10 - The input authorized rep's address is the same as the input business address.

    • The input authorized rep's first or last name appears as part of the input business name.

    • The input authorized rep's phone is the same as the input business phone.

  • 20 - The input authorized rep's SSN is the same as the input business FEIN.

    • The input authorized rep's address and first or last name is the same as the input business’ address and part of the name.

  • 30 - The input authorized rep's address matches the business address on record.

    • The input authorized rep's first or last name appears as part of the business name on record.

    • The input authorized rep's phone matches the business phone on record.

  • 40 - The input authorized rep's address matches the personal address of a business contact on record.

    • The input authorized rep's SSN matches the business FEIN on record.

    • The input authorized rep's address and first or last name matches the business’ address and part of the name on record.

  • 50 - The input authorized rep's first and last name matches the first and last name of a business contact on record.

    • The input authorized rep's SSN matches the SSN of a business contact on record.

REP Risk Indicator Score

 

  • Matches Value

  • No Match

  • 02 - The input SSN is reported as deceased

  • 03 - The input SSN was issued prior to the input date-of-birth

  • 04 - The input last name and SSN are verified, but not with the input address and phone.

  • 05 -

  • 06 - The input SSN is invalid

  • 07 - The input phone number may be disconnected

  • 08 - The input phone number is potentially invalid

  • 09 - The input phone number is a pager number

  • 10 - The input phone number is a mobile number

  • 11 - The input address may be invalid according to postal specifications

  • 12 - The input zip code belongs to a post office box

  • 13 -

  • 14 - The input address is a transient commercial or institutional address

  • 15 - The input phone number matches a transient commercial or institutional address

  • 16 - The input phone number and input zip code combination is invalid

  • 19 - Unable to verify name, address, SSN/TIN and phone

  • 20 -

  • 21 -

  • 22 -

  • 23 -

  • 24 -

  • 25 - Unable to verify address

  • 26 - Unable to verify SSN/TIN

  • 27 - Unable to verify phone number

  • 28 - Unable to verify date-of-birth

  • 29 - The input SSN/TIN may have been miskeyed

  • 30 - The input address may have been miskeyed

  • 31 - The input phone number may have been miskeyed

  • 32 - The input name matches the OFAC file

  • 33 -

  • 34 -

  • 35 -

  • 36 -

  • 37 - Unable to verify name

  • 38 - The input SSN is associated with multiple last names

  • 39 - The input SSN is recently issued

  • 40 -

  • 41 - The input driver's license number is invalid for the input DL State

  • 42 -

  • 43 -

  • 44 - The input phone area code is changing

  • 45 -

  • 46 - The input work phone is a pager number

  • 47 -

  • 48 - Unable to verify first name

  • 49 - The input phone and address are geographically distant (>10 miles)

  • 50 - The input address matches a prison address

  • 51 - The input last name is not associated with the input SSN

  • 52 - The input first name is not associated with the input SSN

  • 53 - The input home phone and work phone are geographically distant (>100 miles)

  • 54 -

REP DOB Code

 

  • Matches Value

  • No Match

  • 0

  • 1

  • 2

  • 3

  • 4

  • 5

  • 6

  • 7

  • 8

REP NAS Code

 

 

  • 0 - Nothing found for input criteria

  • 1 - Input SSN is associated with a different name and address

  • 2 - Input First name and Last Name matched

  • 3 - Input First name and Address matched

  • 4 - Input First name and SSN matched

  • 5 - Input Last name and Address matched

  • 6 - Input Address and SSN matched

  • 7 - Input Last name and SSN matched

  • 8 - Input First name, Last name, and Address matched

  • 9 - Input First name, Last name and SSN matched

  • 10 - Input First name, Address, and SSN matched

  • 11 - Input Last name, Address, and SSN matched

  • 12 - Input First name, Last name, Address and SSN matched

REP NAP Code

 

 

  • 0 - Nothing found for input criteria

  • 1 - Input Phone is associated with a different name and address

  • 2 - First name and Last name matched

  • 3 - First name and Address matched

  • 4 - First name and Phone matched

  • 5 - Last name and Address matched

  • 6 - Address and Phone matched

  • 7 - Last name and Phone matched

  • 8 - First name, Last name, and Address matched

  • 9 - First name, Last name, and Phone matched

  • 10 - First name, Address, and Phone matched

  • 11 - Last name, Address, and Phone matched

  • 12 - First name, Last name, Address, and Phone matched

REP Watch List Match

 

Is Present

The operator serves as the value.

If any result is present, trigger the Decision action.

REP PO Box Address

 

  • Truthy

  • Falsy

No value. Operators serves as the value.

REP Decedent Match

 

Is Present

The operator serves as the value.

If any result is present, trigger the Decision action.

Consumer Instant ID

Consumer Instant ID (Basic)

ThreatMetrix

ThreatMetrix Transactions

ThreatMetrix Emailage

ThreatMetrix FraudPoint

ThreatMetrix PhoneFinder

LegitScript Register

Equifax Consumer Credit Report

Charity Check

GIACT Inquiry

GIACT Transaction Inquiry

GIACT gAuthenticate

GIACT Transaction gAuthenticate

Payrix Payload Attribute

Payrix Payload Transaction Attribute

Risk Rating

Transaction Size

Transaction Attribute

Transaction Authorization

AVS Response

Country Block

Transaction Metrics

TIN Check

Trulioo Identity Document Verification (IDV)

Trulioo Business Verification

Trulioo Async Business Verification

Trulioo Anti-Money Laundering Identity Document Verification (AML IDV)

Plaid Get Identity

Plaid Identity Match

Plaid Transaction Identity Match

Plaid Transaction Get Identity

Plaid Transaction Get Authorization (Auth)

Baseline Transaction Metrics Outlier Ticket Size

Match Rule

Match Rules are criteria deciding how the sub-decision will be applied based on who triggers it.

  • All - Requires every owner to meet the criteria for the action to be applied.

  • Any - Requires only one owner to meet the criteria for the action to be applied.

Risk Level

Risk Level sets an optional prioritization to apply the sub-decision action based on the Merchant’s Risk Score range, between 0 and 100, 0 being the highest risk and 100 being the lowest. This Merchant Risk Score is displayed on the Merchant Risk Management Details page:

  • Low - 67-100

  • Medium - 34 to 66

  • High - 0 to 33

Operators

Operators act as the criteria filter for each Sub-Decision to read the data provided and trigger the configured Decision action accordingly.

Operator

Description

Example

Operator

Description

Example

Truthy

The operator and the value of “True” in a true/false boolean to trigger the Decision action.

Conflict with DOB: Truthy - There is a conflict with the entity member’s date of birth.

Falsy

The operator and the value of “False” in a true/false boolean to trigger the Decision action.

Plaid Verification: Falsy - No Plaid Verification has occurred for the entity.

Is Present

If any result is present, trigger the Decision action.

OFAC Watch List Match: Is Present - Entity appeared on an OFAC Watch List.

Is Empty

If no result is present, trigger the Decision action.

Entity TC Date: Is Empty - No Entity Terms and Conditions Agreement Date was found.

Greater than or equal to threshold.

Sets a range above the preset threshold value to trigger the Decision action at or above.

Entity Score: Greater than or equal to 89.

Less than or equal to threshold.

Sets a range below the preset threshold value to trigger the Decision action at or below.

FICO Score: Less than or equal to 650.

Matches Value

If result is an exact match to the set value, trigger the Decision action.

Risk Indicator Code: Matches Value “10” - The input business name matches a name on the OFAC file.

No Match

If the result does not match the set value, trigger the Decision action.

[Charity] Subsection Code: No Match - The result does not match a valid non-profit entity type.

Value

Each Value will be dependent on the available Operators for each Subtype.

  • Truthy, Falsy, Is Present, and Is Empty Operators do not require a Value to be set.

  • Greater than or equal to threshold, Less than or equal to threshold, Matches Value, and No Match Operators require a specific Value to be set:

Applicable Values for each risk service being reviewed are available in the Subtypes sections above.

Actions

Decision Actions are set automated processes that take place when the specific Subtype’s Operator and Value criteria are met.

Action

Description

Action

Description

Skipped

The Sub-Decision will skip the transaction or Merchant without taking the specific action of that Sub-Decision, but may still apply to other Sub-Decision in a Policy.

Pass

The Merchant or Transaction meets the criteria and is allowed to pass without any action taking place.

None

No Action will occur.

Errored

Respond to Merchant Boarding or Transaction processing with an error.

Reserve

The funds for the transaction will not be released until the Transaction is manually reviewed.

Hold

The transaction not be captured until it is manually released.

Block

Block the Transaction from proceeding or Merchant from boarding. This returns an error.

Post Review Only

The Merchant or Transaction is flagged for review, but no immediate action is taken allowing for a Post Review decision to be made

Approve

The Merchant or Transaction is released from any holds and approved to board or process respectively.

Manual Review

The Merchant or Transaction in question is held for manual review.

Rules

Rules are additional Sub-Decision criteria that can be optionally applied in a series of and/or linking, similar to traditional Conditional Rules shown on Decisions.

Note: All additional criteria and parameters for Rules are the same as those available from the Sub-Decision

Dependencies

Each Decision supports other conditional Decisions known as Dependencies. All Dependencies of the Decision will execute first and the Decision itself will only run if all dependencies have passed.

There must be at least one Decision with no dependencies in the list of Decisions.

Failover Dependencies

An optional type of dependency in case of a timeout error from the initial subtype’s risk service.

Fail Reason

Description

Fail Reason

Description

Timeout

The service for another Decision in the Policy and Subtype criteria search has timed out.