Risk and Fraud


Transaction monitoring

MultiSafepay is obliged by law (De Wet ter voorkoming van witwassen en financieren van terrorisme or Wwft) to perform monitoring on all our clients, including transaction monitoring. There are multiple reasons why MultiSafepay will request an invoice, for example:

  • It is unclear what is being sold
  • The order value is high
  • The order deviates from your customer profile.

Besides the invoice, additional questions can be asked for investigative purposes to be able to understand the transaction. If we are not able to understand the transaction after an investigation (e.g. when merchants are not cooperating with the requests), MultiSafepay might pause payouts or take other punitive measures.

For further information contact your account manager or email us at [email protected]

Why is MultiSafepay requesting a deposit?

MultiSafepay can request a deposit to cover the financial risk that MultiSafepay is exposed to. Financial risk arises when the merchant goes bankrupt and was using payment methods that enable funds to be withdrawn from the account while there is no balance, like direct debits or credit card payments.

In case the merchant goes bankrupt, MultiSafepay will not be able to collect the funds for the chargebacks from the account. Deposits are based on multiple parameters:

  • Credit card volume
  • Delivery timelines
  • Financials
  • Performance and experience.

If financials are requested, we would like to receive the most recent balance sheet, profit and loss statement.

Periodical review

MultiSafepay periodically performs reviews of the merchant accounts, to ensure a close relationship with our customers and to maintain the accuracy of their company information in our system. This is required by law, “Law on the prevention of money laundering and terrorist financing”.

MultiSafepay monitors if companies are still active and if there have been no changes in the business model, directors and ultimate beneficial ownership since boarding or the last review.

If there are changes noted during the review, MultiSafepay will contact the merchant via email. Sometimes new documentation needs to be provided, like updated UBO statements or copies of identification documents.

Not responding to our request for new documentation and/or information will results in a pause of your payouts. Never responding to our requests / not willing to comply, can eventually lead to a one-sided termination of the contract.

Accepting uncleared credit card payments, how and why?

What is an uncleared transaction?

The status uncleared means that we have received a credit card transaction, but the payment has not been automatically accepted, because our anti-fraud module has detected unusual data. You can find the details of why the transaction has not been accepted under the details or Risk Report. Occasionally, additional information will be added in the Transaction Notes.

It is up to you whether you want to accept or decline the transaction. You can make an informed decision based on the information provided in the Risk Report.

How to understand an uncleared status?

Because of the fraud risk when receiving and processing credit card payments, we have added a small explanation. The explanation entails and helps with accepting or rejecting a credit card transaction marked with the status uncleared. The responsibility for processing credit card payments lies entirely with the webshop. Therefore, it is up to you whether you want to accept or decline the transaction.

In the Risk Report, we have explained a number of important verification points to minimize the fraud risk when accepting a credit card payment marked with the status uncleared.

Marked with the status uncleared

The so-called uncleared status can be assigned to any credit card payment. In this case, the payment is placed ‘on hold’ by the MultiSafepay fraud filter. Transactions marked with the status uncleared must be evaluated and either be accepted or refused by the merchant. We would like to emphasize that our automated fraud filter detects an increased risk of fraud, but it does not prevent all fraudulent payments. On the other hand, not every credit card payment detected by our fraud filter is necessarily a fraudulent payment.

Why should you check the transaction?

When you accept payments by credit card, there are risks associated with it. The risk of financial damage, for example by fraud, is carried by the merchant; neither MultiSafepay nor the credit card holder are accountable in this case. When the credit card holder discovers a fraudulent payment, they can demand a refund of the payment, even if products ordered have already been delivered. This is called a ‘chargeback’.

Chargeback, what it is

Reviewing an uncleared payment

When a credit card transaction marked with the status uncleared is received, an uncleared status notification is sent to the backend of the webshop. The notification is also visible in your MultiSafepay Control. You will be able to see an alert indicating that uncleared payments are awaiting your approval. Click on the notification to go to the list of uncleared payments, then click on a transaction to open it. In this screen you will see the basic information of the transaction and a risk summary on the right. Here you will also find the buttons to accept or decline the transaction. To view a detailed risk report, click on the more information button when reviewing a transaction in MultiSafepay Control.

Under the contact details in your MultiSafepay Control, you can add an email address to enable receiving email notifications informing you about received uncleared transactions.

An uncleared transaction can only be accepted through your MultiSafepay Control. If no action is taken to accept the uncleared transaction, the authorization will automatically expire after 5 days.


Evaluate the Transaction Amount

Ask yourself if the transaction amount (of a purchase) is higher (or lower) than average. Are you willing to risk that this payment will be revoked after you have delivered your product and /or service? Consider whether the amount is unusually high compared to the average order value in your webshop.

Product or service

The risk of fraud also strongly depends on the products and/or services you offer. Customer electronics, jewelry and pages by well-known fashion and designer brands are examples of products that are popular among fraudsters. These products can be re-sold quite easily. Expensive products are also worth more to sell for fraudsters than cheap products, especially when ordered in large quantities. Ask yourself the following:

  • Is the product easy to re-sell?
  • Does the order make sense? Does the product selection or the size of the order differ from usual orders?

The customer

View customer information available in your MultiSafepay Control as well as in your own system. Your own system may provide additional useful information, unknown to MultiSafepay. Ask yourself the following questions:

  • Do you already know the customer? Is it a good customer or did you experience problems/challenges in the past?
  • Does the customer fit the profile of your average customers, e.g. based on their location, average order value, etc.?
  • Check the email address provided by the customer: is it, for example, a free email service. Fraudsters generally use auto-generated email addresses and free email services.
  • In case of doubt, contact your customer. What is the impression you get from the customer?
  • Ask if the customer is willing to pay with a different payment method. You can also ask for a copy of their ID card and/or a credit card statement. Do mind that the customer is not obliged to deliver.

3D secure

3D Secure is an additional security measure intended to reduce fraud. It is an extra step to verify the identity of the actual card holder.

3D secure, What it is

List of statuses

3D Secure Result Meaning
Enrolled Liability 3D Secure available and successfully verified. Liability for fraud is shifted to the cardholder, fraud chargeback is not possible.
Not Enrolled, liability 3D Secure available, but not used or successfully verified. Liability for fraud is shifted to the cardholder, fraud chargeback is not possible.
No Liability No 3D Secure verification available, liability not shifted, fraud chargeback is possible.

Risk report

Click on ‘View risk report’ in your MultiSafepay Control for more information about the credit card used for the transaction. Here you will find information about the number of credit cards used via a particular IP address and the amount of credit cards used in combination with a particular email address. Here are some points to consider:

  • A fraud score is assigned to uncleared payments. The score indicated the probability of fraud on a scale from 1-10 (10 being the highest score). This does not mean that transactions with score 10 are always fraudulent or that you are not at risk when a low score is assigned; it merely indicates the potential fraud risk (higher or lower).
  • Transactions with a score of 6 and above will be assigned the status uncleared due to increased fraud risk. That does not mean that there is no risk of fraud when transactions do not have an uncleared status. For transactions with a score of 6 to 8, you can choose to accept or cancel the payment yourself in MultiSafepay Control. MultiSafepay is not responsible, nor liable for any risks pertaining the acceptance of payments.
  • Does the country from the address match the location of the IP address and country in which the credit card was issued? Differences can often be easily explained, e.g. when an order is placed during a vacation or business trip. Locations that are far apart, particularly when including high-risk areas, should always be taken into consideration when assessing a credit card payment.
  • Under Fraud info, next to the score, you will find a number of indicators based on the email address and the shipping details.
  • Under ‘History Data’ you will find the number of credit cards used from the same IP address or with the same email address. If this number is high, this may indicate a fraudster. However, a high number can also be explained when the order is placed, for example, from a large business location.

Conclusion

Together, these indicators paint an accurate picture of what uncleared transactions are and how they should be addressed. However, these indicators offer no foolproof guarantee against fraudulent transactions. It is essential to consider all factors when evaluating a transaction; how likely is the possibility of fraud, what risks do you face based on your products, order value, etc.? If you trust the payment or consider it ‘low risk’, then you can accept the transaction. If you have any doubt, the transaction can be declined. We recommend that you notify your customer should you decide to reject their transaction.

Change of company details, what should I do?

If there are any changes in your company details like the address, director, UBO or in your company form, MultiSafepay should be informed.

  • For changes in address, please send an email to [email protected]
  • For changes in the company, directors or UBO, please inform our Risk Team at [email protected] and mention your MultiSafepay account number.

MultiSafepay will request new documentation, like UBO statements or copies of identification documents. If a different company will take over the account, we advise you to open a new account via www.multisafepay.com, to ensure that the money flow is separated. Please make sure all company details on the website(s) are updated as well, like company registration number, VAT number and address. It is not allowed to show different company details of the website than the details registered in the account.

A new bank account

If you would like to add a new bank account for payouts, please add the new IBAN in your MultiSafepay Control A payment in the amount of 1 EUR transferred from your business bank account (you can initiate this procedure in MultiSafepay Control) is required. Alternatively, you can provide a copy of a bank statement/screenshot taken of your online banking environment including IBAN and company name.

Important: The company name on your bank statement must be an exact match with one of the trade names on your Chamber of Commerce extract.

The new bank account will be verified within 5 business days. Please note that we only accept business bank accounts (no private bank accounts) and bank accounts that are registered on the official company name. If you would like to deactivate an old bank account, please inform us via [email protected] Do not forget to mention your Account ID.

How does MultiSafepay prevent fraud and minimize risks?

MultiSafepay does not only believe in preventing fraud, but actively tracks and reports online criminals by monitoring payments. The risk management systems are customized and designed to accommodate clients with different needs. Our fraud desk actively works to reduce charge back rates and analyzes high risk transactions.

We offer the highest industry protection as per PCI DSS standards, HTTPS, data encryption and 3D Secure technology. MultiSafepay processes and acquires for Visa and Mastercard, and we are therefore required to comply with the card schemes operating regulations.

New bank account?

A new bank account

If you would like to add a new bank account for payouts, please add the new IBAN in your MultiSafepay Control A payment in the amount of 1 EUR transferred from your business bank account (you can initiate this procedure in MultiSafepay Control) is required. Alternatively, you can provide a copy of a bank statement/screenshot taken of your online banking environment including IBAN and company name.

Important: The company name on your bank statement must be an exact match with one of the trade names on your Chamber of Commerce extract.

The new bank account will be verified within 5 business days. Please note that we only accept business bank accounts (no private bank accounts) and bank accounts that are registered on the official company name. If you would like to deactivate an old bank account, please inform us via [email protected] Do not forget to mention your Account ID.

If more than a bank account has changed within your company, it is advisable to read the following article Change of company details

What do I need to know about credit card payments?

There are a number of things businesses should be aware of when accepting credit card online payments.

Ease of use

Credit card is a very common, often preferred payment method in many countries. Their wide spread acceptance and ability to process charges in multiple currencies make them the default choice for many customers.

Activate

With MultiSafepay, Visa, Mastercard and American Express are additional payment methods. You can submit the application to enable the payment methods through your account manager via [email protected]

To activate the payment methods Visa and Mastercard we would like to receive the following information from you:

  • Average transaction amount
  • Minimum transaction amount
  • Maximum transaction amount
  • Yearly turnover by credit cards.

When approved by our Risk Team, the payment methods Visa and Mastercard will be enabled for your MultiSafepay Control.

Security

Payment service providers and businesses handling credit card data must abide by the PCI Data Security Standards. These standards are designed to protect customers and merchants by requiring the use of extensive security protocols and data management practices. MultiSafepay is PCI compliant and merchants can use MultiSafepay Payment pages to accept credit card payments without being PCI compliant themselves.

Chargebacks

Customers using credit card as payment method have the right to initiate a chargeback. A chargeback is a forcibly initiated reversal of funds.

Additional information available in our dedicated FAQ page, What is a chargeback?

3D Secure

For detailed information about 3D Secure please read the corresponding support page.

Mandatory

Some rules may apply to certain payment methods. These rules are mandatory when processing credit card transactions.

The following information should be available on your website when accepting credit cards:

  • Official company name, like in the company register
  • Official company address
  • Company registration number
  • VAT-number
  • General terms (including cancellation policy)
  • Privacy policy
  • Contact data like email address and phone number
  • Acknowledgment terms in the checkout for client, preferably a tickbox.
What is 3D Secure?

3D Secure is an additional security layer used in online credit and debit card transactions. The major credit card companies each offer their own version of 3D Secure. These are Verified by Visa, Mastercard SecureCode, J/Secure and American Express SafeKey.

3D Secure technology adds an extra step to placing an order and is intended for your safety and that of your customers. Your customers are protected against abuse of their credit card number. Before the payment is accepted, the cardholder identity is verified by requiring the customer to authenticate at the credit card provider’s 3D Secure website.

When a chargeback is filed against the merchant, and the transaction was carried out through the 3D Secure system, the acquiring bank is responsible for the costs and not the merchant.

Other languages

Liever uitleg in het Nederlands? Neem contact op met uw accountmanager.

Vuoi ricevere informazioni in italiano? Contatta il tuo account manager.

Prefieres tener la explicación en Español? Contacta con tu gerente de cuentas.

Vous préférez une explication en français? Contactez votre gestionnaire de compte.