Reacting to suspicious activity

Gestpay enables merchants to define custom rules for filtering suspicious activities, such as exagerated amounts or an eccessive number of transactions in a limited time.

You can configure your own Risk Management rules in the merchant backoffice, in Configuration –> Risk Restriction.

The Risk Restriction page.

When the rules you have designed are met, the system can take two options, available in Response field:

  1. Reject transaction and return to merchant
  2. Accept transaction and return to merchant with alert

the first option is obvious, the transaction is automatically rejected by Gestpay and you’ll see the event in your dashboard. If the second option is selected, the transaction will be marked with an alert, so that the user can decide what to do.

When a transaction satisfies one of the restriction rules, the system will show an alert icon on the corresponding transaction.

Decrypt and Server-to-Server calls

Many Server-to-Server services (those exposed by WsS2S), together with Decrypt result, do return two fields, AlertCode and AlertDescription, that help identifying if a transaction has satisfied one of the rules. If these fields are empty the transaction has not triggered any rule.

A list of Alert Codes with their descriptions is available here.