Fraud Prevention in the Easy Pay Direct Gateway (iSpyFraud)

iSpyFraud is a fraud protection tool inside the Gateway that lets you flag or block suspicious transactions before they ever reach your processor. That means transactions blocked by your rules are stopped at the Gateway level, and your processor will not see them.

Enable iSpyFraud (First Time Only)

  1. Log in to the Gateway as your ADMIN user

     

  2. Click Fraud Prevention™ / iSpyFraud™ in the left menu
  3. Click Sign-up
  4. Complete the required two-step authorization (you will confirm/agree one more time)

Understand the Main Tabs

You will configure rules in these areas:

  • Thresholds: rule-based limits (amounts, counts, IP-based limits)

     

  • User Ban: block specific IPs, cards, emails, user IDs, countries
  • Exceptions: whitelist items that should bypass all rules
  • Waiting for Review: transactions you flagged for review
  • History Log: audit log showing accepted, flagged, denied, and exception activity

Step 1: Set Threshold Rules

Go to Thresholds to set limits for:

  • Single transaction amount (flag or deny if above or below a dollar amount)

     

  • Transaction counts per card over a day/week/month/year
  • Transaction amount totals per card over a day/week/month/year
  • IP-based limits (example: deny after X attempts from one IP in a day)

Flag vs Deny (important)

  • Flag for review: the transaction goes to Waiting for Review. If you take no action before settlement, it can still settle normally.

     

  • Deny: the customer sees a failed result, and it shows as failed in reports.

Tip on IP rules: If your team runs transactions from one office IP (Virtual Terminal), IP thresholds can accidentally block your own sales. Use Exceptions to whitelist your office IP if needed.

Step 2: Ban Specific Users, Cards, Emails, or Countries

Go to User Ban to block checkout activity by:

  • IP address (single IP, ranges, or classes)

     

  • Credit card number patterns (full card, first 6, last 4, or wildcard patterns)
  • Country (optionally verify by IP location)
  • US vs non-US mismatch (example: billing country is US but IP is outside the US)
  • User ID / Email address (wildcards supported)
  • Batch bans for adding many IPs, cards, emails, or IDs at once

You can set bans to last forever or expire after X days, and add a description so your team knows why it was blocked.

Step 3: Add Exceptions (Whitelist)

Go to Exceptions to whitelist:

  • IPs, cards, user IDs, and emails that should ignore all iSpyFraud rules

     

Common use case: whitelist your store or office IP so internal transactions are never blocked, while your website traffic is still filtered.

Step 4: Review Flagged Transactions

Go to Waiting for Review to see transactions that were flagged by your rules. If you want flagged transactions to be stopped, you must review them before settlement.

Step 5: Use the History Log to See What Happened

Go to History Log to see:

  • Which transactions were Accepted, Review, Denied, or Exception

     

  • Why a transaction was blocked (you can open details to see which rule triggered)

This is also the fastest way to identify patterns, then add a new ban (example: ban the IP tied to a denied attempt).

Video Walkthrough

Watch the full walkthrough of Thresholds, User Bans, Exceptions, Waiting for Review, and the History Log here: