Magento 1.x Security Patch Notice
For Magento Open Source 1.5 to 1.9, Magento is providing software security patches through June 2020 to ensure those sites remain secure and compliant. Visit our information page for more details about our software maintenance policy and other considerations for your business.
PayPal Fraud Management Filters
Magento Open Source supports PayPal fraud management filters for owners of Website Payments Pro PayPal accounts. The filters can be used for orders that are paid by PayPal Express Checkout or PayPal Website Payments Pro. Fraud management filters are managed through your PayPal merchant account.
PayPal fraud management filters make it easier to detect and respond to fraudulent transactions, and can be configured to flag, hold for review, or deny riskier payments. Magento order status values changed according to the fraud filter settings.
If you set the filter action to “Review,” the suspected order receives the status ”Payment Review” when the order is placed. You can review the order and approve, or cancel the payment in the Admin, or on the PayPal side. When you click the Accept Payment or the Deny Payment buttons, no new transactions for the order are created.
If you change the status of the transaction on the PayPal site, you must click the Get Payment Update button in the upper-right corner of the Order page in the Admin to apply the changes. If you click Accept Payment or Deny Payment, the changes made at the PayPal site are applied.
If you set the filter action to “Deny,” the suspected order cannot be placed by the customer, because the corresponding transaction is rejected by PayPal.
To deny the payment from the Admin, click the Deny Payment button in the upper-right corner of the page. The order status changes to “Canceled,” the transaction is reverted, and funds are released on the customer’s account. The corresponding information is added in the Comments History section of the order view.
If you set the filter action to “Flag”, the suspected order gets the status ”Processing” when it is placed. The corresponding transaction is marked with a “flag” in the list of the merchant account transactions.