> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enfuce.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Case management in myenfuce

## Overview

Fraud Notifications in MyEnfuce is the case management interface for your operations team. When Enfuce's fraud monitoring engine flags a suspicious card event, a case appears here for your team to act on. The portal gives you a structured, auditable workflow: review the case, contact the cardholder, record the outcome, and close it.

There are two access levels:

* **Auditor** — read-only access to all cases
* **Support** — read and write access, including setting transaction statuses and finalising cases Confirm with your organisation's tenant administrator that users are assigned to the right group. Each login can only belong to one group at a time.

***

## Accessing fraud notifications

1. Open the left-hand menu bar in MyEnfuce.
2. Select your environment — **Demo** for testing, **Live** for production.
3. From the Customer Portal home page, locate the **Fraud Notifications** tile and click **Inspect**. The tile displays a live count of open cases so you can see at a glance whether anything needs attention.

***

## The case list

Fraud cases are split across two tabs:

* **Unresolved** — cases with status **Open** or **Pending**. These require action from your team.
* **Resolved** — cases with status **Closed**. These are read-only and suitable for reporting and audit. Each row in the list shows:

| Field            | Description                                                              |
| ---------------- | ------------------------------------------------------------------------ |
| **Case Date**    | When the Enfuce fraud team submitted the case                            |
| **Card ID**      | Unique card identifier; clickable link to cardholder details in MyEnfuce |
| **Last Updated** | Most recent timestamp on the case                                        |
| **Status**       | Open, Pending, or Closed                                                 |
| **Comment**      | Additional context from the Enfuce fraud team                            |
| **Review**       | Opens the full case detail view                                          |

***

## Working a case

### Case summary

The summary section at the top of the detail view shows the Case Date, Card ID, and current Status. The Card ID is a clickable link that takes you directly to the cardholder's record so you can look up contact details before calling.

**Status meanings:**

* **Open** — case created, not yet worked
* **Pending** — actively under investigation
* **Closed** — fully resolved

### Reviewing transactions

Every case contains one or more transactions linked to the suspected fraud event. Use the status filter toggles to show or hide transactions by their review outcome:

* **Fraud** — cardholder confirmed this transaction was not made by them
* **Genuine** — cardholder confirmed this was a legitimate purchase
* **Pending** — awaiting review You can combine filters freely. The count shown updates in real time as you adjust them.

Each transaction row shows the Transaction ID, last updated time, and current status (colour-coded: red for Fraud, green for Genuine, grey for Pending).

### Detailed transaction view

Clicking into an individual transaction gives you the full detail needed to verify it with the cardholder:

| Field                                    | What it tells you                                                    |
| ---------------------------------------- | -------------------------------------------------------------------- |
| **Transaction ID**                       | Unique identifier; links to full transaction record in MyEnfuce      |
| **Transaction Date**                     | When the purchase took place                                         |
| **Transaction Amount**                   | Purchase value in transaction currency                               |
| **Transaction Condition**                | How the purchase was made (e.g. chip + PIN, contactless, e-commerce) |
| **Strong Customer Authentication (SCA)** | Whether the cardholder authenticated the transaction                 |
| **Response Code**                        | Whether the transaction was accepted or declined                     |
| **Merchant Name**                        | Where the purchase occurred                                          |
| **Merchant Country**                     | Country of the merchant                                              |
| **Merchant Category**                    | Merchant category code (MCC)                                         |
| **Customer Comment**                     | Any notes the cardholder provided                                    |

***

## Setting transaction statuses

After contacting the cardholder, record their response by updating each transaction's status.

**To review in bulk:** click **Select All** to select every transaction, then **Set Status**. All selected transactions will receive the same status — use this only when the cardholder has confirmed all transactions share the same outcome.

**To review individually:** tick the checkbox next to each transaction you want to update, then click **Set Status**.

<Warning>
  If you select multiple transactions and set a status, every selected transaction receives that same status. Review your selection carefully before confirming.
</Warning>

### Marking as Genuine

1. From the **Set Status** drop-down, choose **Genuine**.
2. The portal shows a preview of affected transactions — review it before confirming.
3. Optionally add a **Customer Comment** with any relevant context from the cardholder.
4. Click **Submit**. When all transactions in a case are marked Genuine and the case is finalised, the card status automatically resets to **Card OK**.

### Marking as Fraud

1. From the **Set Status** drop-down, choose **Fraud**.
2. Select the appropriate **Reason** — see the guidance below to choose correctly.
3. Optionally add a description with any supporting details from the cardholder.
4. Preview the affected transactions, then click **Submit**. When a case is finalised as Fraud, the card is closed with status **Card closed due to fraud**. You can then begin the dispute process with Enfuce's 2nd Line Support if applicable.

#### Choosing the right fraud reason

Selecting an accurate reason is important — it feeds into fraud reporting to card schemes and helps EBI identify patterns across the customer base. Use **Other** only as a genuine last resort, not as a default when you are unsure.

<AccordionGroup>
  <Accordion title="Card Details Compromise (CARD_DETAILS_THEFT)">
    **Definition:** Card data was exposed without the physical card being lost or stolen. Use this when the cardholder still has their card but transactions have been made without their knowledge. Common causes include:

    * Phishing — fake emails or SMS messages that tricked the cardholder into entering card details
    * Skimming — compromised ATM or POS terminals capturing card data
    * Data breaches or merchant leaks
    * Malware capturing card details during online purchases
    * Social engineering where the cardholder was manipulated into sharing their details **Typical fraud outcome:** Card-not-present (CNP) transactions at online merchants.
  </Accordion>

  <Accordion title="Lost or Stolen Card (LOST_OR_STOLEN_CARD)">
    **Definition:** The physical card is missing and has been used fraudulently. Use this when the cardholder confirms they no longer have their card and did not authorise the transactions. Common causes include:

    * Wallet or bag theft
    * Pickpocketing
    * Card lost and later found and used by someone else **Typical fraud outcome:** In-person POS or ATM transactions.
  </Accordion>

  <Accordion title="Card Not Received (CARD_NOT_RECEIVED)">
    **Definition:** The card was intercepted before it reached the cardholder. Use this when the cardholder reports never receiving a card that was issued and sent to them. Common causes include:

    * Mail interception
    * Exploitation of a wrong or outdated delivery address
    * Internal or postal theft during distribution **Typical fraud outcome:** Transactions made shortly after card issuance, before the cardholder has activated it.
  </Accordion>

  <Accordion title="Unauthorised Transaction – Unknown Cause (UNAUTHORIZED_PAYMENT_TRANSACTION)">
    **Definition:** The cardholder denies the transaction but the root cause cannot yet be determined. Use this only when:

    * There is no evidence pointing to phishing, physical card loss, manipulation, or account takeover
    * The investigation is still in progress and a more specific reason cannot yet be confirmed

    <Warning>
      This should be a temporary classification, not a final one. If further investigation reveals a specific cause, update the reason accordingly before finalising the case. Do not use this as a substitute for a more accurate reason.
    </Warning>
  </Accordion>

  <Accordion title="Social Engineering / Manipulation of Payer (MANIPULATION_OF_PAYER)">
    **Definition:** The cardholder was deceived into authorising the payment themselves. This is distinct from other fraud types because the cardholder completed the authentication — they were manipulated into doing so. Common scenarios include:

    * Investment or cryptocurrency scams
    * Impersonation of a bank, police officer, or family member
    * "Safe account" scams where the cardholder is told to move funds urgently
    * Romance scams **Important:** The customer authorised the transaction. This reason captures that the authorisation was obtained through deception, not that the customer's credentials were stolen.
  </Accordion>

  <Accordion title="Fraudster Initiated Payment (ISSUANCE_OF_A_PAYMENT_ORDER_BY_FRAUDSTER)">
    **Definition:** The fraudster executed the transaction with no involvement from the cardholder. Use this when the cardholder had no part in initiating or authorising the payment. Common causes include:

    * Account takeover using stolen login credentials
    * Use of stolen card details to make transactions
    * Transactions made via a compromised account without the cardholder's knowledge **Distinction from MANIPULATION\_OF\_PAYER:** The cardholder did not interact with or authorise anything — the fraudster acted entirely independently.
  </Accordion>

  <Accordion title="Payment Tampering (MODIFICATION_OF_A_PAYMENT_ORDER_BY_FRAUDSTER)">
    **Definition:** A legitimate payment was altered by a fraudster before or during processing. This is a less common but high-value fraud type. Scenarios include:

    * Invoice fraud — the cardholder intended to pay a legitimate payee but the account details were changed (e.g. via a compromised email chain)
    * Malware modifying payment details during online checkout
    * Man-in-the-browser attacks that alter transaction data after the cardholder initiates it **Key indicator:** The cardholder genuinely intended to make a payment, but the recipient or amount was changed without their knowledge.
  </Accordion>

  <Accordion title="Other (OTHER)">
    **Definition:** Edge cases not covered by any of the reasons above. Only select this if you have worked through every other option and none accurately describes the fraud type. If you find yourself using Other frequently, contact your EBI team — it may indicate a new or unusual fraud pattern that warrants a conversation.
  </Accordion>
</AccordionGroup>

<Note>
  Transaction statuses can be updated at any time until the fraud case is finalised. Once finalised, the case is permanently closed and no further edits are possible.
</Note>

***

## Finalising a case

Once all transactions have been assigned a non-Pending status, the portal will prompt you to finalise the case automatically. You can also finalise manually at any time from the case detail page.

**To finalise:**

1. Optionally add a **Fraud Case Comment** with any final notes.
2. Tick the disclaimer checkbox to confirm you understand the case will be permanently closed.
3. Click **Finalize**. If you're not ready yet, click **Not Now** — the prompt will close and you can return to finalise later using the **Finalize** button on the case detail page.

<Warning>
  Finalisation is permanent. Once a case is closed, it cannot be modified. Make sure all transaction statuses and comments are correct before confirming.
</Warning>

***

## Viewing resolved cases

The **Resolved** tab contains the complete historical record of all closed fraud cases for your tenant. Each entry shows the Case Date, Card ID, Last Updated time, Status (always Closed), and the Resolution outcome (Genuine or Fraud).

You can open any resolved case to review full transaction details and comments. No actions are available — resolved cases are read-only.

Use the Resolved tab for reporting, audits, and regulatory reference.
