xenShield is Xendit's fraud prevention system that works around the clock to protect your business from fraudulent payments. Think of it as a security guard that carefully checks every payment coming through your business, automatically stopping suspicious transactions before they can cause problems.
How to find and use xenShield in your Xendit account
xenShield's features are organized into three main areas in your Xendit dashboard. Let's look at each one and how to use them effectively.
.png?sv=2022-11-02&spr=https&st=2025-06-26T18%3A49%3A10Z&se=2025-06-26T19%3A02%3A10Z&sr=c&sp=r&sig=K34xV7k99Px6dj6GczpD9e6hsvqOHcon8WM%2FCLjqnLY%3D "image(88).png")
xenShield page in Xendit dashboard
Looking at your fraud prevention summary
The summary page gives you a quick overview of potentially risky transactions. Here's how to find and use it:
Log in to your dashboard
Click Accept Payments on your sidebar, then select Credit/Debit Cards
Click Fraud Prevention and make sure you're on the Summary tab
On this page, you'll see all transactions from the last 7 days that xenShield has flagged as potentially fraudulent. For each transaction, you can see:
Whether the payment is successful or failed
How much money was involved
The level of risk xenShield detected
A reference number to track the transaction
Which card was used
When the payment happened
xenShield marks transactions with different risk levels using color-coded labels:
A red "High" label means the transaction looks very suspicious.
An orange “Medium” label suggests there are some unusual patterns to check.
A green “Normal” label means the transaction appears normal and safe.
Managing your allow and block lists
The Lists feature lets you tell xenShield which payments to always accept or reject. To find this section:
Go to the List tab in Fraud Prevention
You'll see two main sections: Allow List and Block List
In the Allow List section, you can create lists of trusted sources:
IP addresses you know are safe
Card types (BINs) you want to accept
Specific card numbers you trust
Countries where you're happy to accept cards from
Countries where you know your customers are located
In the Block List section, you can list sources you want to block:
IP addresses that have caused problems
Card types you don't want to accept
Specific cards that have been fraudulent
Countries you don't want to accept cards from
Countries you want to block based on IP address
To update any of these lists:
Click on the list you want to change.
Add the details you want to allow or block.
Save your changes.
How xenShield checks each payment
When someone makes a payment, xenShield looks at many factors to decide if it's safe:
The payment details:
How much money is being paid
What kind of card is being used
Whether the card's security checks passed
Where the payment is coming from
The customer's behavior:
Have they bought from you before
Do they usually make similar purchases
What device they're using
Whether their location makes sense
Based on what it finds, xenShield assigns a risk level:
High risk:
The payment looks very suspicious
xenShield blocks it automatically
You'll see a red label in the transaction
You'll need to review it if you want to add the card to the allow list, or continue to block any attempt from the same card
Medium risk:
Something unusual was noticed
The payment goes through but is marked
You'll see an orange label in the transaction
You'll need to review it if you want to add the card to the block list, or continue to accept any attempt from the same card
Normal risk:
The payment looks legitimate
Everything processes normally
No special attention needed
Getting the best results from xenShield
Here's how to make xenShield work best for your business:
Check your fraud prevention summary at least once a day to catch any problems early.
Keep your allow and block lists up to date:
Add customers you know and trust to your allow lists.
Add any problematic sources to your block lists.
Review your lists every few weeks to make sure they're still accurate.
Note
Remember that xenShield is your first line of defense against fraud, but it works best when combined with your business knowledge and regular monitoring.