Laserfiche WebLink
15.8 Contractor or system must provide a way for Purchasing Entities to track reported fraud <br />transactions to completion (closure). <br />WEX offers a comprehensive fraud prevention and management program. Most recently, we <br />have been beta testing an enhanced customer facing claims management interface with a large <br />government customer. This tool allows customers to view each claim, the claim number, type of <br />claim, card number, date reported, age of claim, total dollars, claim status and date of resolution. <br />Upon resolution, an email is sent to the fleet for notification. The information in the interface can <br />be exported into a report (on demand or scheduled) so it can be easily shared with others in your <br />organization. Once beta testing is complete, we expect to deploy this solution to other large <br />customers. We expect this to be in place before the contract effective date of January 1, 2021. <br />15.9 Contractor or system must be able to resolve mass attacks (i.e. fraudulent low value charges on <br />multiple cards at once) without requiring action from the Purchasing Entities. <br />This type of attack is not a risk to WEX Fleet card holders, as our transaction processing occurs on <br />a closed -loop network, not over the Internet. <br />Regarding other Web -based applications, OWASP standards are built into development <br />processes, and manual testing is performed in addition to peer review as required by our SDLC. <br />WEX uses an automated dynamic application security testing (DAST) solution that scans web <br />applications to find vulnerabilities and provide guidance on remediation. <br />WEX receives vulnerability announcements for relevant systems from vendors, third parties, NIST, <br />FDIC, FBI, and other threat feeds, and has a dedicated security operations team managing and <br />maintaining the vulnerability management program. The vulnerability management procedure <br />requires a ticket to be generated and assigned to Information Technology operations teams for <br />patching. <br />16. DISPUTED TRANSACTIONS <br />Purchasing Entities will pay according to the contract payment terms; however, in instances of dispute, <br />the charges must be placed in suspense until there is resolution. The Contractor must propose a timely <br />dispute procedure to ensure that the payment network charge back rights do not expire. If upon <br />resolution of a dispute it is found that the transaction was actually an authorized charge, the Participating <br />Entity will be liable for the payment within the payment terms as described herein. <br />16.1 Contractor must provide a resolution procedure for dealing with disputed transactions resulting <br />from unauthorized charges, errors in cardholder billings, or problems with charges for <br />merchandise or services that are not resolved between the Cardholder and Merchant. <br />Disputed Transaction Detail <br />• How users will notify the Contractor <br />• Ability to dispute transactions electronically as well as track through final resolutions <br />of the charge <br />• Instructions for cardholders <br />• Instructions (including invoice adjustments) for billing offices <br />• Provisions for prompt investigation of disputed items <br />MASTER AGREEMENT No. 00819 - FLEET CARD SERVICES PAGE 135 OF 138 <br />