Fraud
What is fraud prevention
Fraud prevention is the process of preventing a fraudulent transaction before it is attempted. This is achieved by creating a rule based detection strategy to evaluate a transaction method, such as a card, before processing it as successful payment.
Why is a fraud check important
In recent years there has been an increase in fraudulent activity online which means businesses need to be more conscious of their process in checking that a payment is not fraudulent. The purpose of these checks will be to ensure that it reduces the organisation's loss of profits with chargebacks as well as increasing end-user's confidence in your organisation by preventing their details being used in fraudulent activities.
Supported fraud providers
WhenThen provides connectivity to a number of fraud providers. We have simplified the process for you, making it easy to include a fraud provider in your payment flow via our no-code canvas. You can use our recipes get up and running faster.
At the moment, WhenThen only supports pre-authorization fraud check automations.
Score
A score is a number provided by your fraud provider that indicates the riskiness of a payment. The lower the score, the less likely the payment is high risk.
Adding fraud checks to a payment flow
1 Add a fraud connection.
Add a fraud connection.
Connecting to a fraud service requires an API key (generated from your fraud provider portal), that allows WhenThen to direct authorization request to the fraud service.
You can find more information on the fraud connection detail page
2 Build a payment processing automation with a fraud node.
Build a payment processing automation with a fraud node.
- Build a payment processing automation, by appending a fraud node to the checkout form node.
- Configure the fraud node to use the fraud data provided in your payment authorization API request .
- Configure the Payment condition node to use the resulting score from
Get payment scoreaction with a condition.
3 Add fraud input to your authorise API call.
Add fraud input to your authorise API call.
To perform a fraud check in a pre-auth flow, you need to send us the following data as required by your chosen fraud provider, This is sent through our fraud node, as seen in Step 2 above.
Signifyd
To learn more about how Signifyd works, please visit https://docs.signifyd.com/#operation/Checkout
curl
-X POST
-H "Content-Type: application/json"
-H "Authorization: Bearer xxxxxxx"
-d '{
"query": "mutation authorizePayment($authorisePayment: AuthorisedPaymentInput!) {
authorizePayment(authorisePayment: $authorisePayment) {
id
status
}
}",
"variables":{
"authorisePayment":{
"orderId":"5114e019-9316-4498-a16d-4343fda403eb",
"flowId":"8dd271c4-70af-4a7b-b3d7-f68089c5bf6d",
"amount":4999,
"currencyCode":"EUR",
"paymentMethod":{
"type":"CARD",
"token":"ZLlVBBXFDQtBnfxT"
},
"fraud": {
"orderId": "XGR-184082342387",
"checkoutId": "29bd5784-d3e0-4baa-bd2f-dbb82d90406dfd",
"device": {
"clientIpAddress": "75.100.88.78",
"sessionId": "82ce5fca-c2b2-429b-b487-6c3053469f85",
"fingerprint": {
"provider": "threatmetrix",
"payload": "aSBnZXQgYnkgd2l0aCBhIGxpdHRsZSBoZWxwIGZyb20gbXkgZnJpZW5kcw==",
"payloadEncoding": "UTF8",
"payloadVersion": "string"
}
},
"merchantPlatform": {
"name": "Salesforce Commerce Cloud",
"version": "1.2.4"
},
"purchase": {
"createdAt": "2020-12-23T13:57:40-0700",
"orderChannel": "WEB",
"totalPrice": 105.99,
"currency": "EUR",
"confirmationEmail": "user@example.com",
"confirmationPhone": "+442071838750",
"totalShippingCost": 5.99,
"receivedBy": "string",
"products": [
{
"itemName": "Sparkly Sandals",
"itemPrice": 25.99,
"itemQuantity": 4,
"itemIsDigital": false,
"itemCategory": "Apparel",
"itemSubCategory": "Footwear",
"itemId": "sparkly-sandals-xl-yellow-2020",
"itemImage": "http://mystore.com/images/xxxx-large.jpg",
"itemUrl": "http://mystore.com/xxxx-large",
"itemWeight": 200.12,
"shipmentId": "4JLHENj6OY56D9BTcQcR"
}
],
"discountCodes": [
{
"code": "LABOR_DAY_SALE",
"amount": 9.5
}
],
"shipments": [
{
"carrier": "UPS",
"minDeliveryDate": "2020-12-25",
"maxDeliveryDate": "2020-12-28",
"shipmentId": "4JLHENj6OY56D9BTcQcR",
"fulfillmentMethod": "DELIVERY",
"destination": {
"fullName": "Bob Smith",
"organization": "Initrode plc",
"email": "user@example.com",
"address": {
"streetAddress": "31 Sherwood Gardens",
"unit": "string",
"postalCode": "E14 9wn",
"city": "London",
"provinceCode": "string",
"countryCode": "GB"
}
},
"origin": {
"locationId": "boise-store-24",
"address": {
"streetAddress": "31 Sherwood Gardens",
"unit": "string",
"postalCode": "E14 9wn",
"city": "London",
"provinceCode": "string",
"countryCode": "GB"
}
}
}
]
},
"userAccount": {
"aggregateOrderCount": 2,
"userPhone": "+989127176311",
"lastOrderId": "string",
"userEmail": "saeed.satari@whenthen.com",
"accountNumber": "42202452-dq3",
"aggregateOrderDollars": 105.99,
"username": "dummy"
},
"memberships": [
{
"membershipId": "3cf0e3bd188949798d4d23d3085953e8",
"phoneNumber": "+442071838750",
"emailAddress": "bob@example.com",
"membershipName": "FRESHPASS"
}
],
"coverageRequests": [
"FRAUD"
],
"merchantCategoryCode": "1111",
"sellers": [
{
"accountNumber": "23432-dse",
"aggregateOrderCount": 4,
"aggregateOrderDollars": 415.84,
"contactAddress": {
"streetAddress": "10 Downing St",
"unit": "string",
"postalCode": "SW1A 2AA",
"city": "London",
"provinceCode": "string",
"countryCode": "GB"
},
"createdDate": "2020-12-23T13:57:40-0700",
"domain": "mystore.com",
"email": "myawesomedrones@gmail.com",
"lastUpdateDate": "2020-12-23T13:57:40-0700",
"name": "Awesome Drones Inc.",
"onboardingEmail": "myawesomedrones@gmail.com",
"onboardingIpAddress": "51.202.206.33",
"parentEntity": "Kroger",
"phone": "+442072338750",
"sellerId": "3732692146",
"tags": [
"TOP_SELLER"
],
"username": "isellawesomedrones"
}
],
"tags": [
"JULY_FACEBOOK_CAMPAIGN"
],
"customerOrderRecommendation": "DECLINE_POLICY"
}
}
}
}'
https://api.whenthen.com/api/graphqlAuthorize Payment with Fraud Signifyd
checkoutIdString ﹡Unique identifier for a checkout.
orderIdString ﹡Unique identifier for an Order.
merchantCategoryCodeStringA Merchant Category Code (MCC) is a four-digit number listed in ISO 18245 for retail financial services.
An MCC is used to classify every business that accepts card payments by the goods or services it provides. The MCC is provided by payment processors on authorizations.
customerOrderRecommendationStringEnum:
"DECLINE_POLICY""DECLINE_FRAUD""APPROVE""REVIEW"If you have a legacy risk system independent of Signifyd, use this field to pass us the decision from that system.
This is most commonly used when onboarding.
coverageRequestsStringItems Enum:
"FRAUD""INR""SNAD""ALL""NONE"The types of coverages requested. If no coverage object is provided or is empty, coverage will be set to the team's default policy.
For further information please contact your Signifyd Implementation manager.
- •
FRAUD- use when you need a financial guarantee for Payment Fraud. - •
INR- use when you need a financial guarantee for Item Not Received. - •
SNAD- use when you need a financial guarantee for fraud alleging items are Significantly Not As Described. - •
ALL- use when you need a financial guarantee on all chargebacks. - •
NONE- use when you do not need a financial guarantee. Suggested actions indecision.checkpointActionare recommendations.
- •
tagsArray[String]A list of attributes or short descriptors associated with the order.
deviceObjectData about the device that was used by the user to complete the actions.
device.clientIpAddressString ﹡The IP Address of the device or browser. You must provide a valid IP address syntax.
Local host IPs or IPs from a CDN or load balancer should not be provided.
device.sessionIdStringThe unique id for the user's session. This is to be used in conjunction with the Signifyd fingerprinting javascript.
device.fingerprintObjectThe unique id for the user's session. This is to be used in conjunction with the Signifyd fingerprinting javascript.
A device fingerprinting payload you supply to Signifyd for use in decisioning.
Some integrations with Signifyd perform device profiling before this API call and provide the profiling payload here. Standard Signifyd integrations do not need to provide this field. For more information on device fingerprinting, please see this link.
merchantPlatformObjectDetails about the merchant's commerce platform.
merchantPlatform.nameStringThe name of the merchant's commerce platform.
merchantPlatform.versionStringThe version of the merchant's commerce platform.
purchaseObject ﹡purchase.createdAtDateTime ﹡Formatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.purchase.orderChannelString ﹡The channel or source where the order was placed.
'WEB', 'PHONE', 'MOBILE_APP', 'SOCIAL', 'MARKETPLACE', 'IN_STORE_KIOSK', 'SCAN_AND_GO', 'SMART_TV'
purchase.totalPriceDouble ﹡The total amount of the order, including the shipping price, taxes, and any fees. This should be the amount you want Signifyd to provide Guarantee Fraud Protection coverage for.
purchase.currencyString ﹡The currency in which the
totalPriceand all other amounts are denominated. If omitted, the currency is assumed to be USD.purchase.confirmationEmailString ﹡When this purchase was completed, you likely sent a confirmation email or you will be sending a confirmation email to the buyer once you approve the order.
This is the email address to which that confirmation email will be sent. You must provide a valid email syntax.
purchase.confirmationPhoneStringThe phone number at which the buyer would be contacted if there was something wrong with this order or the phone number that was supplied with the shipping information.
purchase.totalShippingCostDoubleThe total amount the customer is paying for shipping the products.
purchase.receivedByStringIf the order was placed on-behalf of a customer service or sales agent, his or her name.
purchase.discountCodesArray[Object]Array of
AbsoluteDiscountCode (object)orPercentDiscountCode (object).A list of discount codes, coupons, or promotional codes used during checkout to receive a discount on the order. You can only provide the discount code and the discount amount OR the discount percentage.
purchase.productsArray [Object] ﹡A list of products purchased on the order and going to the given
destination.purchase.shipmentsArray [Object] ﹡Details about the delivery destinations and the products for each one.
userAccountObjectData about the user's account with you, the merchant or service provider.
userAccount.usernameStringThe username associated with the account. Please supply this even if it is the same as the
email.userAccount.createdDateStringFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.userAccount.accountNumberStringYour unique identifier for the account.
userAccount.aggregateOrderCountInteger>= 1The total count of orders placed by this account since it was created, including the current order.
userAccount.aggregateOrderDollarsDouble>= 0The total amount spent by this account since it was created, including the current order.
userAccount.emailStringThe primary email address associated with the account.
userAccount.phoneStringThe primary phone number associated with the account.
userAccount.lastOrderIdStringThe unique identifier for the last order placed by this account, prior to the current order.
userAccount.lastUpdateDateDateTimeFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.userAccount.emailLastUpdateDateDateTimeFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.userAccount.phoneLastUpdateDateDateTimeFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.userAccount.passwordLastUpdateDateDateTimeFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.membershipArray[Object]The membership object should be used to indicate the usage of a rewards, discount, or admission program by the buyer when they completed the checkout.
In some cases that membership may be a paid one, for example, if a buyer used a Costco membership to complete a purchase at Costco.
Other times that membership will be a be a free loyalty program, for example, if a buyer used a Frequent Flyer number when purchasing a plane ticket, it would also go here.
This object is conceptually distinct from
userAccountwhose attributes relate to the online account that was used by the buyer to complete the purchase; it's what the buyer "logs in to". You would never login to a "membership".membership.membershipNameString ﹡Name of the membership.
membership.phoneNumberStringThe phone number associated with this membership.
membership.emailAddressStringEmail address associated with this membership.
membership.membershipIdStringUnique identifier for this membership in the merchant's system.
sellersArray[Object]Use only if you operate a marketplace (e.g. eBay) and allow other merchants to list and sell products on the online store.
A seller is an online account for the merchant or business that listed and sold the product(s) on the order.
sellers.nameStringThe business name of the seller.
sellers.usernameStringThe unique username associated with the seller.
This will likely be whatever they use to login to your site. Please supply this even if it is the same as the email address.
sellers.sellerIdStringThe unique ID of the seller generated by the parent entity.
sellers.phoneStringThe phone number associated with the seller.
sellers.emailStringThe primary email address currently associated with the seller.
sellers.domainStringThe domain of the seller.
sellers.createdDateStringFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.sellers.lastUpdateDateStringFormatted as
yyyy-MM-dd'T'HH:mm:ssZper ISO 8601.sellers.onboardingEmailStringThe email address associated with this seller account when it was created.
sellers.onboardingIpAddressStringThe IP address of the device used when this seller account was created.
sellers.parentEntityStringThe unique ID of the parent entity associated with the seller.
sellers.accountNumberStringsellers.aggregateOrderCountIntegerThe total count of orders sold by this seller since it was created, including the current order.
>= 1sellers.aggregateOrderDollarsDoubleThe total amount sold by this seller since it was created, including the current order.
>= 0sellers.tagsArray[String]A list of attributes or short descriptors associated with the seller account.
sellers.contactAddressObjectThe address registered on the Seller account at which they say they should be contacted.
Sift
To learn more about how Sift works, please visit https://sift.com/developers/docs/
curl
-X POST
-H "Content-Type: application/json"
-H "Authorization: Bearer xxxxxxx"
-d '{
"query": "mutation authorizePayment($authorisePayment: AuthorisedPaymentInput!) {
authorizePayment(authorisePayment: $authorisePayment) {
id
status
}
}",
"variables": {
"authorisePayment": {
"orderId": "557512fb-e5f3-45ce-9e60-b9418b92153b",
"flowId": "2d0fc623-f1ca-4051-b60a-7366ca14783c",
"amount":4999,
"currencyCode":"EUR",
"paymentMethod":{
"type":"CARD",
"token":"ZLlVBBXFDQtBnfxT"
},
"fraud": {
"user_id": "billy_jones_301",
"session_id": "gigtleqddo84l8cm15qe4il",
"order_id": "ORDER-28168441",
"user_email": "bill@gmail.com",
"amount": 115940000,
"currency_code": "EUR",
"digital_wallet": "apple_pay",
"coupon_code": "dollarMadness",
"shipping_choice": "FedEx Ground Courier",
"is_first_time_buyer": false,
"seller_user_id": "slinkys_emporium",
"expedited_shipping": true,
"shipping_method": "physical",
"shipping_carrier": "UPS",
"brand_name": "sift",
"site_domain": "sift.com",
"site_country": "US",
"billing_address": {
"name": "Bill Jones",
"phone": "1-415-555-6041",
"address_1": "2100 Main Street",
"address_2": "Apt 3B",
"city": "New London",
"region": "New Hampshire",
"country": "US",
"zipcode": "03257"
},
"ordered_from": {
"store_id": "123",
"store_address": {
"name": "Bill Jones",
"phone": "1-415-555-6040",
"address_1": "2100 Main Street",
"address_2": "Apt 3B",
"city": "New London",
"region": "New Hampshire",
"country": "US",
"zipcode": "03257"
}
},
"shipping_address": {
"name": "Bill Jones",
"phone": "1-415-555-6041",
"address_1": "2100 Main Street",
"address_2": "Apt 3B",
"city": "New London",
"region": "New Hampshire",
"country": "US",
"zipcode": "03257"
},
"shipping_tracking_numbers": [
"1Z204E380338943508",
"1Z204E380338943509"
],
"items": [
{
"item_id": "B004834GQO",
"product_title": "The Slanket Blanket-Texas Tea",
"price": 39990000,
"upc": "6786211451001",
"sku": "004834GQ",
"brand": "Slanket",
"manufacturer": "Slanket",
"category": "Blankets & Throws",
"tags": [
"Awesome",
"Wintertime specials"
],
"color": "Texas Tea",
"quantity": 2
}
],
"promotions": [
{
"promotion_id": "FirstTimeBuyer",
"status": "success",
"description": "5 off",
"discount": {
"amount": 5000000,
"currency_code": "USD",
"minimum_purchase_amount": 25000000
}
}
],
"browser": {
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36",
"accept_language": "en-US",
"content_language": "en-GB"
},
"app": {
"os": "iOS",
"os_version": "10.1.3",
"device_manufacturer": "Apple",
"device_model": "iPhone 4,2",
"device_unique_id": "A3D261E4-DE0A-470B-9E4A-720F3D3D22E6",
"app_name": "Calculator",
"app_version": "3.2.7",
"client_language": "en-US"
}
}
}
}
}'
https://api.whenthen.com/api/graphqlAuthorize Payment with Fraud Sift
user_idString ﹡The user's account ID according to your systems. Note that user IDs are case sensitive.
Find valid
user_idvalues here.session_idString ﹡The user's current session ID, used to tie a user's action before and after login or account creation
Required if no
user_idvalues is provided.order_idString ﹡The ID for tracking this order in your system.
user_emailString ﹡Email of the user creating this order.
Note: If the user's email is also their account ID in your system, set both the
user_idanduser_emailfields to their email address.amountDouble ﹡Total transaction amount in micros in the base unit of the
currency_code.1 cent = 10,000 micros. $1.23 USD = 123 cents = 1,230,000 micros.
For currencies without cents of fractional denominations, like the Japanese Yen, use 1 JPY = 1000000 micros.
currency_codeString ﹡ISO-4217 currency code for the amount. If your site uses alternative currencies, specify them here.
digital_walletStringcoupon_codeStringshipping_choiceStringis_first_time_buyerBooleanseller_user_idStringFor marketplace businesses, this is the seller's user ID, typically a database primary key.
Follow Sift's guidelines for
user_idvalues.expedited_shippingBooleanWhether the user requested priority/expedited shipping on their order.
shipping_methodStringIndicates the method of delivery to the user.
ALLOWED VALUES
"electronic","physical"shipping_carrierStringShipping carrier for the shipment of the product.
brand_nameStringName of the brand of product or service being purchased.
site_domainStringDomain being interfaced with. Use fully qualified domain name.
site_countryStringCountry the company is providing service from. Use ISO-3166 country code.
account_typesArray[String]Capture the type(s) of the account:
"merchant"or"shopper","regular"or"premium", etcThe array supports multiple types for a single account, e.g.
["merchant", "premium"]billing_addressObjectThe billing address associated with this user.
billing_address.nameStringProvide the full name associated with the address here.
Concatenate first name and last name together if you collect them separately in your system.
billing_address.phoneStringThe phone number associated with this address. Provide the phone number as a string starting with the country code.
Use E.164 format or send in the standard national format of number's origin. For example: "+14155556041" or "1-415-555-6041" for a U.S. number.
billing_address.address_1StringAddress first line, e.g., "2100 Main Street".
billing_address.address_2StringAddress second line, e.g., "Apt 3B".
billing_address.cityStringThe city or town name.
billing_address.regionStringThe region portion of the address. In the USA, this corresponds to the state.
billing_address.countryStringThe ISO-3166 country code for the address.
billing_address.zipcodeStringThe postal code associated with the address, e.g., "90210".
Send +4 postal codes with a '-', e.g., "90210-3344".
ordered_fromObjectThe details about the specific physical location providing the good or service.
This can also be used to capture pickup, delivery locations, etc.
ordered_from.store_idStringThe customer's internal identifier for the specific physical location providing the good or service.
ordered_from.store_addressObjectAddress field type represents a physical address, such as a billing or shipping address for eCommerce or sent and received address for remittance.
shipping_addressStringshipping_address.nameStringshipping_address.phoneStringshipping_address.address_1Stringshipping_address.address_2Stringshipping_address.cityStringshipping_address.regionStringshipping_address.countryStringshipping_address.zipcodeStringshipping_tracking_numbersArray[String]Shipping tracking number(s) for the shipment of the product(s).
itemsArray[Object]items.item_idStringitems.product_titleStringitems.priceStringitems.skuStringitems.brandStringitems.manufacturerStringitems.categoryStringitems.tagsStringitems.colorStringitems.quantityStringpromotionsArray[Object]The Promotion field type generically models different kinds of promotions such as referrals, coupons, free trials, etc.
The value must be a nested JSON object which you populate with the appropriate information to describe the promotion.
Not all sub-fields will likely apply to a given promotion. Populate only those that apply.
promotions.promotion_idStringThe ID within your system that you use to represent this promotion.
This ID is ideally unique to the promotion across users (e.g. "BackToSchool2016").
promotions.statusStringThe status of the addition of promotion to an account. Best used with the
add_promotionevent.This way you can pass to Sift both successful and failed attempts when using a promotion.
May be useful in spotting potential abuse. ALLOWED VALUES
success,failurepromotions.descriptionStringFreeform text to describe the promotion.
promotions.discountObjectbrowserObjectThe
browserfield type contains information about the browser.browser.user_agentString ﹡The user agent of the browser that is interacting with your website.
browser.accept_languageStringThe language(s) that the client is requesting the site content be delivered in.
Use ISO-3166 format for country codes. Examples: "en", "en-us, de", "fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5", etc.
appObjectThe app field type represents the details of an application as well as the device and OS it's running on.
app.osStringThe operating system on which application is running. (e.g. iOS, Android)
app.os_versionStringThe operating system version on which application is running. (e.g. 10.3.1, 7.1.1)
app.device_manufacturerStringThe manufacturer of the device on which application is running. (e.g. Samsung, Apple, LG)
app.device_unique_idStringThe unique ID of the device on which application is running.
For iOS, send the IFV identifier. For Android, send the Android ID.
app.device_modelStringThe model of the device on which application is running. (e.g. SM-G920x, iPhone8,1)
app.app_nameStringThe name of your application.
app.client_languageStringThe language the application content is being delivered in.
Use ISO-3166 format for country codes. Examples: "en", "en-us, de", "fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5", etc.