Fraud Notification Service
After a successful transaction with antifraud (payment status CON, PPC, PPN or EST), the merchant may identify that, in reality, a fraud occurred. In this case, the merchant can call the fraud notification service to warn the risk analysis institution about this occurrence. This will refine the analysis process of said institution, making it more accurate and preventing more frauds in the future.
Currently, this API supports the following antifraud institutions:
- Antifraude Fiserv
- Konduto
- Fraud Detect
- ClearSale REST
Call details
- Resource:
/v1/transactions/{nit}/fraud - HTTP method:
POST - Request format:
JSON - Response format:
JSON - Header parameters:
| Parameter | Description | Format | Mandatory |
|---|---|---|---|
merchant_id | Merchant code on Carat Portal. The production and certification codes will be different. | < 15 AN | YES |
merchant_key | Merchant authentication key on Carat Portal. The production and certification keys will be different. | < 80 AN | YES |
Content-Type | It must be sent with the value application/json. | = 15 AN | YES |
Examples
Below is an example of a fraud notification service call using the cURL tool.
Request:
To use this example, don't forget to define the variable {{url}} with the value
curl
--request POST 'https://{{url}}/e-sitef/api/v1/transactions/1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr/fraud'
--header 'Content-Type: application/json'
--header 'merchant_id: xxxxxxxx'
--header 'merchant_key: xxxxxxxxxxx'
--data '{
"marked_data": [
"account_key_hash",
"customer_account_id",
"customer_email"
]
}'
--verbose
**Response:**
json
{
"code": "0",
"message": "OK. Transaction successful.",
"analysis": {
"code": "100",
"message": "ACCEPT"
}
}
## Request parameters
| Parameter | Description | Required |
|---------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
| `marked_data` | Informs which fields will be relevant to inform CyberSource that this transaction was a fraud attempt.<br/><br/>This field receives a list of values. Ex: "marked_data":["account_key_hash","customer_account_id","customer_email"]<br/><br/>Fields that can be informed:<ul><li>account_key_hash</li><li>customer_account_id</li><li>customer_email</li><li>customer_idaddress</li><li>customer_phone</li><li>device_fingerprint</li><li>ship_address</li></ul> | NO |
## Response parameters
If successful, the HTTP response code will be `201`. Any other code must be interpreted as an error. The table below describes the response parameters of the fraud notification service:
| Parameter | Description | Format |
| --------- | ---------------------------------------------------------------------------------------------------------------------- | --------------- |
| `code` | Carat Portal response code. Any code different from `0` means failure. [Learn more.](codigos-da-api.md#response-codes) | <u><</u> 4 N |
| `message` | Carat Portal response message. | <u><</u> 500 AN |
| | **analysis** | |
| `code` | Risk analysis institution response code. | <u><</u> 4 N |
| `message` | Risk analysis institution response message. | <u><</u> 500 AN |
Updated 15 days ago