Docs
DocsAPI RestRecipesTutorialsHelp

Risk analysis Service on the HTML Interface

After performing the registration alignment with Carat Portal support to enable integration with the anti-fraud service, at the start of a transaction HTML Payment (Learn more) the merchant must configure the property anti_fraud and send the appropriate anti-fraud parameters (depends on the institution that your merchant was set up), both properties must be within the scope of theadditional_data object.

The field anti_fraud determines how anti-fraud is applied and can contain the following values:

  • enabled_before_auth - Risk analysis will be performed BEFORE authorization of the payment. If the analysis is rejected, payment will not be started.
  • enabled_after_auth - Risk analysis will be performed AFTER authorization of the payment. If the analysis is rejected, the payment that has already been authorized will be canceled.

Attention:

For cases where the limits of intervals for automatic activation of Anti Fraud are configured in the merchant and a value of anti_fraud is passed in the creation of the transaction, the Carat Portal will only accept the value of anti_fraud passed if the transaction is between activation limits. And if the Anti Fraud automatic activation interval limits are configured in the merchant and an anti_fraud value is not passed in the transaction, the value enabled_after_auth will be assumed as default for the anti-fraud type. Important: intervals that allow the use of 3ds and anti-fraud together must not be used.

Anti-fraud parameters

The parameters depend on the institution that provides the anti-fraud service. Therefore, not all anti-fraud parameters available on Carat Portal will be effectively used.

Below are all anti-fraud parameters (regardless of institution).
Some parameters may appear repeatedly (for example, the gift property) and this is due to the risk analysis characteristic of each institution. For more details on how each institution uses each anti-fraud parameter, see the page for each anti-fraud integration.

PropertyDescriptionFormatRequired
currencyPayment currency3 AYes
b2b_b2ce-commerce type3 ANo
item_amountValue in cents of the total sum of the values of the items< 1024 NYes
total_order_amountValue in cents of the orders< 1024 NYes
delivery_time_cdDelivery time< 50 ANo
qty_payment_typesNumber of payments1 NNo
ip (deprecated)Order IP< 50 AYes
gift1 - If order is a gift
0 - If order is not a gift		1 NNo
gift_messageGift message< 8000 ANo
obsOrder observations< 8000 ANo
sla_customAnalysis SLA4 NNo
originOrder origin< 150 AYes
reservation_dateDate of the flight reservation. Only for flight tickets.Format da data: yyyy-mm-ddThh:mm:ssNo
nationalityNationality of the order (for request of international analysis)< 50 ANo
list_type_idList type ID (only for customers that have a specific list)1 NNo
list_idStore’s list ID< 200 ANo
sequentialSequence of the payment1 NNo
interestInterest rate.
Example: 5.00		< 4 NNo
interest_valueAbsolute value of interest in cents.
Example: 1000 (10 reais).		< 20 NNo
shipping_typeShipping type id. The following values are valid:
  • 0 - Others
  • 1 - Default
  • 2 - Guaranteed
  • 3 - ExpressaBR
  • 4 - ExpressaSP
  • 5 - High
  • 6 - Economy
  • 7 - Scheduled
  • 8 - Extra fast
  • 9 - Printed
  • 10 - App
  • 11 - Post office
  • 12 - Motoboy
  • 13 - Pick up in the Box Office
  • 14 - Pick up in the Partner Store
  • 15 - Credit Card Ticket
  • 16 - Pick up in the Store
< 2 NNo
itemsPurchase item informationObject JSON Array (Learn more)Yes
payerPayer informationObject json (Learn more)Yes
billing_dataBill informationObject json (Learn more)Yes
shipmentShipment informationObject JSON Array (Learn more)Yes
browserBrowser informationObject json (Learn more)Yes
travelAir ticket informationObject json (Learn more)Conditional by institution
passengersAir ticket passengers informationObject JSON Array (Learn more)Yes, if the item is an air ticket
connectionsAir ticket connections informationObject JSON Array (Learn more)Yes, if the item is an air ticket
hotel_reservationsHotel reservation informationObject JSON Array (Learn more)Yes, if the item is an hotel reservation
purchase_dataPurchase informationObject json (Learn more)Yes
mddMDD (Merchant Data) information. Cybersource’s fieldObject JSON Array (Learn more)No

Object items

PropertyDescriptionFormatRequired
idUnique Item IDNYes
skuProduct code of the itemAConditional by institution
titleProduct nameAYes
descriptionProduct descriptionANo
quantityQuantity of items< 4 NYes
unit_priceItem unit price< 12 NYes
category_idItem Category Id. Each institution has a different interpretation.Conditional by institutionConditional by institution
category_nameProduct's category name< 200 ANo
gift1 - If order is a gift
0 - If order is not a gift		1 NNo
tax_amountTax amountNNo
discount_amountDiscount amount in centsNNo
creation_dateProduct publication date in DD/MM/YYYY format.ANNo

Object payer

PropertyDescriptionFormatRequired
idIdentification of the buyer. Usually the CPF.NYes
namePayer's name. Each institution has a different interpretation.Conditional by institutionConditional by institution
surnamePayer's surname< 200 AYes
emailPayer's emailAYes
date_createdCreation dateAYes
passwordPassword of the buyer on the storeConditional by institutionConditional by institution
cityAddress city (without abbreviations)< 150 AYes
address_street_complementAddress complement (without abbreviations)< 250 ANo
address_countryAddress country (without abbreviations)< 150 ANo
address_countyAddress county (without abbreviations)< 150 ANo
address_street_numberAddress number< 15 ANo
stateAddress state abbreviation2 ANo
address_street_nameAddress street name (without abbreviations)< 200 ANo
address_zip_codeAddress zip code< 10 NNo
address_referenceLandmark (without abbreviations)< 250 ANo
legal_documentPayer document< 100 ANo
phonesPhones informationObject JSON Array (Learn more)No
addressAddress informationObject json (Learn more)No

Object phones of payer

PropertyDescriptionFormatRequired
ddiPhone DDI3 NNo
dddPhone DDD3 NNo
numberPhone number9 NNo

Object address of payer

PropertyDescriptionFormatRequired
street_nameStreet name.< 200 AYes
street_name2Complement of the street name.< 200 ANo
street_numberNumber of the address< 15 AYes
apartmentApartmentNNo
complementComplement of the address< 250 ANo
countyCounty of the address (without abbreviations)< 150 AYes
cityAddress city (without abbreviations)< 150 AYes
stateFederation Unit abbreviation (UF)2 AYes
districtAddress districtANo
countryAddress country< 150 ANo
zip_codeAddress zip code< 10 NYes
referenceAddress reference< 250 ANo
building_numberHouse number. Example: if it is a condominium, it will be the house number inside the condominium.< 10 ANo

Object billing_data

PropertyDescriptionFormatRequired
cliente_idCustomer ID< 50 AYes
person1 - Physical person
2 - Legal person		1 NYes
cnpj_cpfCPF or CNPJ< 100 AYes
identification_numberRG or inscrição estadual< 100 ANo
nameCustomer name< 500 AYes
birth_dateDate of birth.Date in format: yyyy-mm-ddThh:mm:ssYes
emailCustomer email< 150 ANo
genderM - male
F - female		1 ANo
addressBill addressObject json (Learn more)No
phonesBill phonesObject JSON Array (Learn more)No
documentsBill documentsObject JSON Array (Learn more)No

Object address of billing_data

PropertyDescriptionFormatRequired
street_nameStreet name< 200 AYes
street_name2Complement of the street name< 200 ANo
street_numberStreet number< 15 AYes
apartmentApartment numberNNo
complementComplementary address (without abbreviations)< 250 ANo
countyAddress county (without abbreviations)< 150 AYes
cityAddress city (without abbreviations)< 150 AYes
stateAddress State Acronym - UF2 AYes
districtDistrict nameANo
countryAddress country (without abbreviations).< 150 ANo
zip_codeAddress zipcode< 10 NYes
referenceLandmark without abbreviations< 250 ANo
building_numberHouse number. Example: if it is a condominium, it will be the house number inside the condominium.< 10 ANo

Object phones of billing_data

PropertyDescriptionFormatRequired
typePhone type:
  • 0 - Not defined
  • 1 - Residency
  • 2 - Comercial
  • 3 - Messages
  • 4 - Billing
  • 5 - Temporary
  • 6 - Cellphone
1 NYes
ddiPhone DDI3 NNo
dddPhone DDD3 NYes
numberPhone number9 NYes
extensionPhone extension< 10 ANo

Object documents of billing_data

PropertyDescriptionFormatRequired
typeConditional by institution.ANo
numberDocument numberNYes

Object shipment

PropertyDescriptionFormatRequired
idCustomer ID< 50 AYes
costFreight value in cents< 1024 NNo
typeDocument type
1 - Pessoa Física
2 - Pessoa Jurídica		< 1 NYes
legal_document1CPF or CNPJ< 100 AYes
legal_document2RG or Inscrição Estadual< 100 ANo
nameCustomer's name< 500 AYes
surnameCustomer's surname< 500 AYes
birth_dateCustomer's birth date.Date in format: yyyy-mm-ddThh:mm:ssNo
emailEmail< 150 ANo
genderM - male
F - female		1 ANo
addressShipment addressObject json (Learn more)Conditional by institution
receiver_addressShipment addressObject json (Learn more)Conditional by institution
phonesShipment phonesObject JSON Array (Learn more)Yes

Object address of shipment

Também equivale ao object receiver_address do shipment

PropertyDescriptionFormatRequired
street_nameStreet name< 200 AYes
street_name2Complement of the street name< 200 ANo
street_numberStreet number< 15 AYes
apartmentApartment numberNNo
complementComplementary address (without abbreviations)< 250 ANo
countyAddress county (without abbreviations)< 150 AYes
cityAddress city (without abbreviations)< 150 AYes
stateAddress State Acronym - UF2 AYes
countryAddress country< 150 AYes
zip_codeZip code of the address.< 10 AYes
building_numberHouse number. Example: if it is a condominium, it will be the house number inside the condominium.< 10 ANo

Object phones of shipment

PropertyDescriptionFormatRequired
typePhone type:
  • 0 - Not defined
  • 1 - Residency
  • 2 - Commercial
  • 3 - Messages
  • 4 - Billing
  • 5 - Temporary
  • 6 - Cellphone
1 NYes
ddiPhone DDI3 NNo
dddPhone DDD3 NYes
numberPhone Number9 NYes
extensionPhone extension< 10 ANo

Object browser

PropertyDescriptionFormatRequired
ip_addressIP address15 AYes

Object travel

PropertyDescriptionFormatRequired
routeConcatenation of the flight routes.

To obtain the airport codes, use this link		Value must respect the format: XXX-XXX:XXX-XXXYes
journey_typeTrip type: round_trip or one_way< 32 AYes
departure_date_timeDate and time of the first flight departure.Format da data: yyyy-mm-ddThh:mm:ssYes

Object passengers

PropertyDescriptionFormatRequired
idPassenger ID< 32 ANo
namePassenger's name. Conditional by institution< 100 AYes
last_namePassenger's last name< 100 AConditional by institution
frequente_flyer_cardMileage Card (Fidelity)< 32 ANo
legal_document_typeType of identification document:
  • 1 - CPF
  • 2 - CNPJ
  • 3 - RG
  • 4 - IE
  • 5 - Passport
  • 6 - CTPS
  • 7 - Electoral card
1 NYes
legal_documentDocument number< 50 AYes
birth_datePassenger's birth date.Date in format: yyyy-mm-ddThh:mm:ssNo
emailPassenger email. Must be unique.Format: [email protected]No
statusStatus of the ticket reservation. Example: Reserved< 32 ANo
ratingPassenger classification according the ticket price.< 32 ANo
typePassenger classification.
  • ADT: Adult
  • CNN: Child
  • INF: Infant
  • YTH: Youth
  • STU: Student
  • SCR: Senior Citizen
  • MIL: Military
< 32 ANo
unit_priceAirfare unit price.Format (in cents): 1000 (10 reais)No
phonesPassenger phonesObject JSON Array (Learn more)Yes

Object phones of passengers

PropertyDescriptionFormatRequired
ddiPhone DDI3 NNo
dddPhone DDD3 NYes
numberPhone number9 NYes

Object connections

PropertyDescriptionFormatRequired
companyAirline name< 50 AYes
flight_numberFlight number6 NYes
flight_dateDate of the flight.Conditional by institutionYes
classSeat class< 10 AYes
fromOriginConditional by institutionYes
toDestinyConditional by institutionYes
departure_dateBoarding date.Date in format: yyyy-mm-ddThh:mm:ssYes
arrival_dateDate of the landing.Date in format: yyyy-mm-ddThh:mm:ssYes

Object hotel_reservations

PropertyDescriptionFormatRequired
hotelHotel name< 200 AYes
cityHotel city without abbreviations< 150 AYes
stateHotel state without abbreviations< 150 AYes
countryHotel country< 150 AYes
reservation_dateReservation Date.Date in format: yyyy-mm-ddThh:mm:ssYes
reservation_expiration_dateDate of expiry of the reservation.Date in format: yyyy-mm-ddThh:mm:ssYes
checkin_dateDate of arrival.Date in format: yyyy-mm-ddThh:mm:ssYes
checkout_dateDeparture date.Date in format: yyyy-mm-ddThh:mm:ssYes

Object purchase_data

PropertyDescriptionFormatRequired
last_date_inserted_mailDate that the email was last modified.Date in format: yyyy-mm-ddThh:mm:ssNo
last_date_change_passwordDate of the last change of the password.Date in format: yyyy-mm-ddThh:mm:ssNo
last_date_change_phoneDate that the phone was last changed.Date in format: yyyy-mm-ddThh:mm:ssNo
last_date_change_mobile_phoneDate that the mobile phone was last changed.Date in format: yyyy-mm-ddThh:mm:ssNo
last_date_inserted_addressDate of the last address change.Date in format: yyyy-mm-ddThh:mm:ssNo
purchase_loggedBought authenticated on the store web site1 NNo
purchase_logged_with_facebookPurchase logged in via Facebook1 NNo

Object mdd

PropertyDescriptionFormatRequired
idIt can range from 1 to 100 defined by the merchant in an agreement with Cybersource< 255 ANo
valueValue of the field defined by the merchant in an agreement with Cybersource< 255 ANo

For payments using Konduto, Cybersource and Antifraude Fiserv: Parameters that exist in payer, billing and shipment when not passed to the transaction creation service via additional_data, will be requested in the payment screen. If the parameters are passed in the transaction creation service, you will not be asked to fill in the fields on the payment screen.

For payments using Konduto, Cybersource and Antifraude Fiserv: Parameters that exist in payer, billing and shipment when not passed to the transaction creation service via additional_data, will be requested in the payment screen. If the parameters are passed in the transaction creation service, you will not be asked to fill in the fields on the payment screen.

Updated 15 days ago