Difference between revisions of "X-Payments:Decline potentially fraudulent transaction request"
m |
|||
Line 1: | Line 1: | ||
<noinclude>{{XP_API_TOC}}</noinclude> | <noinclude>{{XP_API_TOC}}</noinclude> | ||
+ | In some cases, a transaction is considered potentially fraudulent, and the final decision as to whether it should be accepted or not has to be taken by the merchant. Or, in some cases, the information about the final result is sent to the merchant later by the anti-fraud checking service. | ||
+ | |||
+ | Such a state of the transaction is indicated by the isFraudStatus flag in the [[X-Payments:Payment_information_request|Payment information request]], [[X-Payments:Detailed_payment_and_transaction_information_request|Detailed payment information request]] and the [[X-Payments:Callback_request_with_service_payment_information|callback request received from X-Payments]]. As of API 1.7, the detailed information on fraud check is sent in the fraudCheckData container. | ||
+ | |||
+ | Currently, there are four cases that can put a transaction in the "potentially fraudulent" state: | ||
+ | |||
+ | - [[X-Payments:KOUNT_Antifraud_screening|Kount Antifraud screening service]]; | ||
+ | - NoFraud screening; | ||
+ | - Internal fraud screening by the gateway (PayPal, PayFlow PRO, etc); | ||
+ | - Internal fraud screening by X-Payments. | ||
+ | |||
+ | {{Note|Please contact your antifraud service provider for recommendations on how to handle transactions marked as potentially fraudulent. Deciding which transactions to accept and which to decline is a serious matter, and you must fully understand what you are doing before you accept anything.}} | ||
+ | |||
===Request specification=== | ===Request specification=== | ||
Revision as of 14:36, 21 November 2016
- API versions supported
- Samples
- API requests
- API Requests from the store to X-Payments
- Callback requests (web-hooks) from X-Payments to the store
- Browser-related
- Appendix A. Status codes.
- See also
In some cases, a transaction is considered potentially fraudulent, and the final decision as to whether it should be accepted or not has to be taken by the merchant. Or, in some cases, the information about the final result is sent to the merchant later by the anti-fraud checking service.
Such a state of the transaction is indicated by the isFraudStatus flag in the Payment information request, Detailed payment information request and the callback request received from X-Payments. As of API 1.7, the detailed information on fraud check is sent in the fraudCheckData container.
Currently, there are four cases that can put a transaction in the "potentially fraudulent" state:
- Kount Antifraud screening service; - NoFraud screening; - Internal fraud screening by the gateway (PayPal, PayFlow PRO, etc); - Internal fraud screening by X-Payments.
Note: Please contact your antifraud service provider for recommendations on how to handle transactions marked as potentially fraudulent. Deciding which transactions to accept and which to decline is a serious matter, and you must fully understand what you are doing before you accept anything.
Request specification
Field | Required | Type | Description |
target | Y | string, 128 | Must equal payment |
action | Y | string, 128 | Must equal decline |
txnId | Y | string, 32 | Unique payment ID |
api_version | Y | string | Must equal one of the following: 1.2, 1.3, 1.4, 1.5 etc. |
Request example
<txnId>e7f398cee98ec062abac0d2c937da181</txnId> <target>payment</target> <action>decline</action>
Response specification
Field | Type | Description |
status | integer, 1 | Operation status code |
message | string, 65536 | Gateway transaction message |
Response example
<data> <status>1</status> <message>Success</message> <error></error> <error_message></error_message> </data>