required
The time at which this data payload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
An eventType should identify what event in your system triggered this API call.
Pattern: ^[a-zA-Z0-9][a-zA-Z0-9-_]*$
|
important
The ID of the customer navigating through the checkout process.
Mutually exclusive with customer.
|
important
The customer navigating through the checkout process. Mutually
exclusive with customerId.
Show definition
|
required
The unique identifier of the customer. If your system allows anonymous
checkout then we recommend making this the customer's email address.
|
important
The time that the customer registered. If this value is unknown, you
can set it to 'now' - Ravelin will retain the earliest value you have
sent for this customer ID.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
important
The email address of the customer.
|
emailVerifiedTime
integer
optional
The time at which the customer verified their email, usually by
following a link back to your website from an email you sent to
their address.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
important
The full name of the customer. If you have the name split into parts,
consider familyName and givenName instead.
|
important
The surname/last name of the customer. If you do not have the name
split into parts, consider name instead.
|
important
The first/given names of the customer. If you do not have the name
split into parts, consider name instead.
|
important
The telephone number of the customer. Best in
E.164 format with an
international dialing code.
|
telephoneVerifiedTime
integer
optional
The time at which the customer verified their telephone number,
usually by confirming a code from an SMS you sent to the number.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The country the telephone number directs to. Note that the country is
not an adequate replacement for the international dialing code in the
Dominican Republic or Puerto Rico where multiple dialing codes are
used.
A ISO 3166-1 Alpha 3
or Alpha 2 country code.
|
optional
The bcypted form of the password for this customer. By its nature, the bcrypt operation is slow. Consider using passwordHashed if this is too slow for you.
|
optional
The SHA256 form of the password for this customer. This must be base64 encoded.
|
optional
The plaintext password for the customer. We never store the raw password but for security we recommend using one of the hashing options instead of the plaintext option.
|
optional
Set to true on events where the password has been changed, false or omit otherwise.
|
optional
The tags to set or unset. Use the tag ID followed by true or false, depending on whether you want to set or unset the tag.
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The username the customer would log in with.
|
deprecated
The gender of the customer.
|
deprecated
The wallet contents of the customer, in the form of an object whose
keys are currencies and values the amount held in that currency, in
the currency's basic units.
|
deprecated
Whether the customer is banned in your systems.
|
deprecated
The home country for this customer. Doesn't change when the customer is briefly abroad.
|
deprecated
The logical region in which this customer exists.
Pattern: ^[0-9a-z-]*$
|
deprecated
The logical city in which this customer exists.
Pattern: ^[0-9a-z-]*$
|
|
optional
A temporary ID for a customer when the real account ID has yet to be
minted. This must eventually be sent in conjunction with a real customer
ID to migrate the data into the full customer account.
|
important
The order describing the goods or services the customer wants to, or has
attempted to buy.
Show definition
|
required
A unique identifier for this order.
|
important
The time that the order was submitted by the customer. Used in reporting.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
important
The mobile or web app that this order was submitted on. Used for
segmenting business analytics and creating app-specific risk profiles.
Show definition
|
optional
The name or brand of the app, used to segment orders. Use the name
that customer sees when installing and using the app, or the
website title. Shouldn't repeat the platform or domain.
|
optional
One of:
ios , android , web , or mobile-web .
|
optional
The domain from the URL of the web app, using the characters a-z0-9-. .
Pattern: ^[a-z0-9-\.]+$
|
|
important
The stage of order in the purchase and delivery flow. Used in reporting.
One of the following:
|
Pending: The order is yet to be submitted for payment and processing, and you are yet to decide whether you will accept the order.
Show definition
|
required
Only:
pending .
|
optional
The actor who caused the status change e.g. buyer, merchant.
|
|
Accepted: The customer has submitted the order and you intend to fulfill it. This stage is useful if you provide the goods and services before taking payment. If you take payment immediately, you can consider the order fulfilled.
Show definition
|
required
Only:
accepted .
|
optional
The actor who accepted the order.
|
|
Failed: Something went wrong, and the order can no longer be fulfilled.
Show definition
|
required
Only:
failed .
|
required
Description of why the order has failed.
One of:
payment_declined , seller_rejected , or system_error .
|
optional
The actor who caused the status change e.g. buyer, merchant.
|
|
Cancelled: The order has been cancelled.
Show definition
|
required
Only:
cancelled .
|
required
Description of why the order has been cancelled.
One of:
buyer , seller , merchant , ravelin , or other_fraud_tool .
|
optional
The actor who caused the status change e.g. buyer, merchant.
|
|
Fulfilled: The goods have been provided to the customer and payment has been successfully taken.
Show definition
|
required
Only:
fulfilled .
|
optional
The actor who caused the status change e.g. buyer, merchant.
|
|
Refunded: The order has been refunded.
Show definition
|
required
Only:
refunded .
|
optional
A description of why the order has been refunded.
One of:
returned , complaint , or ato .
|
optional
The actor who caused the status change e.g. buyer, merchant.
|
|
important
The total price for this order, including delivery and taxes, in the currency's basic units. This price should always equal the sum of each items', tickets', and rooms' price times quantity.
|
important
The currency of the price for this order as an ISO 4217 currency code.
Pattern: ^[a-zA-Z]{3}$
|
important
The country the order should be attributed to for reporting and risk bucketing. Should reflect the country segmentation that you use for your reporting internally, whether that's by billing or shipping address, for example.
|
important
The country-group market the customer belongs to. E.g. 'southamerica', 'europe', 'emea'. Used for reporting and risk bucketing.
Pattern: ^[0-9a-z-]*$
|
important
The city that the customer belongs to. Used for reporting and risk bucketing.
Pattern: ^[0-9a-z-]*$
|
optional
The highest level category that applies to this order as a whole, e.g.
the type of service provided. See item.category to describe
individual order items.
|
important
The delivery or drop-off location of the order. For taxis, can be the
requested drop-off location to begin, and updated to the actual
drop-off location once known.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The pick-up location of the order. For taxis, can be the requested
pick-up location to begin, and updated to the actual pick-up location
once known.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
important
The line items of the order, describing what the customer is
purchasing. Including, but not limited to, products, services,
journeys, tips, taxes, and delivery fees.
Show definition
|
required
Number of copies of this item that are present in the basket (set to 0 to remove).
|
optional
A merchant specific identifier for an item or a service.
|
optional
The name of the product or service that is being purchased.
|
important
|
optional
Pattern: ^[a-zA-Z]{3}$
|
optional
The name of the brand that the item is from.
|
optional
The name of the Universal Item Code.
|
optional
The highest level category that this item is sold in.
|
optional
A category that this item is sold in.
|
optional
The scheduled time for the service described by this item.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
If the item being purchased is a ticket for an event, associate the ticket and event information here.
Show definition
|
required
The ticket information for this event.
Show definition
|
required
A unique identifier for this ticket.
|
optional
A short human-readable description of the type of ticket.
|
optional
Timestamp at which this ticket is valid from.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Timestamp at which this ticket is valid until.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Whether this ticket is refundable or not.
|
|
required
The event the ticket is granting access to. This could be a access to an event, an attraction, or any other activity the customer is purchasing a ticket to attend.
Show definition
|
required
A unique identifier for this event.
|
required
The category that best described the type of event.
One of:
adventure , attraction , conference , convention , culinary , business , family , festival , health , live show , music , party , social , sport , or other .
|
required
The location the event will take place.
Show definition
|
required
|
required
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
|
optional
|
optional
A short description of the event.
|
optional
Timestamp at which event is scheduled to start. If the event is ongoing/recurring, you can use the ticket time here.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Timestamp at which event is scheduled to end. If the event is ongoing/recurring, you can use the ticket time here.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
|
optional
The individual who will be attending the event.
Show definition
|
required
The named guest's given name.
|
required
The named guest's family name.
|
optional
The named guest's full name.
|
optional
Whether this guest is the individual who is purchasing the tickets.
|
|
|
optional
If the item being purchased is a ticket for travel, associate the journey information here.
Show definition
|
required
A unique identifier for the ticket
|
optional
A human-readable text description of what the ticket provides
|
optional
The person travelling with this ticket.
Show definition
|
optional
|
optional
|
optional
|
optional
|
optional
|
optional
|
optional
The type of document the passenger is traveling under
One of:
passport , driverslicense , or id .
|
optional
The number that identifies the document
|
documentIssuingCountry
string
optional
The 3 country code of the issuing country for the document
|
documentIssueTime
integer
optional
The Unix timestamp that the document was issued
|
documentExpiryTime
integer
optional
The Unix timestamp that the document expires
|
optional
|
optional
The type of passenger this is
One of:
adult , child , infant , or senior .
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
|
|
optional
The list of routes that this ticket grants the holder travel on.
Show definition
|
optional
The direction of travel along this route, e.g. 'outward' or 'return'.
|
optional
This is an optional unique id to tie routes together. For example, You can tie a outbound and return route together with this. This way you can have multiple return tickets in one order and routes can be logically grouped together. This must be GLOBALLY UNIQUE
|
optional
This is the list of travel legs taken by the passengers. It may contain any number of legs but must start at the first departure and end up at the final destination
Show definition
|
required
The ID of the current leg. For flight tickets, flight number (e.g. 'BA101'). For bus tickets, bus number (e.g: 'A7')
|
optional
Departure port code for the current leg. For flights: the 3 letter IATA airport code.
|
optional
The location of the departure port for the current leg. For flights: the location of the airport.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the city of departure for the current leg.
|
departureCountryCode
string
optional
The ISO 3166 country code (2- or 3-letter) for the departure country of the current leg.
|
optional
The departure time for the current leg.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Arrival port code for the current leg. For flights: the 3 letter IATA airport code.
|
optional
The location of the arrival port for the current leg. For flights: the location of the airport.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the city of arrival for the current leg.
|
arrivalCountryCode
string
optional
The ISO 3166 country code (2- or 3-letter) for the arrival country of the current leg.
|
optional
The arrival time for the current leg.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The name of the carrier/company conducting the current leg.
|
optional
A publicly agreed code describing the carrier/company conducting the current leg. For Flights, this is the IATA 2 letter carrier code.
|
transportationType
string
optional
The type of transportation.
One of:
plane , train , bus , or ship .
|
optional
Whether there are seat reservations on this leg.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
optional
If the passenger purchased travel insurance.
|
optional
The class of travel this ticket grants access to.
One of:
business , economy , first , or standard .
|
optional
The type of ticket this belongs to. This includes round trip, multi city, open return, etc
|
optional
The time that this ticket can be used until.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The method in which a customer obtains their tickets. E-mail, pickup at station, physical mail, etc
|
optional
The identifier for a loyalty card used on this order. If no loyalty card is used just omit this field
|
optional
The identifier for a loyalty card used on this order. If no loyalty card is used just omit this field
|
|
optional
If the item being purchased represents accommodation being booked, associate the trip information here.
Show definition
|
required
Whether this booking is refundable or not.
|
required
Whether the payment is taken at the hotel during check-in.
|
optional
The individual the booking is registered under (i.e the individual who will be checking in to the hotel). Either the current customer or another individual who the customer is booking the room on behalf of.
Show definition
|
optional
The booked guest's family name.
|
optional
The booked guest's given name.
|
optional
The booked guest's full name.
|
|
freeCancellationUntilTime
integer
optional
Timestamp at which any free cancellation period ends (unix time). Ignore if there is no free cancellation period.
|
paymentDueBeforeTime
integer
optional
Timestamp at which payment is due. Ignore if payment is taken immediately at booking.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Information on the hotel that the room is located in.
Show definition
|
optional
|
optional
The location of the hotel.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The star-rating awarded to this hotel. Use an 'offical' hotel classification value here, not a customer rating value.
|
|
optional
Information on room being booked.
Show definition
|
optional
|
optional
Timestamp at which guest check-in opens for the room.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Timestamp at which guest check-out closes for the room.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Maximum number of adult guests the room can accomodate.
|
|
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
optional
Descriptive text relating to the contents or nature of the order being completed.
|
optional
Contact e-mail for this order.
|
optional
Contact phone number for this order. Best in E.164 format with an international dialing code.
|
optional
Contact phone number's country
|
deprecated
The unique identifier of the seller/counterparty in the transaction,
if not your business. E.g. The restaurant, driver ID, etc.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Deprecated in favour of items.executionTime . Execution or pick-up time of the order.
|
optional
Suppliers (e.g. restaurants, couriers or drivers) involved in this order.
Show definition
|
required
The unique identifier of this supplier.
|
required
One of:
driver , courier , restaurant , shop , seller , or other .
|
important
Show definition
|
optional
The order processing stage reached by this supplier.
One of:
accepted , in-progress , fulfilled , or cancelled .
|
optional
The time when the supplier's status changed.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The reason provided by the supplier for this status change.
|
|
important
|
optional
The value of a debt the supplier accrues to the platform as a result of this order, in
the currency's basic units. For example, a supplier may accrue a debt if they accept a
cash payment on behalf of the platform. The supplier's fee should not be deducted from the debt
- e.g. if the supplier's fee is £2.50 and the customer pays the supplier £10 in cash, the debt should be
1000
and the fee 250 .
|
optional
A voluntary tip paid by the customer to the supplier for the order, in
the currency's basic units. This is in addition to the supplier's fee.
|
optional
Pattern: ^[a-zA-Z]{3}$
|
|
|
important
A primary payment method to be charged in completing the checkout
process. Mutually exclusive with paymentMethodId and paymentMethods. One of the following:
One of the following:
|
card : A credit or debit card.
Show definition
|
required
Vault card payment method indicator.
One of:
card , creditcard , or debitcard .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The card network or scheme, such as visa or mastercard. Ravelin will identify the scheme on your behalf if you send the cardBin, which should be preferred.
|
important
A unique identifier for the physical card, shared between customers. Used
to link cards in Connect. Must not be a hash of the PAN.
If you use multiple PSPs who each generate their own equivalent of an
instrumentId, you should consider prefixing their values to indicate
their origin to avoid collisions. Common examples include Stripe's
fingerprint,
or Braintree's
unique_number_identifier).
|
pci, optional
The full Primary Account Number of the card. Used by Ravelin to determine the
instrumentId for this card. If specified, you do not need to provide instrumentId , cardBin
or cardLastFour .</br></br>
Only PCI DSS SAQ-D certified merchants should submit the PAN to Ravelin. You must not send requests
containing this field to api.ravelin.com , and must instead use pci.ravelin.com .</br></br>
Please see <a href='/guides/pci'>our PCI DSS documentation</a> for more information.
|
important
The first six digits of the card number/PAN. The Bank Identification
Number (BIN), recently more commonly known as the Issuer
Identification Number (IIN).
Given the BIN, Ravelin will populate the issuer, country of issuance,
and card type on your behalf.
|
important
The last four digits of the card number/PAN.
|
optional
The card issuer, who the true cardholder will report fraud to. Ravelin
will identify the issuer on your behalf if you send the cardBin ,
which should be preferred.
|
optional
Whether this is a prepaid debit card. Ravelin will identify whether
the card is prepaid on your behalf if you send the cardBin which
should be preferred.
|
optional
The country that the card was issued in. Ravelin will identify the
country of issuance on your behalf if you send the cardBin , which
should be preferred.
A ISO 3166-1 Alpha 3
or Alpha 2 country
code.
|
important
The expiry month of the card.
|
important
The expiry year of the card.
|
deprecated
The e-Wallet to which the customer associated the card.
One of:
applepay , googlepay , samsungpay , amazonpay , or visacheckout .
|
important
|
important
The address of the registered cardholder, as used to pass
AVS
checks. It is common to have fewer location details for this address,
but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
Whether this payment method is a corporate card.
|
optional
Whether this payment method is a virtual card.
|
successfulRegistration
boolean
optional
Whether the card was successfully registered with your gateway/PSP.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Whether the card has been compromised.
|
important
The reason why the card is considered compromised.
One of:
cloned , databreach , found , lost , stolen , frozen , defrosted , or uncompromised .
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this card is still saved to the customer's account.
|
deprecated
Whether this card has been banned.
|
deprecated
The nickname the customer has given the payment method.
|
deprecated
The card network or scheme, such as visa or mastercard . Ravelin
will identify the cardType on your behalf if you send the cardBin ,
which should be preferred.
|
|
paymentMethodCipher : An encrypted payment method, containing the full card details encrypted via a
Ravelin SDK.
Show definition
|
required
Client-side encrypted card payment method indicator.
Only:
paymentMethodCipher .
|
required, pci
The card ciphertext produced by the Ravelin SDK card encryption.
This field constitutes cardholder data, and submission of this field therefore requires PCI DSS
SAQ-A or SAQ-AEP certification. You must not send requests containing this field to
api.ravelin.com , and must instead use pci.ravelin.com .
Please see our PCI DSS documentation for more information.</p>
|
required
The AES Key ciphertext produced by the Ravelin SDK card encryption.
|
required
The algorithm used to generate the ciphertexts.
|
optional
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The version of the Ravelin SDK that performed this encryption.
|
optional
The index of the public RSA key used to encrypt the card.
|
optional
An identifier for the public key used during encryption.
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
When the payment method was added to the customer's account. Note: this is not the card start date.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
deprecated
The version of the ravelinjs library that performed this encryption.
|
|
cash : The customer is paying in cash, or a cash-based payment method.
Show definition
|
required
Indicator of a cash payment, or cash-based payment method (e.g. paysafecard).
Only:
cash .
|
optional
The name of the cash-based payment service used, if applicable.
|
|
bankaccount : Bank Accounts.
Show definition
|
required
Only:
bankaccount .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
The type of transfer: whether the customer is initiating the payment, or you are withdrawing funds from the customer's bank account based on an agreement to initiate payments on their behalf. Use "push" for a customer-initiated payment (e.g. a bank transfer) and "pull" for a merchant-initiated payment (e.g. Direct Debit).
One of:
push , or pull .
|
important
The name of the payment scheme or instrument used for the transfer of funds.
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
paypal : PayPal payments.
Show definition
|
required
Only:
paypal .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
|
important
|
optional
The address of the account holder. It is common to have fewer location
details for this address, but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
|
optional
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
If the payment method has been banned
|
deprecated
Whether the payment method is active for use by this account
|
|
credit : This payment method type should be used for any payments made using credit that a customer has with the merchant.
Show definition
|
required
Credit payment indicator.
Only:
credit .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The name of the store credit scheme used as a payment method, if applicable.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
invoice : This payment method should be used whenever the merchant provides credit to the customer.
Show definition
|
required
Invoice payment indicator.
Only:
invoice .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
important
The name of the invoice or 'buy now, pay later' scheme used, if applicable.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The email address used by the customer to register an invoice or 'buy now, pay later' payment method.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
wallet : A digital wallet payment method.
Show definition
|
required
Vault card payment method indicator.
Only:
wallet .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
The name of the digital wallet scheme or electronic payment service.
|
optional
The card network or scheme of the card used within a wallet payment method,
such as visa or mastercard. Ravelin will identify the cardScheme on your behalf
if you send the cardBin, which should be preferred.
|
important
A unique identifier for the physical card, shared between customers. Used
to link cards in Connect. Must not be a hash of the PAN.
If you use multiple PSPs who each generate their own equivalent of an
instrumentId, you should consider prefixing their values to indicate
their origin to avoid collisions. Common examples include Stripe's
fingerprint,
or Braintree's
unique_number_identifier).
|
pci, optional
The full Primary Account Number of the card. Used by Ravelin to determine the
instrumentId for this card. If specified, you do not need to provide instrumentId , cardBin
or cardLastFour .</br></br>
Only PCI DSS SAQ-D certified merchants should submit the PAN to Ravelin. You must not send requests
containing this field to api.ravelin.com , and must instead use pci.ravelin.com .</br></br>
Please see <a href='/guides/pci'>our PCI DSS documentation</a> for more information.
|
important
The first six digits of the card number/PAN. The Bank Identification
Number (BIN), recently more commonly known as the Issuer
Identification Number (IIN).
Given the BIN, Ravelin will populate the issuer, country of issuance,
and card type on your behalf.
|
important
The last four digits of the card number/PAN.
|
deprecated
The card network or scheme, such as visa or mastercard . Ravelin
will identify the cardType on your behalf if you send the cardBin ,
which should be preferred.
|
optional
The card issuer, who the true cardholder will report fraud to. Ravelin
will identify the issuer on your behalf if you send the cardBin ,
which should be preferred.
|
optional
Whether this is a prepaid debit card. Ravelin will identify whether
the card is prepaid on your behalf if you send the cardBin which
should be preferred.
|
optional
The country that the card was issued in. Ravelin will identify the
country of issuance on your behalf if you send the cardBin , which
should be preferred.
A ISO 3166-1 Alpha 3
or Alpha 2 country
code.
|
important
The expiry month of the card.
|
important
The expiry year of the card.
|
important
|
important
The address of the registered cardholder, as used to pass
AVS
checks. It is common to have fewer location details for this address,
but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
successfulRegistration
boolean
optional
Whether the card was successfully registered with your gateway/PSP.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this card is still saved to the customer's account.
|
deprecated
Whether this card has been banned.
|
deprecated
The nickname the customer has given the payment method.
|
|
fromTransaction : Refer to the payment method used by a named transaction.
For usage examples, see
Saving payment methods after checkout
and Associating refunds with payment methods.
Show definition
|
required
Only:
fromTransaction .
|
important
The transaction ID to look up the payment method from.
|
important
The gateway that the transaction was processed through.
|
important
The gateway ref provided by the gateway for the transaction.
|
optional
|
|
directdebit : Direct Debits. - deprecated.
Show definition
|
required
Only:
directdebit .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
Only:
directdebit .
|
required
The type of direct debit scheme.
One of:
autogiro , bacs , becs , becsnz , betalingsservice , or sepa .
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The unique reference issued for the direct debit mandate.
|
optional
A URL to access the direct debit mandate agreement.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
banktransfer : Bank Transfers. - deprecated.
Show definition
|
required
Only:
banktransfer .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
One of:
bancontact , eps , giropay , ideal , inghomepay , sofort , or sepa .
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
Others - deprecated.
Show definition
|
required
Other method type indicator.
One of:
voucher , bitcoin , transfer , paysafe , cheque , or edenred .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The nickname for the payment method that the customers gives, if applicable.
|
deprecated
If the payment method has been banned
|
deprecated
Whether the payment method is active for use by this account
|
|
Removal: Used for marking a saved payment method as removed from the account.
Show definition
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
False to indicate the payment method has been deactivated.
Only:
false .
|
|
important
One or more payment methods to be charged in completing the checkout process. Mutually exclusive with paymentMethod and paymentMethodId.
|
important
The ID of the primary payment method to be charged in completing the checkout process. Mutually exclusive with paymentMethod and paymentMethods.
|
important
An attempt to charge a payment method to pay or be refunded for an order. Mutually exclusive with transactions.
Show definition
|
important
A unique identifier for the transaction.
Required when sending a transaction before talking to the PSP, because the alternative gatewayReference cannot be known. If telling Ravelin about the transaction after processing it (as with a refund, for example) transactionId can be omitted in place of gateway and gatewayReference .
|
important
The time that the transaction is being attempted.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
important
|
optional
The currency of the amount of this transaction, as an ISO 4217 currency code.
Pattern: ^[a-zA-Z]{3}$
|
important
The type of transaction interacting with the payment method.
auth : An auth transaction is used to reserve funds on the customer's card without yet deducting it. Useful to verify whether the customer has sufficient funds in their account and reserving a limit when the final order price cannot be known. Sometimes known as a pre-auth.
capture : A capture transaction is used to immediately deduct authorised funds (up to the amount auth'd) from a customer's card.
auth_capture : A simultaneous combination of auth and capture in one transaction, for when there is no need to separately auth then capture. Typical with straight-forward "buy now"-style checkout.
refund : A refund transaction credit's a customer's payment method. If you do not know the payment method ID you are refunding to, but do know the original transaction, see Associating refunds with payment methods.
void : A void transaction is the explicit discarding of authorization of funds.
use , redeem : Deprecated. See voucherRedemption on /v2/chargeback or /v2/paymentmethod/voucher.
One of:
preauth , auth , capture , auth_capture , void , refund , redeem , or use .
|
important
The ID of the payment method to be charged in this transaction.
|
important
The gateway responsible for processing the transaction. Used to link to chargebacks. Usually only available after attempting the payment.
|
important
The reference given to this transaction by the processing gateway. Used to link to chargebacks. Usually only available after attempting the payment. Each transaction should have a unique gateway reference.
|
important
Whether the transaction successfully completed with no error.
|
optional
Details on how 3D Secure (3DS) was used to authenticate the transaction.
Show definition
|
optional
Set to true if the 3D Secure authentication process was initiated for the transaction. The 3DS process is considered initiated when a check is performed to confirm issuer and cardholder enrolment, before asking for a challenge to be performed.
This is set to false if the 3DS process was not initiated and the transaction proceeded to authorisation.
|
optional
Set to true if a step-up authentication was initiated, for example, the customer was asked to enter a password or use a form of biometric authentication.
If attempted is set to false , then challenged should be omitted. If attempted is set to true , and a challenge was not presented to the customer, then this field should be set to false .
In 3DS2, if a customer achieves a frictionless authentication this should also be set to false .
|
optional
Set to true if the customer was successfully authenticated using 3D Secure (either through frictionless authentication or a challenge) and the 3DS process was completed successfully.
This field should be set to false if the customer was unable to authenticate themselves during the challenge process, if an error occured, or frictionless authentication was not successful.
This field should be omitted if attempted is set to false .
|
optional
The time at which the customer was directed to 3DS.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the customer returned from 3DS.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Whether the customer is believed to have abandoned 3DS.
|
optional
The version of 3DS which was used to authenticate the customer. Either 1.0.2 or 2.1.0
|
optional
Whether the liability of the transaction resulting in a chargeback has moved from the merchant to the card issuer.
(See Liability Shift.)
|
authenticationValue
string
deprecated
This field is deprecated, we do not use it in the Ravelin platform.
|
optional
The Electronic Commerce Indicator (ECI) value returned by the issuer after authentication was attempted.
|
optional
The Transaction Status (transStatus) value received in the final authentication message. The final message type (PaRes, ARes, CRes) will vary depending on the version of 3DS and whether the customer was challenged.
|
optional
Provides information on why the transStatus field has the specified value. Will only be provided by the issuer when the transStatus value is N, U or R. (3DS 2 only)
|
optional
Identifies the type of message from which the transStatus value was received. (3DS 2 only)
|
optional
If the transStatus value is U the accompanying invalid request code (iReqCode) should be provided to further explain the reason authentication could not be performed. (3DS 1 only)
|
|
important
the decline code from the payment gateway, if applicable.
|
optional
A code returned from the payment gateway after an attempt to charge, if applicable.
|
optional
The result of AVS checks. You must have at least one of street or postal code.
Any of the following:
Show definition
|
optional
Compatible with common PSP codes
|
optional
Compatible with common PSP codes
|
|
|
|
optional
The result of CVV verification from the issuer, compatible with common PSP codes.
|
optional
|
optional
The merchant ID that the transaction was processed under. The merchant ID is used to identify you to your acquirer and the financial institutions that will be involved in processing the transaction.
|
optional
The acquirer is a financial institution with whom the merchant has a bank account.
|
optional
The BIN (Bank Identification Number) of the acquirer.
|
acquirerCountryCode
string
optional
The three letter country code of the country in which your acquirer will settle the payment.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this transaction is associated with a chargeback.
|
deprecated
The e-mail that the customer wants to be notified about this
transaction on.
|
deprecated
Deprecated in favour of amount . The debit amount of the
transaction in the lowest denomination of the currency.
|
deprecated
Deprected in favour of amount . The credit amount of the
transaction in the lowest denomination of the currency.
|
|
important
One or more attempts to charge a payment method to pay or be refunded for an order. Mutually exclusive with transaction.
Show definition
|
important
A unique identifier for the transaction.
Required when sending a transaction before talking to the PSP, because the alternative gatewayReference cannot be known. If telling Ravelin about the transaction after processing it (as with a refund, for example) transactionId can be omitted in place of gateway and gatewayReference .
|
important
The time that the transaction is being attempted.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
important
|
optional
The currency of the amount of this transaction, as an ISO 4217 currency code.
Pattern: ^[a-zA-Z]{3}$
|
important
The type of transaction interacting with the payment method.
auth : An auth transaction is used to reserve funds on the customer's card without yet deducting it. Useful to verify whether the customer has sufficient funds in their account and reserving a limit when the final order price cannot be known. Sometimes known as a pre-auth.
capture : A capture transaction is used to immediately deduct authorised funds (up to the amount auth'd) from a customer's card.
auth_capture : A simultaneous combination of auth and capture in one transaction, for when there is no need to separately auth then capture. Typical with straight-forward "buy now"-style checkout.
refund : A refund transaction credit's a customer's payment method. If you do not know the payment method ID you are refunding to, but do know the original transaction, see Associating refunds with payment methods.
void : A void transaction is the explicit discarding of authorization of funds.
use , redeem : Deprecated. See voucherRedemption on /v2/chargeback or /v2/paymentmethod/voucher.
One of:
preauth , auth , capture , auth_capture , void , refund , redeem , or use .
|
important
The ID of the payment method to be charged in this transaction.
|
important
The gateway responsible for processing the transaction. Used to link to chargebacks. Usually only available after attempting the payment.
|
important
The reference given to this transaction by the processing gateway. Used to link to chargebacks. Usually only available after attempting the payment. Each transaction should have a unique gateway reference.
|
important
Whether the transaction successfully completed with no error.
|
optional
Details on how 3D Secure (3DS) was used to authenticate the transaction.
Show definition
|
optional
Set to true if the 3D Secure authentication process was initiated for the transaction. The 3DS process is considered initiated when a check is performed to confirm issuer and cardholder enrolment, before asking for a challenge to be performed.
This is set to false if the 3DS process was not initiated and the transaction proceeded to authorisation.
|
optional
Set to true if a step-up authentication was initiated, for example, the customer was asked to enter a password or use a form of biometric authentication.
If attempted is set to false , then challenged should be omitted. If attempted is set to true , and a challenge was not presented to the customer, then this field should be set to false .
In 3DS2, if a customer achieves a frictionless authentication this should also be set to false .
|
optional
Set to true if the customer was successfully authenticated using 3D Secure (either through frictionless authentication or a challenge) and the 3DS process was completed successfully.
This field should be set to false if the customer was unable to authenticate themselves during the challenge process, if an error occured, or frictionless authentication was not successful.
This field should be omitted if attempted is set to false .
|
optional
The time at which the customer was directed to 3DS.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the customer returned from 3DS.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Whether the customer is believed to have abandoned 3DS.
|
optional
The version of 3DS which was used to authenticate the customer. Either 1.0.2 or 2.1.0
|
optional
Whether the liability of the transaction resulting in a chargeback has moved from the merchant to the card issuer.
(See Liability Shift.)
|
authenticationValue
string
deprecated
This field is deprecated, we do not use it in the Ravelin platform.
|
optional
The Electronic Commerce Indicator (ECI) value returned by the issuer after authentication was attempted.
|
optional
The Transaction Status (transStatus) value received in the final authentication message. The final message type (PaRes, ARes, CRes) will vary depending on the version of 3DS and whether the customer was challenged.
|
optional
Provides information on why the transStatus field has the specified value. Will only be provided by the issuer when the transStatus value is N, U or R. (3DS 2 only)
|
optional
Identifies the type of message from which the transStatus value was received. (3DS 2 only)
|
optional
If the transStatus value is U the accompanying invalid request code (iReqCode) should be provided to further explain the reason authentication could not be performed. (3DS 1 only)
|
|
important
the decline code from the payment gateway, if applicable.
|
optional
A code returned from the payment gateway after an attempt to charge, if applicable.
|
optional
The result of AVS checks. You must have at least one of street or postal code.
Any of the following:
Show definition
|
optional
Compatible with common PSP codes
|
optional
Compatible with common PSP codes
|
|
|
|
optional
The result of CVV verification from the issuer, compatible with common PSP codes.
|
optional
|
optional
The merchant ID that the transaction was processed under. The merchant ID is used to identify you to your acquirer and the financial institutions that will be involved in processing the transaction.
|
optional
The acquirer is a financial institution with whom the merchant has a bank account.
|
optional
The BIN (Bank Identification Number) of the acquirer.
|
acquirerCountryCode
string
optional
The three letter country code of the country in which your acquirer will settle the payment.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this transaction is associated with a chargeback.
|
deprecated
The e-mail that the customer wants to be notified about this
transaction on.
|
deprecated
Deprecated in favour of amount . The debit amount of the
transaction in the lowest denomination of the currency.
|
deprecated
Deprected in favour of amount . The credit amount of the
transaction in the lowest denomination of the currency.
|
|
optional
A voucher that is being used to pay for some of the order.
Show definition
|
required
A unique identifier for the voucher usage. A transactionId for vouchers.
|
required
The string customers actually see in their app.
|
required
|
required
The time that the customer is utilising the voucher.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
required
Whether the voucher has successfully been used by the customer.
|
optional
The currency of the value of this voucher, as an ISO 4217 currency code.
Pattern: ^[a-zA-Z]{3}$
|
optional
The time the after which the voucher can no longer be redeemed.
A unix timestamp as an
integer count of milliseconds, or nanoseconds since 1970-01-01T00:00
UTC.
|
optional
The type of the voucher. If REFERRAL , also set the referredId so
Ravelin will create a network of who has invited who.
One of:
REFERRAL , REACTIVATION , or GENERAL .
|
optional
The customerId of the customer who created this voucher.
|
optional
|
optional
Optional reason why the attempt was not successful.
One of:
EXPIRED , NOT_NEW_CUSTOMER , ALREADY_USED , ABUSER , SYSTEM_FAILURE , or MAX_ALLOWED_TIMES .
|
optional
The source of why the voucher failed.
One of:
RAVELIN , or CLIENT .
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
optional
Any vouchers that are being used to pay for some of the order.
Show definition
|
required
A unique identifier for the voucher usage. A transactionId for vouchers.
|
required
The string customers actually see in their app.
|
required
|
required
The time that the customer is utilising the voucher.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
required
Whether the voucher has successfully been used by the customer.
|
optional
The currency of the value of this voucher, as an ISO 4217 currency code.
Pattern: ^[a-zA-Z]{3}$
|
optional
The time the after which the voucher can no longer be redeemed.
A unix timestamp as an
integer count of milliseconds, or nanoseconds since 1970-01-01T00:00
UTC.
|
optional
The type of the voucher. If REFERRAL , also set the referredId so
Ravelin will create a network of who has invited who.
One of:
REFERRAL , REACTIVATION , or GENERAL .
|
optional
The customerId of the customer who created this voucher.
|
optional
|
optional
Optional reason why the attempt was not successful.
One of:
EXPIRED , NOT_NEW_CUSTOMER , ALREADY_USED , ABUSER , SYSTEM_FAILURE , or MAX_ALLOWED_TIMES .
|
optional
The source of why the voucher failed.
One of:
RAVELIN , or CLIENT .
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
important
The device used by the customer to trigger this update.
Show definition
|
required
The ID of the device used by the customer to trigger this update.
|
important
The IP address of the device connecting to your services. Used in fraud and account-takeover detection.
When extracting this IP address, consider X-Forwarded-For .
|
optional
|
important
The browser user-agent string, if the device represents a web browser - window.navigator.userAgent .
|
important
|
important
The operating system that the device is running.
|
optional
One of:
computer , phone , or tablet .
|
optional
|
optional
The geolocated position of the device.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The name of the web browser being used, if applicable. Prefer userAgent .
|
javascriptEnabled
boolean
deprecated
Whether Javascript is enabled on the web browser.
|
deprecated
Whether cookies are enabled on the web browser.
|
deprecated
The resolution of the screen on the device in the format XxY
|
|
important
The ID of the device used by the customer to trigger this update.
|
nationalIdentifications
array
optional
Identifications are used by online customers to verify their real-world
identity. These forms of identification can be authenticated with
government authorities or authorised third-parties to confirm the
credentials are legitimate. Extra steps should be taken to confirm the
customer is the legitimate holder of these credentials.
Show definition
|
optional
A driving license permitting the holder to operate one or more types
of motorized vehicle.
Show definition
|
required
The number unique to this piece of identification within the
jurisdiction country/state.
For privacy reasons, Ravelin recommends obfuscating the real number by
peppering and hashing it, using consistent one-way hashing function such
as SHA256.
|
jurisdictionCountry
string
required
|
optional
The controlling state within the controlling country for this form of
identification. Not just the licence holder's home state. Omit where
the identification is controlled by a country-level authority.
|
optional
The name of the identification holder.
|
|
optional
A passport certifying the identity and nationality of its holder
primarily for the purpose of international travel.
Show definition
|
required
The number unique to this piece of identification within the
jurisdiction country/state.
For privacy reasons, Ravelin recommends obfuscating the real number by
peppering and hashing it, using consistent one-way hashing function such
as SHA256.
|
jurisdictionCountry
string
required
|
optional
The controlling state within the controlling country for this form of
identification. Not just the licence holder's home state. Omit where
the identification is controlled by a country-level authority.
|
optional
The name of the identification holder.
|
|
optional
Show definition
|
required
The number unique to this piece of identification within the
jurisdiction country/state.
For privacy reasons, Ravelin recommends obfuscating the real number by
peppering and hashing it, using consistent one-way hashing function such
as SHA256.
|
jurisdictionCountry
string
required
|
optional
The controlling state within the controlling country for this form of
identification. Not just the licence holder's home state. Omit where
the identification is controlled by a country-level authority.
|
optional
The name of the identification holder.
|
|
|