Welcome to the Ravelin Travel API. Our mission for the API is to make it predictable, easy to understand and painless to integrate with. If there is anything you feel we can do to improve our API, make it easier to understand, or if you encounter any bugs or unexpected behaviour, please email api@ravelin.com and a Ravelin developer will get back to you as soon as possible.
Backfill - sending Ravelin historical data in order to tailor our system to your business
Scoring - acting on the recommendations that Ravelin provides
We highly recommend completing all three parts to get the best from Ravelin.
Connection
Events are sent to Ravelin as JSON objects to a POST endpoint over HTTPS:
https://api.ravelin.com/v2/...
Ravelin uses API keys to allow access to the API. The API key can be found under
the Settings menu in the dashboard. You can register a new Ravelin API key by
contacting your account manager. Ravelin expects the API key to be included in
the authorization header for all API requests i.e.
When submitting a JSON request, make sure to include the JSON mime-type:
Content-Type: application/json; charset=utf-8
# Using curl, pass the authentication header with each request
curl "https://api.ravelin.com/v2/auth/checktoken"\
-H "Authorization: token sk_live_XXXXXXXX"
Events
The endpoints are defined below are how you send data to the Ravelin system.
To create or update entities in Ravelin, send a POST request with the defined
JSON body to one of the endpoints described below.
We strive to represent everything relevant to the travel domain but if you think
you have domain data that is relevant to fraud but not represented
in our models then you may send this data via the custom field. You
will find this field on all of our properties. Data in the custom
field is not initially mapped to our internal properties, but we do periodically
check if there are any fraud signals that we can use to improve the scoring. If
so, we retroactively extract the data from all previous events that specified it,
without requiring you to send it again.
Use the custom field for anything you might want to tell us about a customer
which you think could contribute to determining whether or not it’s a fraudulent
account. If you are in any doubt as whether to send a field to Ravelin, you
should send it.
POST
/v2/travel/checkout (All-in-One)
The simplest, most reliable way to integrate Ravelin into your checkout flow is using our
checkout event endpoint. A single v2/checkout submission contains all customer, order, payment method and transaction information for a single payment attempt, and should be sent to Ravelin at the exact moment your customer attempts to complete their purchase. Having access to all of this information at once is not always possible in some systems, so we also support sending these entities individually using our other endpoints, but use of the checkout endpoint decreases the likelihood of pesky race-conditions and of overlooking parts of the payment journey.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
The customer navigating through the checkout process. Sending the customer identity in full during checkout is recommended to ensure Ravelin has all data. (See customers.)
The time that the customer registered. If this value is unknown, you can set it to 'now' - Ravelin will retain the earliest value you have sent for this customer ID.
A unix timestamp as an integer count of milliseconds or nanoseconds since 1970-01-01T00:00UTC.
The country the telephone number directs to. Note that the country is not an adequate replacement for the international dialing code in the Dominican Republic or Puerto Rico who have multiple dialing codes.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The wallet contents of the customer, in the form of an object whose keys are currencies and values the amount held in that currency, in the currency's basic units.
The actor who caused the status change e.g. buyer, merchant.
"merchant"
•
Accepted: The customer has submitted the order and you intend to fulfill it. This stage is useful if you provide the goods and services before taking payment. If you take payment immediately, you can consider the order fulfilled.
The total price for this order, including delivery and taxes, in the currency's basic units. This price should always equal the sum of each items', tickets', and rooms' price times quantity.
The country the order should be attributed to for reporting and risk bucketing. See markets. Should reflect the country segmentation that you use for your reporting internally, whether that's by billing or shipping address, for example.
The event the ticket is granting access to. This could be a access to an event, an attraction, or any other activity the customer is purchasing a ticket to attend.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The total price of the room in the lowest denomination of the currency. E.g.: cents for USD, pence for GBP. Must reflect the price eventually charged to the customer, so after all promo codes and discounts.
The individual the booking is registered under (i.e the individual who will be checking in to the hotel). Either the current customer or another individual who the customer is booking the room on behalf of.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Additional information regarding this booking, specifically relating to properties/amenities of the hotel. Before adding content here, check the regular 'hotel' schema object.
Additional information regarding this booking, specifically relating to properties/amenities of the room. Before adding content here, check the regular 'room' schema object.
This is an optional unique id to tie routes together. For example, You can tie a outbound and return route together with this. This way you can have multiple return tickets in one order and routes can be logically grouped together. This must be GLOBALLY UNIQUE
This is the list of travel legs taken by the passengers. It may contain any number of legs but must start at the first departure and end up at the final destination
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The payment that the customer is attempting to make, or has just attempted.
(See transactions.)
You are highly encouraged to mint an identifier for this customer's payment
attempt and use that to track the transaction before and after talking to
your PSP. Doing so enables the highest-resolution of reporting Ravelin offers.
Required when sending a transaction before talking to the PSP, because the alternative gatewayReference cannot be known. If telling Ravelin about the transaction after processing it (as with a refund, for example) transactionId can be omitted in place of gateway and gatewayReference.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Deprecated in favour of amount. The debit amount of the transaction in the lowest denomination of the currency. Required if credit and amount are not set.
Deprecated in favour of amount. The credit amount of the transaction in the lowest denomination of the currency. Required if debit and amount are not set.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device used by the customer to trigger this update.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
POST
/v2/travel/chargeback
A chargeback happens when a customer disputes a payment on their credit card
account. Communicate this event to Ravelin using the chargeback endpoint. This is a mandatory component of all integrations; our ability to predict fraud comes from our understanding of previous examples of fraudulent behaviour.
The PSP will associate two IDs with every chargeback: a unique identifier for
the chargeback itself, and the identifier for the original transaction that is
being disputed. It is the latter that must be sent in the gatewayReference
field, and it must correspond to a previously sent transaction.
If no transaction with a matching gatewayReference is found, this chargeback
is ignored.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
A reference to the transaction being disputed. Should match the gateway and reference fields supplied on the transaction object. Not required if you supply transactionId.
A reference to the transaction being disputed. Should match the transactionId supplied on the transaction object. Not required if you supply a gatewayReference.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the order the chargeback originated from. When provided instead of gatewayReference and transactionId, Ravelin will set the gatewayReference and transactionId to that of the first successful transaction of the order.
The ID of the customer this chargeback originated from. Ravelin will look this up from the transaction this chargeback originated from.
"abc-123-ZYZ"
Valid chargeback status strings:
status
Description
OPEN
The chargeback, retrieval, or pre-arb has been issued and no action has
been taken yet.
ACCEPTED
You have opted out of providing evidence for the chargeback or pre-arb.
DISPUTED
You have submitted evidence against the claim and are waiting for the
decision from the bank.
WON
The bank has ruled in your favor, and the funds should return to your
bank account within 2-3 business days.
LOST
The bank has not ruled in your favor, and the funds will remain with the
cardholder.
EXPIRED
The reply-by date to submit evidence has passed and you have forfeited
your right to dispute the case.
POST
/v2/travel/customer
When a customer registers, or changes their profile, send their info to the
customer endpoint. Creating a new customer and updating an existing customer is
the same operation; a POST to this endpoint is an upsert.
Customers are your users, the central entity that all Ravelin fraud detection
revolves around.
All fields except customerId are optional, but the more information, the
better. If you send the customerId field it will be considered an update.
Therefore a new property will overwrite any previously received property for this customer.
We keep all mutations so we will know the history of a customer but we use the
most up-to-date data to build the current customer profile.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
The time that the customer registered. If this value is unknown, you can set it to 'now' - Ravelin will retain the earliest value you have sent for this customer ID.
A unix timestamp as an integer count of milliseconds or nanoseconds since 1970-01-01T00:00UTC.
The country the telephone number directs to. Note that the country is not an adequate replacement for the international dialing code in the Dominican Republic or Puerto Rico who have multiple dialing codes.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The wallet contents of the customer, in the form of an object whose keys are currencies and values the amount held in that currency, in the currency's basic units.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device the customer is using. Mutually exclusive with the device.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
Location
Locations are time-series data: every time you attach a location to a customer,
we will record it separately, instead of overwriting the previous location.
You can send Ravelin data with street addresses, and we will reverse geocode to
obtain the latitude and longitude, or vice versa. If you have both, then that’s
fab.
Parameter
Type
Description
street1
string
First line of the street address.
street2
string
Second line of the street address.
neighbourhood
string
The neighbourhood of the location.
zone
string
The zone of the location.
city
string
The city/village/town of the location.
region
string
The state/county of the location.
country
string
The ISO 3166 country code (2- or 3-letter).
poBoxNumber
string
The PO box number, if applicable.
postalCode
string
The postal or zip code, if applicable.
latitude
double
The latitude of the location.
longitude
double
The longitude of the location.
custom
object
If you have any data about this location that does not fit in one of the
above fields, please specify it in the custom object.
POST
/v2/travel/order
When an order is started, or new information becomes available (e.g. the price
changes), send an order event. An order is an intent to purchase a good or service
from your business by a customer.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
The actor who caused the status change e.g. buyer, merchant.
"merchant"
•
Accepted: The customer has submitted the order and you intend to fulfill it. This stage is useful if you provide the goods and services before taking payment. If you take payment immediately, you can consider the order fulfilled.
The total price for this order, including delivery and taxes, in the currency's basic units. This price should always equal the sum of each items', tickets', and rooms' price times quantity.
The country the order should be attributed to for reporting and risk bucketing. See markets. Should reflect the country segmentation that you use for your reporting internally, whether that's by billing or shipping address, for example.
The event the ticket is granting access to. This could be a access to an event, an attraction, or any other activity the customer is purchasing a ticket to attend.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The total price of the room in the lowest denomination of the currency. E.g.: cents for USD, pence for GBP. Must reflect the price eventually charged to the customer, so after all promo codes and discounts.
The individual the booking is registered under (i.e the individual who will be checking in to the hotel). Either the current customer or another individual who the customer is booking the room on behalf of.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Additional information regarding this booking, specifically relating to properties/amenities of the hotel. Before adding content here, check the regular 'hotel' schema object.
Additional information regarding this booking, specifically relating to properties/amenities of the room. Before adding content here, check the regular 'room' schema object.
This is an optional unique id to tie routes together. For example, You can tie a outbound and return route together with this. This way you can have multiple return tickets in one order and routes can be logically grouped together. This must be GLOBALLY UNIQUE
This is the list of travel legs taken by the passengers. It may contain any number of legs but must start at the first departure and end up at the final destination
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
A temporary ID for a customer when the real account ID has yet to be minted. This must evenutally be sent in conjunction with a real customer ID to migrate the data into the full customer account.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device used by the customer to trigger this update.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
Order Status
Order statuses specify the current status of the order.
Parameter
Type
Description
stage
string
The most recent status of the order. Valid values:
pending, accepted, failed, cancelled, fulfilled, refunded.
reason
string
Status reason provides context to the order status. Valid values depend on the stage and are given in the table below.
actor
string
Status actor is the entity that caused the latest order status. You can use this string to provide additional information to your Ravelin dashboard users e.g. customerId123, order-cancelling-service, customerservice@company.com
Order Statuses
Valid reasons for different order status stages:
stage
Valid reason values
pending
None – omit reason field.
accepted
None – omit reason field.
failed
payment_declined,
seller_rejected,
system_error
cancelled
buyer,
seller,
merchant,
ravelin
fulfilled
None – omit reason field.
refunded
returned,
complaint
Item
Items describe the elements that make up an order, like the different items in a
shopping basket, or a single taxi ride. An item is always unique across orders,
even if it represents the same underlying thing you can buy. That is inferred
through equal SKU’s.
This means two orders can have an item with the same SKU, but different prices
or names, without any problems.
Item arrays are atomic blocks: to update one item in the basket, the entire
basket must be resubmitted.
To add a new item: send the entire new items array with the extra item. To
remove an item from a basket: resend the new items array, without that item.
Parameter
Type
Description
sku
string
A merchant specific identifier for an item or a service.
name
string
The name of the product that is being purchased.
price
integer
The price of the single item, if many bought, in the lowest denomination of the currency: e.g. cents for US dollars, pence for GB pound.
currency
string
The ISO 4217 currency code.
brand
string
The name of the brand that the item is from.
upc
string
The name of the Universal Item Code.
category
string
The highest level category that this item is sold in.
quantity
integer
The number of times this item is represented in the basket. 0 to remove.
custom
object
If you have any data about this item that does not fit in one of the
above fields, please specify it in the custom object.
POST
/v2/travel/paymentmethod
A customer registers a payment method. Whether successful or not, this
information is important.
Most of this information is provided by payment service providers after
tokenization of a card.
Note for Stripe customers: after tokenization, Stripe does not provide the BIN
number (first six digits). This number contains important information about the
bank (not the account), so if there is a way to obtain this directly from the
user input, before tokenizing the card, please send it along with the rest of
the post-tokenization Stripe response.
PCI certification is not required for handling of the BIN number or the last
four digits of a payment card.
A payment method is a way that a customer has registered or used to pay your
business. It could appear in multiple forms: card, cash, bitcoin,
voucher, etc.
Please do not send the the CVV code on the card. The
first six digits (the BIN) and the last four are fine. If you wish to send us
RAW card numbers please use the Ravelin vault
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
A temporary ID for a customer when the real account ID has yet to be minted. This must evenutally be sent in conjunction with a real customer ID to migrate the data into the full customer account.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device used by the customer to trigger this update.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
Saving Payment Methods after Checkout
When the paymentMethodId of the payment method you have sent to Ravelin is
unknown to your system – perhaps because you omitted the paymentMethodId when
using Client-Side Encryption, then you may
opt to refer back to a payment method via a transaction which used it.
For example, if a customer has successfully gone through the fraud check:
If the customer then opts to save the payment method to their account, you can
let Ravelin know its identifier in your system so that you can refer back to it
in future using only, for example, "paymentMethodId": "pm-123" by:
These fields exist on the payment method entity only when sending a
fromTransaction type. Either
transactionId or both gateway and gatewayReference are required.
POST
/v2/travel/transaction/before-psp
Transactions transfer money from the customer to the vendor, to fulfil an order.
One transaction usually fulfils an order, but not always (e.g. outstanding
credit, or split payments).
If a transaction event call is intended to get a fraud indication before the transaction is
placed with the PSP, some of the transaction properties won’t be available. In
that case, send us a preTransaction event instead. This event carries all the
information you have available just as a user clicked the “buy” button, but
before you’ve passed it through to the PSP.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Required when sending a transaction before talking to the PSP, because the alternative gatewayReference cannot be known. If telling Ravelin about the transaction after processing it (as with a refund, for example) transactionId can be omitted in place of gateway and gatewayReference.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Deprecated in favour of amount. The debit amount of the transaction in the lowest denomination of the currency. Required if credit and amount are not set.
Deprecated in favour of amount. The credit amount of the transaction in the lowest denomination of the currency. Required if debit and amount are not set.
A temporary ID for a customer when the real account ID has yet to be minted. This must evenutally be sent in conjunction with a real customer ID to migrate the data into the full customer account.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
Required when sending a transaction before talking to the PSP, because the alternative gatewayReference cannot be known. If telling Ravelin about the transaction after processing it (as with a refund, for example) transactionId can be omitted in place of gateway and gatewayReference.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Result code of address or cvv verification by issuer, compatible with common PSP codes
One of:
M, N, U, I, A, E, pass, fail, unavailable, unchecked, 0, 1, 2, 4, 8, P, S, 3, 5, 6, missing, issuer_not_certified, issuer_not_signed_up, or not_checked.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Deprecated in favour of amount. The debit amount of the transaction in the lowest denomination of the currency. Required if credit and amount are not set.
Deprecated in favour of amount. The credit amount of the transaction in the lowest denomination of the currency. Required if debit and amount are not set.
A temporary ID for a customer when the real account ID has yet to be minted. This must evenutally be sent in conjunction with a real customer ID to migrate the data into the full customer account.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device used by the customer to trigger this update.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
Verification Result Code
CVV, ZIP code and street name verification is handled in similar fashion by most
PSPs: a single letter (or short string) per check indicating the result of that
specific check. Ravelin accepts strings as supplied by Braintree, Stripe and
similar PSPs; please ensure you set the correct value in the
transaction.gateway field so we can properly interpret the result code value.
The result code can be one of: M, N, U, I, A, pass, fail,
unavailable, or unchecked.
AVS Result Code
Address verification is a compound check: both the street name and ZIP code are
independently verified, and both get an independent result code from your PSP:
Transaction Type
Card transactions come in various flavours, the most common being auth and
capture. Ravelin supports this model by accepting multiple separate
transactions for each step of the payment, as it happens on your system.
Type
Description
auth
An auth transaction only reserves the funds on the customer's account without deducting them from their account. Useful to verify if the customer has sufficient funds on their account without actually deducting the money, or to reserve a limit amount when the final order price is not known when the customer clicks "order" (e.g. a taxi ride with a pick-up location, but without destination). Sometimes called preauth.
capture
A capture transaction deducts funds from the customer's account using auth. The maximum amount that can be captured is what was previously reserved in the auth, but anything lower is OK.
auth_capture
A combination of both auth and capture in one transaction. For when there is no need to reserve money without also deducting it from the account. E.g. a straight-forward "buy now" button for a service that is immediately delivered, like food delivery.
void
Used for voiding an auth.
refund
Credit a customer's account. Will typically with have a new transactionId but the same gateway reference.
Refund Transaction Payment Methods
When sending a refund transaction it can be useful to refer back to the payment
method by the transaction which originally debited the card. For example, if a
customer has successfully gone through the fraud check:
This is available through the fromTransaction payment method
type on the transaction, which requires
either a transactionId or a gateway and gatewayReference.
POST
/v2/travel/login
If previous events for this customer were sent as anonymous events (with a
tempCustomerId instead of a customerId), set the tempCustomerId field here
to tie those together.
Optionally, if there is device information available, send Ravelin information
about the device the customer is using in this event.
A device is a physical object that a customer uses to interact with your
application. Examples include a mobile phone, tablet or laptop.
The deviceId can come directly from the device, or it can be a unique ID your
business defines.
The time at which this data playload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp as an integer count of milliseconds, or nanoseconds since 1970-01-01T00:00UTC.
A temporary ID for a customer when the real account ID has yet to be minted. This must evenutally be sent in conjunction with a real customer ID to migrate the data into the full customer account.
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
Custom data that is relevant to your domain. This can be any json object. Please include any details that you think are relevant to fraud that our schema does not capture
The ID of the device used by the customer who just logged in. Mutually exclusive with device.
"65fc5ac0-2ba3-4a3b-aa5e-f5a77b845260"
Markets
The market for a customer can be specified using the market, country & marketCity on customer and order events. If any of these three fields is non-empty on the customer, then the effective market for the customer is specified by the values on the customer. If all three fields are empty on the customer, then the effective market for the customer is specified by the fields on their latest order. We recommend you set values for these fields either on customer events, or on order events, but not on both.
The effective market for a customer is used in reporting, risk thresholds, for model features, and for segmenting customers in the dashboard.
We recommend you use market, country & marketCity in a hierarchical manner, with market specifying the region (e.g. europe, emea, apac, etc).
Anonymous activity
Events can occur before a customer ID is known. For example: adding items to a
shopping cart, and only being shown a “login or register now” form at check-out
time; the cart events will not have an associated customerId.
For these events, there is the tempCustomerId field: it can occur at the
top-level of most events which accept a customerId. This field should contain
a session ID (or otherwise consistent value that will be used to later tie the
events to a real customer, at log in time).
When a customer logs in (or registers), send a “log in event” (see above) to tie
all previous tempCustomerId events to a real customer.
Except for the log in event, the tempCustomerId and customerId fields are
mutually exclusive.
Device Tracking
Ravelin’s Device Identification & Tracking API for web browsers, written in JavaScript, sends user activity directly from your website to Ravelin. This includes information about the device, pages viewed, and actions taken. Custom events can be tracked to ensure any subtleties are tracked.
The tracking library requires a Public API Key which can be sent to users’ browsers. The Public API Key is a write-only authorisation token which cannot be used to read data from Ravelin.
Authenticating Requests
Authenticating with the client-side libraries require the use of your publishable API key which begins publishable_key_... or pk_....
Getting Started
Embed the script with your Public API Key by including the following script snippet at the bottom of your HTML pages:
<script>
(function(r,a,v,e,l,i,n){r[l]=r[l]||function(){(r[l].q=r[l].q||[]).push(arguments)};i=a.createElement(v);i.async=i.defer=1;i.src=e;a.body.appendChild(i)})(window,document,'script','https://cdn.ravelin.net/js/rvn-beta.min.js','ravelin');
ravelin('setApiKey', 'your-api-key');
// ravelin('setCustomerId', '$CUSTOMER_ID'); (See below).
// ravelin('setCookieDomain', '.$MYDOMAIN'); (See below).
</script>
The following configuration options are supported:
ravelin('setCustomerId', '$CUSTOMER_ID') will file tracked events under a particular customer account. This is not required to track anonymous activity, but is expected when the customer is logged in. Should be set before calling any track methods on every page where we know the customer.
ravelin('setCookieDomain', '.$MYDOMAIN') will store the cookies under the named domain so that it can be shared between subdomains.
Tracking
With the script installed and configured we are now ready to send events to Ravelin. The following events should be triggered by your app:
ravelin('trackPage', {meta}) to indicate when the user hits a new page. You are encouraged to add metadata to describe the page that the user has landed on (such as search terms), especially if the URL does not contain that information.
ravelin('trackLogin', {meta}) to indicate that the user has just authenticated themselves. Separate setCustomerId calls should remain.
ravelin('trackLogout', {meta}) to indicate when the user has signed out of their session.
And from the checkout page we should call:
ravelin('fingerprint')
Custom Events and Metadata
The track method can be used to log notable client-side events:
ravelin('track', 'eventName', {meta})
Where the URL of a page does not fully describe the data contained within, custom track events can be used to provide Ravelin with that information. On a search results page reached with form POST, for example, you can send the user query with:
Ravelin’s device ID is made available to your server, and should be used as the deviceId in server-side requests made for the current session. This allows Ravelin to identify which customer orders were made from which device.
Beta Guarantee
Note that the library snippet included above is using rvn-beta.min.js - the beta release of Ravelin’s page-tracking. The API is intended to be released as-is when shipped as latest, but this is not guaranteed.
Upgrading from Live Version
The ravelinUuid cookie is being renamed to ravelinDeviceId.
The ravelin('send') call should be replaced with ravelin('fingerprint').
Vault
The vault must be used whenever sending raw card numbers to Ravelin.
By sending full card numbers to Ravelin we are able to match cards across our entire network
and catch more fraudsters before a transaction takes place. Please note the different sub-domain:
https://vault.ravelin.com.
There are two ways to send the raw card number (the “PAN”) to the Ravelin Vault:
directly from the client, or through your server. Which method is right for you
depends on whether or not you already send the raw PAN to your own servers, or
if you don’t (e.g. using a “hosted checkout page”).
If you already have the PAN available on your own servers (even without storing
it), you can send it directly to Ravelin in any event that would normally accept
a paymentMethod field.
The API for these endpoints are very similar to the regular API, with only a few
differences:
no cardBin and no cardLastFour on the paymentMethod entity,
a pan field on the paymentMethod entity,
the hostname is not api.ravelin.com but vault.ravelin.com
The full schema for a paymentMethod entity on the vault:
Parameter
Type
Description
instrumentId
string
Unique identifier for this card, consistent across users (e.g.
Stripe's fingerprint, or Braintree's unique_number_identifier). This still makes sense on the vault, as long as you use
your PSPs identifier here, and not the Ravelin Card token from the public facing
Ravelin Vault.
nameOnCard
string
Name to which the card is registered (as printed on the card)
cardBin
string
The BIN (leading six digits) of the card. Not always available, but strongly recommended when it is.
cardLastFour
string
The last four digits of the card
pan
string
The full, raw card number (only on the vault!)
cardType
string
The scheme of the card: visa, amex, etc.
expiryMonth
integer
The expiry month as MM.
expiryYear
integer
The expiry year as YYYY.
successfulRegistration
boolean
Whether the payment method was successfully registered with the PSP (e.g. passed verification)
issuer
string
The issuer of the payment method: e.g. barclaycard
If you never send the full card number from the client (browser or app) to your
own servers (e.g. by using a hosted payment page), you will need to use the
public tokenization API for the Ravelin Vault.
This is a three-step process:
The client sends the full PAN to the Ravelin vault, and gets a token
The client sends this token back to the server
The server sends a regular Ravelin event to the regular, non-vault Ravelin
API, but using the vault token to identify the card.
Using your secret key for the vault will not work. Otherwise, your users would
be able to read them, and use them to get full access to the entire Ravelin API.
The publishable key only allows write access to the vault, no read access.
The vault token you receive from the Ravelin Vault is not under PCI scope, so
you don’t need to worry about having credit card numbers on your servers.
In both cases, the score payload is a JSON object with the same schema:
Parameter
Type
Description
customerId
string
Identifier for this customer, as supplied by the client
action
string
Action to take for this customer, according to Ravelin. One of ALLOW, REVIEW, PREVENT
score
int
Ravelin score for this customer as an integer. Debugging purposes only
source
string
Source of the score, e.g. RAVELIN or MANUAL_REVIEW
scoreId
string
Unique identifier for this score or callback
comment
string
In the case of manual review, this is the comment left by the reviewer on this particular review action. E.g.: "Definitely not a fraudster, I know him personally", or "I know this person from another account, infamous fraudster"
Requesting a score
Events sent to Ravelin using POST requests get an empty response body
by default. The information is stored in our system and no further action is
taken during the request.
To force an immediate rescoring based on the information received up to and
including an event: add the ?score=true query parameter. For example, the
/v2/order endpoint becomes:
Force immediate recalculation of the score and return it
The score will be calculated based on the information in this event, and in all
events previously received and met with a 200 OK status.
Suggested score handling
The ?score=true query parameter is available on every event endpoint. Specify
it when you want to make a decision during an order flow about where to go,
based on the fraud score: allow regular check-out, or send down an extra
validation path?
The most important field in the payload is action:
on this action
In your system
ALLOW
Allow this order to proceed
REVIEW
Take extra validation steps for this order (e.g. put the customer through 3D Secure)
PREVENT
Prevent this order
Other fields are provided for analytic and debugging purposes.
When the fraud status of one of your customers changes, Ravelin sends you a
callback.
This can happen for a variety of reasons, including but not limited to:
A customer is manually reviewed through the dashboard, or
An event is received through the API, or
We discover a fraud network, and some of them exist in your system, or
Machine learning models are updated.
Any of these will cause a HTTPS request to your system. The body is a JSON
blob, with the same semantics as the response to scored POST requests (see
above).
Suggested callback handling
The most important field in the payload is action:
on this action
In your system...
ALLOW
Unban this customer if they are currently banned
REVIEW
Take no immediate action, but review this customer on Ravelin
PREVENT
Ban this customer
Configuration
Callbacks are configured in the dashboard under Settings → Integrations →
HTTP.
Callbacks can be configured to supply an additional Authorization header to your
system. This will be prefixed with token + a space. E.g. if you configure
abcdef123 as the token, this header will be added to the HTTPS request:
Authorization: token abcdef123
Label
The Label API allows you to change the status of a customer. This can be used to tie your own customer management tools into Ravelin.
Sending this label is the same as pressing the Genuine or Fraudster button in the Ravelin Dashboard.
POST
/v2/travel/label/customer
{
"customerId": "customer1",
"label": "GENUINE",
"comment": "This customer called up and we have determined he is not a fraudster",
"reviewer":{
"name": "Bilbo Baggins",
"email": "bilbo.b@shiremail.com"
}
}
This is an optional api integration. You may manage these labels completely within the Ravelin Dashboard. This is simply a helper API so you can integrate labeling in your own tools.
Parameter
Type
Description
customerId
string
The unique identifier of this customer in your system.
label
string
The label for this customer. Must be one of:
UNREVIEWED, GENUINE, FRAUDSTER
The reviewer is the person who is doing the review. Their details will appear in the audit log on the dashboard so you are able to see who did this review and why.
Parameter
Type
Description
name
string
The name of the person doing the review
email
string
The email of the person doing the review
Tag
The Tag API allows you to change the tags attached to a customer. This can be used to tie your own customer management tools into Ravelin.
When a tag is attached to a customer it will apply the label (GENUINE, FRAUDSTER) associated with that tag to that customer as well.
Calling this api is the same as setting a tag in the Ravelin Dashboard.
Attaching a tag to a customer is done by posting to this endpoint with the body filled with customerId and an array of tagNames as shown below.
This will attach the tag and respond with the full list of attached tags and the label for that customer.
Parameter
Type
Description
customerId
string
The unique identifier of this customer in your system.
To remove a tag, call delete on the tag customer endpoint. This will remove the tag. the tagName field may be a single tag or a comma
separated list of tags. This returns the same body as given by the POST endpoint.
GET
/v2/travel/tag/customer?customerId=[id]
This returns the tags for a specific customer. This returns the same body as given by the POST endpoint.
Backfill
Backfill is the process of sending your historical data to Ravelin.
We will use the backfill data to train a model which uniquely
identifies the fraud you are experiencing. This model will then be used to
evaluate your live data.
However, it is only worth doing backfill if your historical data
is representative of your live data. If not, the
model which is trained won’t accurately detect fraud in your live data.
If your backfill data is not representative of your live data, or if you don’t have a
enough backfill data, and you are receiving enough enough traffic through your platform,
it may be preferable to just collect live data and use that to train a model instead.
Please speak to our integrations team about whether this is an option for you.
If you choose to proceed with backfill we recommend that you start sending us live
data before performing the backfill, but don’t request scoring. This means you will avoid
a gap in data during the period between completing your backfill and when we finish preparing your fraud model.
If performing backfill these are the steps you should follow:
Start sending us all live events with scoring set to score=false.
Perform the backfill and wait for us to confirm your fraud model has been generated.
Switch your live events to use score=true for those you wish to score.
Requesting a score only works for known customers, which is why we recommend
you complete backfill before enabling scoring.
Backfill Endpoints
In order to perform the backfill you should send data to our backfill
API endpoints. Every one of our primary API endpoints has an equivalent
backfill endpoint. These endpoints receive data in exactly the same
format as our primary API endpoints. Fields which are required by the
primary API are also required by the backfill API. For details about the format
see the documentation for each of the primary API endpoints.
Send only if you have sent payment methods and have the
transaction's paymentMethodId.
Make sure you send all transactions, including successful, disputed and failed.
Send only if you have sent orders, and you have the chargeback's
orderId.
Timestamps on Backfill Data
Timestamps should be provided for all backfill data. If a timestamp isn’t
available for an entity, a timestamp from a related entity can be used instead.
For example, if you don’t have the registration time for a customer the time
of their first order could be used instead. Regardless of their source, make
sure all timestamps for backfill data are in the past so that they don’t conflict
with live events.
Rate Limiting During Backfill
The rate limits for the backfill endpoints are much higher than the rate
limits for the primary endpoints so you needn’t worry about being rate limited
during backfill.
Errors
Ravelin uses conventional HTTP response codes to indicate success or failure of an API request. In general, codes in the 2xx range indicate success, codes in the 4xx range indicate an error that resulted from the provided request and codes in the 5xx range indicate an error with Ravelin’s system.
# Typical Error Response
{
status: 403,
message: "Invalid Request: API Key Incorrect. Please check your credentials and try again"}
HTTP Code
Meaning
200
OK -- Everything worked as expected.
400
Bad Request -- Often missing a required parameter, e.g. customerId.
401
Unauthorized -- Your API key is wrong.
403
Forbidden -- The resource requested is hidden for administrators only.
404
Not Found -- The specified resource could not be found.
405
Method Not Allowed -- Often you are not POSTing a request.
406
Not Acceptable -- You requested a format that isn't JSON.
429
Too Many Requests -- We're rate limiting your usage of the API.
500
Internal Server Error -- We had a problem with our server. Please try again later.
503
Service Unavailable -- We're temporarily offline for maintenance. Please try again later.
504
Service timeout -- We are temporarily offline or over capacity. Please try again later.