Our recommended action. Use this to determine how you should handle the order. See source for the reason for this recommendation. One of:
ALLOW, REVIEW, or PREVENT. | The reason for our recommended action. Do not implement any logic based upon this field as we may add new values in the future without warning. Options: CHARGEBACK - The action was based the customer having at least one unforgiven dispute.LOOKUP - The action was based on finding the customer in our Lookup fraud database.MANUAL_REVIEW - The action was based on a manual review.NETWORK - The action was based on how the customer was connected in our Connect graph network.RATE_LIMIT - This request was rate-limited. The action was based on the default action for rate-limited requests.RAVELIN - The action was based on the payment fraud score and your thresholds. See score.RULE - The action was based on a rule.
| The fraud score produced by the machine learning model. A value between 0 and 100.
The higher the number the more fraudulently the model scored the customer. This may not be the source of the final recommendation, see source. | The ID of the customer to which this recommendation applies. | A unique ID for this score. | If transaction optimisation is enabled, and a transaction optimisation recommendation was requested,
this will contain the recommendation and related details. Show definition
| The identifier for the transaction, as provided in the request. | Our transaction optimisation recommendation for whether the transaction should be authenticated or sent straight to authorisation. One of:
AUTHENTICATE, or AUTHORISE. | The SCA exemption type to request for the transaction. One of:
TRANSACTION_RISK_ANALYSIS, or LOW_VALUE. | The preference for whether or not a 3DS challenge should be performed.
This field is only present if action is AUTHENTICATE. One of:
NO_PREFERENCE, NO_CHALLENGE_REQUESTED, CHALLENGE_REQUESTED, or CHALLENGE_REQUESTED_AS_MANDATE. | The source of the given recommendation. One of:
ML, CLIENT_RULE, COMPLIANCE, or NO_ACTION_SOURCE. | Indicates the effect that any compliance regulations had on the recommendation. Show definition
| Indicates the types of compliance regulations that affected the recommendation. | Indicates if we were able to optimise this transaction. | Indicates why a transaction is non-optimisable. Will only be present if optimisable is false. | Show definition
| Indicates a recommendation which was unavailable for the transaction for compliance reasons. Show definition
| One of:
AUTHENTICATE, or AUTHORISE. | One of:
LOW_VALUE, or TRANSACTION_RISK_ANALYSIS. |
| Indicates why this recommendation was unavailable for the transaction. |
|
| Indicates which rules were triggered to cause the given recommendation. Show definition
| An array containing the details of the rules which were triggered. Show definition
| The name of the rule which triggered to produce the action. | The ID of the rule which triggered to produce the action. | The version number of the rule which triggered to produce the action. | The action which the rule produced. One of:
NONE, AUTHENTICATE, or AUTHORISE. | The exemption which the rule produced. One of:
TRANSACTION_RISK_ANALYSIS, or LOW_VALUE. | The 3DS challenge preference which the rule produced. One of:
NO_PREFERENCE, NO_CHALLENGE_REQUESTED, CHALLENGE_REQUESTED, or CHALLENGE_REQUESTED_AS_MANDATE. | Whether the rule triggered. | The state of the rule when it executed.
An active rule is live, whereas a passive rule is in test mode. One of:
active, or passive. | Whether the recommendation from the rule is excluded for compliance reasons. |
|
|
| Contains an enriched AReq that can be passed on to your 3DS provider.
Please see the 3DS Data Enrichment guide
for more details. Show definition
| Contains AReq fields that can be passed on to your 3DS provider. Show definition
| Information about the cardholder's account. Show definition
| Length of time that the cardholder has had the account with the merchant. One of the following: 01 - No account (guest check-out)02 - Changed during this transaction03 - Less than 30 days04 - 30−60 days05 - More than 60 days
| Date that the cardholder opened the account. | Number of purchases by this cardholder account during the last six months. | Date that the payment method was added to the cardholder’s account. | Indicates the length of time since the payment method was added to the cardholder’s account. One of the following: 01 - No account (guest check-out)02 - During this transaction03 - Less than 30 days04 - 30−60 days05 - More than 60 days
| Number of transactions (successful and abandoned) by this cardholder account across all payment methods in the last 24 hours. | Number of transactions (successful and abandoned) by this cardholder account across all payment methods in the last year. | Indicates whether the 3DS Requestor has experienced suspicious activity (including previous fraud) on the cardholder account. One of the following: 01 - No suspicious activity has been observed02 - Suspicious activity has been observed
|
| Indicates whether a challenge is requested for this transaction. One of the following: 01 - No preference02 - No challenge requested03 - Challenge requested (3DS Requestor preference)04 - Challenge requested (mandate, e.g. required for PSD2 compliance)05 - No challenge requested (transactional risk analysis is already performed)10 - No challenge requested (utilise low value exemption)
| Merchant name assigned by the acquirer. Maximum length: 40 | Merchant category code. A card scheme specific code describing the merchant’s type of business, product or service. Required length: 4 | Indicates whether the billing address and shipping address are the same. One of the following: Y - Billing address matches shipping addressN - Billing address does not match shipping address
| First line of the billing address associated with the card used for this purchase. Maximum length: 50 | Second line of the billing address associated with the card used for this purchase. Maximum length: 50 | The city of the billing address associated with the card used for this purchase. Maximum length: 50 | ISO 3166-2 country subdivision code for the state or province of the billing address associated with the card used for this purchase. Maximum length: 3 | ZIP or other postal code of the billing address associated with the card used for this purchase. Maximum length: 16 | The numeric country code of the billing address associated with the card used for this purchase. Required length: 3 | First line of the shipping address requested by the cardholder. Maximum length: 50 | Second line of the shipping address requested by the cardholder. Maximum length: 50 | City of the shipping address requested by the cardholder. Maximum length: 50 | ISO 3166-2 country subdivision code for the state or province of the shipping address requested by the cardholder. Maximum length: 3 | The ZIP or other postal code of the shipping address requested by the cardholder. Maximum length: 16 | Numeric country of the shipping address requested by the cardholder. Required length: 3 |
|
| Warnings when the data you are sending may negatively impact fraud detection. Show definition
| Identifier for this warning. Format is [a-z-]+ so you can safely record it in your metrics system. | A link to more information about this class of warning and the impact of not resolving. | A description indicating why this warning has been issued. |
| In order to provide resiliency, on the rare occasion that Ravelin isn’t able to calculate a
fraud score, a cached score is used to determine the action.
If a cached score was used, this field will be true. | Specifies the time the score was originally calculated. Uses the format 2020-01-01T00:00:00.00000000Z. | rules
objectResponse Version 2 Contains details about the rules which were triggered by this customer. Show definition
| The action which would have been returned if all test rules were live. | An array containing the details of the rules which were triggered. Show definition
| The name of the rule which triggered to produce the action. | Whether the rule triggered. | The state of the rule.
If the rule is live mode, the state will be active.
If the rule is in test mode, the state will be passive. One of:
active, or passive. | The ID of the rule which triggered to produce the action. | The version number of the rule which triggered to produce the action. | The collections the rule belongs to. | The category of the rule which triggered to produce the action, as set in the dashboard when the rule was created. Options: payment - Rules created to reduce payment fraud or implement payment-related business logic.ato - Rules created to prevent account takeover.txOptimisation - Rules created to optimise transaction routing and manage strong customer authentication exemptions.refundAbuse - Rules created to prevent refund abuse.psp - Rules created to optimise payment service providers performance.supplier - Rules created to prevent supplier fraud.
| A human-readable explanation of why the rule triggered. | The action which the rule produced. |
|
| Contains details about the network the customer is connected to. Show definition
| Indicates that the customer was within a certain distance to fraud in the network.
The customer will have received a REVIEW or PREVENT payment fraud recommendation depending on their distance to fraud.
See their customer profile in the Ravelin dashboard for more details about their distance to fraud. |
| lookup
objectResponse Version 2 Contains details about the Lookup results for the customer. Show definition
| The payment fraud recommendation which was produced from the Lookup result.
May not be the final recommendation. One of:
REVIEW, or PREVENT. | Contains details about the Lookup results for the customer. Show definition
| If you have configured Lookup to only search a specific industry, this is the industry which was searched. | Indicates whether the customer has disputes in any of the Lookup results. | Indicates whether the customer has been reviewed as a fraudster in any of the Lookup results. | Contains details about the Lookup result found using the customer's email address. Show definition
| The email address found in Lookup. | Indicates the customer has disputes. | Indicates the customer has been reviewed as a fraudster. |
| Contains details about the Lookup result found using the customer's telephone number. Show definition
| The telephone number found in Lookup. | Indicates the customer has disputes. | Indicates the customer has been reviewed as a fraudster. |
| Contains details about the Lookup result found using the customer's IP address. Show definition
| The IP address found in Lookup. | Indicates whether the customer has disputes. | Indicates whether the customer has been reviewed as a fraudster. |
|
|
| market
objectResponse Version 2 Contains details about the market for the customer. Show definition
| The city that the customer belongs to, based on their latest order. Used for reporting and risk bucketing. This is populated from the order.marketCity field from the customer's latest order. | The country the customer is from, based on their latest order. Used for reporting and risk bucketing. This is populated from the order.country field from the customer's latest order. | The country-group market the customer belongs to. E.g. 'southamerica', 'europe', 'emea'.
Used for reporting and risk bucketing. This is populated from the order.market field from the customer's latest order. |
| Contains details about the machine learning fraud score thresholds. Show definition
| The review fraud score threshold.
If the fraud score is used to produce the recommendation,
a score above this threshold, but below the prevent threshold will produce a REVIEW recommendation. | The prevent fraud score threshold. If the fraud score is used to produce the recommendation, a score above this threshold will produce a PREVENT recommendation. |
| The ID of the order used to calculate the recommendation, typically the customer's latest order. | The ID of the transaction used to calculate the recommendation, typically the customer's latest transaction. | Ravelin is partnered with Mastercard Identity to enrich Ravelin's existing data with additional signals and insights. This object contains the data returned from Mastercard Identity. This is only present if returning Mastercard Identity data in the response has been enabled for your account. Show definition
| True if and only if enrichment was attempted but did not complete successfully (for example, because of a provider error or insufficient data). | When enrichmentFailed is true, may contain a short machine-readable reason (for example ENRICHMENT_ERROR or INSUFFICIENT_DATA). | Whether the primary email passed validity checks. The primary email is typically the main email address associated with the customer. | Days since the primary email was first seen by the Mastercard Identity network. If the email has not been observed before this will be 0. | Whether the primary email matches the expected name. Options: match - The email matches the expected name.no-match - The email does not match the expected name.not found - The email was not found in the Mastercard Identity network.
| The date that the domain (for example, "gmail.com") of the primary email was created. | Days since the primary email was last seen by the Mastercard Identity network. If the email has not been observed before this will be 0. | True if the IP address is considered risky, based on multiple IP data points and velocity calculations performed by the Mastercard Identity service. | Comprehensive risk score associated with an IP address, with a higher score indicating a riskier IP address. A number between 0 and 1 rounded to three decimal places. | Distance (in miles) between the IP address and the primary physical address. The primary physical address is typically the billing address associated with the order. | Distance (in miles) between the IP address and the secondary physical address. The secondary physical address is typically the pick-up or shipping address associated with the order. | Days since the IP address was last observed in the Mastercard Identity network. If the IP address has not been observed before this will be 0. | The ISO-3166 alpha-2 country code associated with the geolocation of the IP address. | Connection type associated with the IP address. Options: cable-dslcorporatecellulardialup
| Whether the primary phone number is valid. | The line type of the primary phone number. Options: landline - Traditional wired phone linefixed-voip - VOIP-based fixed line phonesmobile - Wireless phone linevoicemail - Voicemail-only servicetoll-free - Callee pays for callpremium - Caller pays a premium for the call (for example 976 area code)non-fixed-voip - Skype, for exampleother - Anything that does not match the previous categories
| Days since the phone number and IP address were last observed together in the Mastercard Identity network. If they have not been observed before, this will be 0. | Whether customer's name matches the name associated with the phone number in the Mastercard Identity network. | The company that provides voice and/or data services for the primary phone number. Carriers are returned at the mobile virtual network operator (MVNO) level. | The most granular level to which the address could be validated. For example, if the address
was only valid to the city level (but not to the house level), it would return valid_to_city. Options: missing_address - An input address was not providedinvalid - The input address is not validvalid - The input address is validvalid_to_country - The input address could only be validated to the country level. The country of the input address is valid, but the other elements of the input address were unable to be confirmed as valid or invalidvalid_to_city - The input address was validated to the city level. The country, state, city, and postal code of the input address are valid, but the street, house number, and subpremise of the input address were unable to be confirmed as valid or invalidvalid_to_street - The input address was validated to the street level. The country, state, city, postal code, and street of the input address are valid, but the house number and subpremise of the input address were unable to be confirmed as valid or invalidvalid_to_house_number - The input address was validated to the street and house number level. The country, state, city, postal code, street, and house number of the input address are valid, but the subpremise of the input address was unable to be confirmed as valid or invalidvalid_to_house_number_missing_apt - The input address was validated to the street and house number level. The country, state, city, postal code, street, and house number of the input address are valid, but the subpremise of the input address was missing and thus unable to be confirmed as valid or invalid
| Days since the primary address was first observed in the Mastercard Identity network. If the address has not been observed before, this will be 0. | Whether the customer's name matches the name associated with the primary address in the Mastercard Identity network. | Whether the secondary email passed validity checks. The secondary email may be an email associated with the order if it is different from the primary email. | Days since the secondary email was first observed in the Mastercard Identity network. If the email has not been observed before, this will be 0. | Whether the secondary phone number is valid. | Days since the secondary phone number and IP address were last observed together in the Mastercard Identity network. If they have not been observed before, this will be 0. | The most granular level to which the address could be validated. For example, if the address
was only valid to the city level (but not to the house level), it would return valid_to_city. Options: missing_address - An input address was not providedinvalid - The input address is not validvalid - The input address is validvalid_to_country - The input address could only be validated to the country level. The country of the input address is valid, but the other elements of the input address were unable to be confirmed as valid or invalidvalid_to_city - The input address was validated to the city level. The country, state, city, and postal code of the input address are valid, but the street, house number, and subpremise of the input address were unable to be confirmed as valid or invalidvalid_to_street - The input address was validated to the street level. The country, state, city, postal code, and street of the input address are valid, but the house number and subpremise of the input address were unable to be confirmed as valid or invalidvalid_to_house_number - The input address was validated to the street and house number level. The country, state, city, postal code, street, and house number of the input address are valid, but the subpremise of the input address was unable to be confirmed as valid or invalidvalid_to_house_number_missing_apt - The input address was validated to the street and house number level. The country, state, city, postal code, street, and house number of the input address are valid, but the subpremise of the input address was missing and thus unable to be confirmed as valid or invalid
| Days since the secondary address was first observed in the Mastercard Identity network. If the address has not been observed before, this will be 0. | Whether the customer's name matches the name associated with the secondary address in the Mastercard Identity network. | Comprehensive network score built on behavioral insights such as velocity, popularity, volatility, and age of an attribute, with a higher score indicating a riskier transaction. A number between 0 and 1 rounded to three decimal places. | Comprehensive identity risk score with a higher score indicating a riskier transaction. An integer between 0 and 500. |
|
|