It is important to understand the different ways you can integrate our payment fraud system into your payment flow.
Each of the options are explained below.
Requesting recommendations before authorisation
This is our recommended payment flow integration.
The diagram below shows the payment flow for requesting a recommendation before authorisation.
This payment flow integration can allow us to help you decide which customers to send to 3DS,
and also allows you to avoid the cost of authorising payments which we recommend preventing.
sequenceDiagram
participant Customer Device
participant Your Server
participant Ravelin
participant Payment Gateway
Customer Device ->> Your Server: Attempt payment
Your Server->>Ravelin: Request recommendation
Ravelin -->> Your Server: Recommendation
opt If recommendation = ALLOW
Your Server->>Payment Gateway: Authorise and capture payment
Payment Gateway-->>Your Server: Authorise and capture response
end
opt If recommendation = REVIEW
Your Server->>Payment Gateway: Initiate 3DS
Payment Gateway-->>Your Server: 3DS Response
opt If 3DS Response = success
Your Server->>Payment Gateway: Authorise and capture payment
Payment Gateway-->>Your Server: Authorisation and capture response
end
end
Your Server-->>Customer Device: Payment Response
Requesting recommendations after authorisation
The diagram below shows the payment flow for requesting a recommendation after authorisation,
but before you capture the payment.
You can only use this payment flow if you authorise and capture the payment separately.
sequenceDiagram
participant Customer Device
participant Your Server
participant Ravelin
participant Payment Gateway
Customer Device ->> Your Server: Attempt payment
Your Server->>Payment Gateway: Authorise payment
Payment Gateway-->>Your Server: Authorisation response
opt If authorisation = success
Your Server->>Ravelin: Request recommendation
Ravelin -->> Your Server: Recommendation
opt If recommendation = ALLOW
Your Server->>Payment Gateway: Capture payment
Payment Gateway-->>Your Server: Capture response
end
end
Your Server-->>Customer Device: Payment Response
Multiple checkout attempts
It is very common for fraudsters to have multiple failed checkout attempts.
Details of all these attempts must be sent to Ravelin so we can learn and block subsequent orders
and track fraudulent signals between purchases.
Update us on failed transactions by sending requests to our Checkout Endpoint,
and updating the transaction field.
Only prevent customers which we recommend that you prevent.
You should allow customers to attempt to place orders even if you are confident that the transaction will fail.
The data we gather from each payment attempt is useful to help prevent future attacks.