Antifraud Fiserv

Required credentials#

As mentioned in the "Overview - Required credentials" chapter, each institution has credentials that must be obtained for the integration. Fraud Detect services demand the credentials below:

  • Private Key (Merchant Identification) - Private key of the merchant on Fraud Detect .
  • Public Key (Merchant Code) - Public key of the merchant on Fraud Detect .

IMPORTANT: The credentials above should be obtained from Fraud Detect . It is recommended to contact Fraud Detect and receive guidance on how to obtain the credentials. Then, the merchant should contact Carat Portal support and send the credentials to register on Carat Portal.

Web Hook URL Configuration#

In order for us to receive status updates from the risk analysis transactions, it is necessary to configure the Webhook URL on the Fraud Detect configuration environment.

Production URL:

https://esitef.softwareexpress.com.br/e-sitef/processarPost.se?src=fraud_detect

Homologation URL:

https://esitef-homologacao.softwareexpress.com.br/e-sitef/processarPost.se?src=fraud_detect

This URL must be configured for any status changes. To perform this configuration, please contact Fraud Detect Support.

Allowed card brands#

Fraud Detect supports any card brand.

IMPORTANT: Only credit transactions will be effectively analyzed by Fraud Detect . Debit transactions will be sent to the institution, but will only be stored for reporting and will not be analyzed.

Supported Carat Portal interfaces#

Fraud Detect anti-fraud parameters (Payment Link via HTML)#

For now, the data collected for the risk analysis will only be informed during the payer's checkout. Soon, new fields may be sent in the payment creation request.

Fields collected during Checkout#

The fields collected during checkout are:

FieldField DescriptionRequired
Primeiro Nome do CompradorFirst name of the payer.Yes
Sobrenome do CompradorFirst name of the payer.Yes
CPF do CompradorCPF of the payer.Yes
TelefonePhone number of the payer.Yes
E-mailEmail of the payer.Yes
Nome (como está no cartão)Name that is printed on the card used for the purchase.Yes
Endereco completoFull billing address.Yes
ComplementoComplement of the billing address.No
CEPZip code of the billing address.Yes
PaísCountry of the billing address.Yes
EstadoState of the billing address.Yes
CidadeCity of the billing address.Yes

Example#

Example of the HTML payment request with risk analysis at Fraud Detect :

{
"merchant_id": "FRAUDDETECT",
"merchant_usn": "803208495",
"order_id": "866705726000010",
"redirect": "A",
"style": "N",
"amount": "100000",
"authenticate": "0",
"transaction_type": "payment",
"payment_link": "true",
"additional_data": {
"currency": "BRL",
"anti_fraud": "enabled_after_auth"
}
}

Fraud Detect Anti-Fraudin the Payment Link via Portal#

To enable Fraud Detect anti-fraud for Payment Links generated by the Merchant Portal, please contact Carat Portal's support team.

Fraud Detect Antifraud via REST#

After finishing your registration on Carat Portal, enabling the antifraud service integration, when initializing a REST payment (learn more) or REST pre-authorization (learn more), the merchant must send the anti_fraud property and the antifraud parameters (depending on the institution you're using), both included in the additional_data object.

The anti_fraud field determines how the risk analysis will be applied and may contain the following values:

  • enabled_before_auth - The antifraud will be executed BEFORE the payment authorization. If the analysis is rejected, the payment won't be initiated. In the case of a pre-authorization with a non-SiTef routing, if the antifraud requires a manual analysis, the pre-authorization transaction will be confirmed, and it will be up to the merchant to decide whether to capture or cancel the transaction.
  • enabled_after_auth - The antifraud will be executed AFTER the payment authorization. If the analysis is rejected, the payment that was already authorized will be cancelled. In the case of a pre-authorization with a non-SiTef routing, the transaction will always be confirmed, and it will be up to the merchant to decide whether to capture or cancel the transaction.

For customers who are using REST, it is interesting to add the settings from the links below to improve risk analysis and also to obtain the visitor_id.

Fraud Detect antifraud parameters#

Below are described the antifraud parameters supported by Fraud Detect .

Note: If payer, shipment and billing_data structures are provided in the HTML call, they will not be requested in the checkout screen.

Additional transaction data. Shopping cart information Customer information Customer phone information Billing address information Shipment information Shipment address information Travel information Travel connections information Passengers information Hotel reservation information Hotel address information Hotel rooms information Hotel room guests information Event information Event venue information Event tickets information Event atendee information
ParameterDescriptionFormatMandatory
additional_data
visitor_idVisitor identifier obtained using Fraud Detect JavaScript.< 40 ANNO
additional_data
.items[]
unit_priceItem unit price in centsNO< 10 N
skuItem product codeNO< 100 AN
quantityItem quantityNO< 10 N
idUnique item identification, that may be its bar code or UPC.NO< 100 AN
titleProduct or service nameNO< 100 AN
discount_amountDiscount amount of the product in centsNO< 10 N
descriptionProduct descriptionNO< 100 AN
creation_dateIndicates the date of publication of the product on the merchant's site (Format: DD/MM/YYYY)NO= 10 AN
additional_data
.payer
idUnique customer identifier. It may be any value (sequential, document, e-mail), as long as it's consistent on future orders.YES< 100 AN
nameCustomer name.YES< 100 AN
surnameCustomer surname.YES< 100 AN
emailCustomer e-mail.YES< 100 AN
born_dateCustomer birth date (format : YYYY-MM-DDTHH:MM:SS)NO= 19 AN
identification_numberCustomer document numberNO< 100 AN
creation_dateAccount creation date on the site (format: DD/MM/YYYY )NO= 10 AN
is_new_clientBoolean that indicates if the customer is using a recently created account in this purchase.NO< 5 T/F
is_vip_clientBoolean that indicates if the customer is VIP or a frequent buyer.NO< 5 T/F
additional_data
.payer
.phones[]
ddiCustomer phone IDDNO< 100 AN
dddCustomer phone DDDNO< 100 AN
numberCustomer phone number.NO< 100 AN
additional_data
.billing_data
.address
street_nameBilling street name.NO< 255 AN
street_numberBilling street number.NO< 255 AN
complementBilling address complement.NO< 100 AN
cityBilling city.NO< 100 AN
stateBilling state.NO< 100 AN
zip_codeBilling zip code.NO< 100 A N
countryBilling country code, following ISO 3166-1 alfa-3.NO= 3 AN
additional_data
.shipment
nameName of the recipient.NO< 100 AN
surnameSurname of the recipient.NO< 100 AN
additional_data
.shipment
.address
street_nameDelivery street name.NO< 255 AN
street_numberDelivery street number.NO< 255 AN
complementDelivery address complement.NO< 255 AN
cityDelivery city.NO< 100 AN
stateDelivery state.NO< 100 AN
zip_codeDelivery zip code.NO< 100 AN
countryDelivery country code, following ISO 3166-1 alfa-3.NO= 3 AN
additional_data
.travel
transport_typeTravel transport type. (flight or bus)YES< 6 AN
expiration_dateExpiration date. (format: DD/MM/YYYY )NO= 10 AN
additional_data
.connections[]
journey_type
  • OUTWARD - outward journey
  • RETURN - return trip
YES< 7 AN
origin_cityOrigin city.YES, if transport_type=bus< 100 AN
destination_cityDestination city.YES, se transport_type=bus< 100 AN
fromIATA airport code of the origin airportYES, if transport_type=flight= 3 AN
toIATA airport code of the destination airportYES, if transport_type=flight= 3 AN
departure_dateDeparture date and time (format: YYYY-MM-DDTHH:MM:SS)YES< 17 AN
classSeat class name (Ex: economy, business or first)NO< 8 AN
class_codeSeat class code.NO< 20 AN
companyAirline name.NO< 20 AN
additional_data
.passengers[]
namePassenger first nameYES< 100 AN
last_namePassenger last nameYES< 100 AN
legal_documentPassenger document.YES< 100 AN
legal_document_typePassenger document type (5 = passport, any other number = id)YES< 8 AN
birth_datePassenger birth date (format: YYYY-MM-DDTHH:MM:SS)NO< 17 AN
nationalityPassenger nationality, following ISO 3166-1 alfa-3NO= 3 AN
is_frequent_travelerFrequent traveler booleanNO< 5 T/F
is_with_special_needsBoolean which indicates if it's a passenger with special needsNO< 5 T/F
frequent_flyer_cardLoyalty program typeNO< 255 AN
customer_classLoyalty program categoryNO< 255 AN
additional_data
.hotel_reservations[]
hotelHotel name.YES< 100 AN
categoryHotel category.NO< 100 AN
additional_data
.hotel_reservations[]
.address
street_name Hotel street name.NO< 255 AN
street_numberHotel street number.NO< 255 AN
complementHotel address complement.NO< 100 AN
cityHotel city.NO< 100 AN
stateHotel state.NO< 100 AN
zip_codeHotel zip code.NO< 100 AN
countryHotel country code, following ISO 3166-1 alfa-3.NO= 3 AN
additional_data
.hotel_reservations[]
.rooms[]
numberRoom number.NO< 100 AN
codeRoom codeNO< 100 AN
typeRoom type.NO< 100 AN
check_in_dateCheck-in date and time (format: YYYY-MM-DDTHH:MM:SS)YES< 17 AN
check_out_dateCheck-out date and time (format: YYYY-MM-DDTHH:MM:SS)NO< 17 AN
number_of_guestsNumber of guests.NO< 9999 N
board_basisFeeding regime.NO< 100 AN
additional_data
.hotel_reservations[]
.rooms[]
.guests[]
nameGuest name.YES< 100 AN
documentGuest document.NO< 8 AN
document_typeGuest document type:
  • cpf
  • rg
  • passport
  • id
  • other
NO< 8 AN
birth_dateGuest birth date (format: YYYY-MM-DDTHH:MM:SS)NO< 17 AN
nationalityGuest nationality, following ISO 3166-1 alfa-3.NO= 3 AN
additional_data
.events[]
nameEvent name.YES< 255 AN
dateEvent date and time (format YYYY-MM-DDTHH:MM:SS)YES< 17 AN
typeEvent type:
  • show
  • theater
  • movies
  • party
  • festival
  • course
  • sports
  • corporate
YES< 9 AN
subtypeEvent type details.NO< 255 AN
additional_data
.events[]
.venue
nameVenue nameNO< 255 AN
street_nameVenue street nameNO< 255 AN
street_numberVenue street numberNO< 255 AN
cityVenue cityNO< 255 AN
stateVenue stateNO< 255 AN
countryVenue country code, following ISO 3166-1 alfa-3.NO= 3 AN
capacityVenue capacityNO< 255 AN
additional_data
.events[]
.tickets[]
idUnique ticket identifier.NO< 255 AN
categoryTicket category:
  • student
  • senior
  • government
  • social
  • regular
YES< 10 AN
sectionTicket section.NO< 255 AN
premiumPremium ticket indicator.NO< 5 T/F
additional_data
.events[]
.tickets[]
.atendee
nameAtendee name.NO< 255 AN
documentAtendee document.YES< 100 AN
document_typeAtendee document type:
  • cpf
  • cnpj
  • rg
  • passport
  • other
NO< 100 AN
birth_dateAtendee birth date (format: YYYY-MM-DDTHH:MM:SS)NO< 17 AN

ATTENTION: Parameters that exist in payer, billing and shipment when not passed to the transaction creation service via additional_data, will be requested in the payment screen. If the parameters are passed in the transaction creation service, you will not be asked to fill in the fields on the payment screen.

Example#

Below is an example of a REST payment creation request with Fraud Detect risk analysis:

{
"merchant_usn": "2423423434",
"order_id": "2432342343",
"installments": "1",
"installment_type": "4",
"authorizer_id": "2",
"amount": "1300",
"additional_data": {
"anti_fraud": "enabled_before_auth",
"visitor_id": "XKhas09jcks",
"items": [
{
"title": "title1",
"quantity": "1",
"unit_price": "1111",
"description": "description1",
"id": "id1",
"discount_amount": "111",
"sku": "sku1",
"creation_date": "11/01/2011"
}
],
"payer": {
"name": "Marcos",
"surname": "da Silva",
"email": "marocs@dasilva.com",
"born_date": "1990-01-01T11:11:11",
"creation_date": "02/03/2004",
"is_new_client": "true",
"is_vip_client": "true",
"phones": [
{
"number": "333333333",
"ddd": "22",
"ddi": "11"
},
{
"number": "666666666",
"ddd": "55",
"ddi": "44"
}
],
"identification_number": "47764543004"
},
"shipment": {
"name": "Fernando",
"surname": "Bezerra",
"address": {
"zip_code": "98764312",
"street_number": "987",
"street_name": "Rua Shipment",
"complement": "ap. 587",
"city": "São Shipment",
"state": "MA",
"country": "BRA"
}
},
"passengers": [
{
"name": "Miguel",
"last_name": "Herrera",
"frequent_flyer_card": "frequentFlyerCard",
"legal_document_type": "1",
"legal_document": "12312312312",
"birth_date": "1980-07-28T10:40:00",
"customer_class": "customerClass",
"nationality": "BRA",
"is_frequent_traveler": "true",
"is_with_special_needs": "true"
}
],
"connections": [
{
"company": "Verde",
"class": "first",
"from": "GRU",
"to": "CGH",
"departure_date": "2023-09-07T07:09:00",
"journey_type": "OUTWARD",
"origin_city": "San Juan",
"destination_city": "Homero Lopez",
"class_code": "VIP"
},
{
"company": "Rosa",
"class": "economy",
"from": "BSB",
"to": "VCP",
"departure_date": "2022-10-21T16:39:00",
"journey_type": "RETURN",
"origin_city": "San Pablo",
"destination_city": "Juanito Cruz",
"class_code": "ECONOMY"
}
],
"hotel_reservations": [
{
"hotel": "Hotel Green Tree",
"address": {
"zip_code": "83392019",
"street_number": "529",
"street_name": "Rua Hoteleira",
"complement": "ap. 019",
"city": "San Hotel",
"state": "AC",
"country": "EN"
},
"rooms": [
{
"number": "902",
"code": "ROOM902",
"type": "King Size",
"check_in_date": "2020-01-09T12:30:00",
"check_out_date": "2020-01-19T13:00:00",
"number_of_guests": "1",
"board_basis": "Vegan",
"guests": [
{
"name": "José Aníbal",
"document": "98798798712",
"document_type": "cpf",
"birth_date": "12/03/1970",
"nationality": "BRA"
}
]
}
],
"category": "categoryhotel"
}
],
"billing_data": {
"address": {
"zip_code": "12341234",
"street_number": "666",
"street_name": "Rua Billing",
"complement": "ap. 2369",
"city": "São Billing",
"state": "AM",
"country": "BRA"
}
},
"travel": {
"transport_type": "flight",
"expiration_date": "2022-02-14T01:30:00"
},
"discount_info": "Informações de desconto",
"events": [
{
"name": "Evento de Rock",
"date": "2021-11-22T09:28:00",
"type": "show",
"subtype": "music",
"venue": {
"name": "Debicard Hall",
"street_name": "Rua do Evento",
"street_number": "928",
"city": "Jardinópolis",
"state": "MS",
"country": "DO",
"capacity": "300"
},
"tickets": [
{
"id": "12h374612h4h",
"category": "social",
"section": "Seção 1",
"premium": "true",
"attendee": {
"name": "Daniel Almeida",
"document": "71728293945",
"document_type": "other",
"birth_date": "03/10/1990"
}
}
]
}
]
}
}