Home

Overview

Fraud notification service

After a successful transaction with antifraud (payment status CON, PPC, PPN or EST), the merchant may identify that, in reality, a fraud occurred. In this case, the merchant can call the fraud notification service to warn the risk analysis institution about this occurrence. This will refine the analysis process of said institution, making it more accurate and preventing more frauds in the future.

Currently, this API supports the following antifraud institutions:

  • Konduto
  • Fraud Detect
  • ClearSale REST

Call details#

  • Resource: /v1/transactions/{nit}/fraud
  • HTTP method: POST
  • Request format: JSON
  • Response format: JSON
  • Header parameters:
ParameterDescriptionFormatMandatory
merchant_idMerchant code on Carat Portal. The production and certification codes will be different.< 15 ANYES
merchant_keyMerchant authentication key on Carat Portal. The production and certification keys will be different.< 80 ANYES
Content-TypeIt must be sent with the value application/json.= 15 ANYES

Examples#

Below is an example of a fraud notification service call using the cURL tool.

Request:

To use this example, don't forget to define the variable {{url}} with the value
esitef-homologacao.softwareexpress.com.br

curl
--request POST 'https://{{url}}/e-sitef/api/v1/transactions/1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr/fraud'
--header 'Content-Type: application/json'
--header 'merchant_id: xxxxxxxx'
--header 'merchant_key: xxxxxxxxxxx'
--data '{
"marked_data": [
"account_key_hash",
"customer_account_id",
"customer_email"
]
}'
--verbose
**Response:**
```json
{
"code": "0",
"message": "OK. Transaction successful.",
"analysis": {
"code": "100",
"message": "ACCEPT"
}
}

Request parameters#

ParameterDescriptionRequired
marked_dataInforms which fields will be relevant to inform CyberSource that this transaction was a fraud attempt.

This field receives a list of values. Ex: "marked_data":["account_key_hash","customer_account_id","customer_email"]

Fields that can be informed:
  • account_key_hash
  • customer_account_id
  • customer_email
  • customer_idaddress
  • customer_phone
  • device_fingerprint
  • ship_address
NO

Response parameters#

If successful, the HTTP response code will be 201. Any other code must be interpreted as an error. The table below describes the response parameters of the fraud notification service:

ParameterDescriptionFormat
codeCarat Portal response code. Any code different from 0 means failure. Learn more.< 4 N
messageCarat Portal response message.< 500 AN
analysis
codeRisk analysis institution response code.< 4 N
messageRisk analysis institution response message.< 500 AN