Payments with fraud analysis
Analyze the fraud risk in an online payment
When making a payment, it is possible to check the risk of a transaction being fraudulent. This check can occur before or after the transaction is authorized, according to the rules defined by the customer.
AuthorizeFirst flow
The most common sequence, in which authorization occurs before analysis, can occur with or without automatic capture of the transaction.
With permission
In this flow, the store (platform) sends the request to the API Gateway de Pagamento, which then sends the transaction for authorization to the Acquirer registered in the store. Once authorized, the sale amount will be recognized, but will not yet have been charged to the card.
The Gateway de Pagamento calls the Antifraude, where the order risk analysis is performed.
If the Anti-Fraud accepts the transaction, it is captured and the card is charged. If the Antifraude rejects the transaction, the API Gateway de Pagamento requests the Acquirer to cancel the transaction and informs the store. The amount blocked on the card must be returned 100% to the end customer.
With automatic capture
This flow is similar to the first one, with the difference that it is automatically captured instead of authorized. If the Antifraude rejects the order, which was previously authorized by the Acquirer and already charged to the customer's card, the API Gateway de Pagamento will request the Acquirer to cancel the transaction and inform the store. In this case, the amount already charged to the card must also be refunded 100% to the end customer.
AnalyseFirst flow
For more details on the flow in which the analysis takes place before authorization, see the Manual do Antifraude.
AuthorizeFirst x AnalyseFirst
Check below the risk analysis behavior according to each type of integration:
| Integration Type | Description | Required Parameters |
|---|---|---|
| Pre-authorization analysis | Before the transaction is submitted for authorization, the fraud analysis assesses whether it is of high risk or not. This avoids risky transactions being sent for authorization. | FraudAnalysis.Sequence is "AnalyseFirst" |
| Analysis after authorization | Before the transaction is sent to the fraud analysis, it will be sent for authorization. | FraudAnalysis.Sequence is "AuthorizeFirst" |
| Analysis of authorized transactions | The fraud analysis is only triggered to analyze transactions with the "authorized" status. This avoids the cost of unauthorized transactions analyses. | FraudAnalysis.Sequence is "AuthorizeFirst" and FraudAnalysis.SequenceCriteria is "OnSuccess" |
| Analysis in any event | Regardless of the transaction status after authorization, the fraud analysis will examine the risks. | FraudAnalysis.Sequence is "AuthorizeFirst", FraudAnalysis.SequenceCriteria is "Always" |
| Authorization in any event | Regardless of the transaction fraud score, it will always be submitted for authorization. | FraudAnalysis.Sequence is "AnalyseFirst", FraudAnalysis.SequenceCriteria is "Always" |
| Capture secure transactions | After the fraud analysis, an authorized transaction is automatically captured if tagged as low risk. In the case of manual review, the transaction will be automatically captured as soon as Braspag is notified of the new status "Accept". | FraudAnalysis.Sequence is "AuthorizeFirst", FraudAnalysis.CaptureOnLowRisk is "true", Payment.Capture is "false" |
| Cancel a suspect transaction | If the fraud analysis sets high risk for an already authorized or captured transaction, it will be immediately canceled or reversed. In the case of manual review, the transaction will be automatically canceled or reversed as soon as Braspag is notified of the new status "Reject". | FraudAnalysis.Sequence is "AuthorizeFirst", FraudAnalysis.VoidOnHighRisk is "true" |
If not otherwise specified during authorization, Cielo will process your transaction through the following flow:
FraudAnalysis.Sequenceas "AuthorizeFirst",FraudAnalysis.SequenceCriteriaas "OnSuccess",FraudAnalysis.VoidOnHighRiskas "false",FraudAnalysis.CaptureOnLowRiskas "false".
Implementing Cybersource Fraud Analysis
For the CyberSource fraud analysis to be performed during a credit card transaction, you must add the following nodes to the authorization agreement: FraudAnalysis ,Cart, MerchantDefinedFields and Travel (this one only for airline tickets).
During the Cybersource deployment, additional information can be stored through MDDs (Merchand Defined Data). MDDs are fields numbered 0 through N used to store unique merchant information. Learn more in MDD Table.
Implementing ACI Worldwide Analysis
In the fraud analysis request with ACI Worldwide, send the
Payment.FraudAnalysis.Providerfield as "RedShield".
Fingerprint with ACI
The Fingerprint is the digital identification of the shopper's device. This identification is made up of a series of data collected on the checkout page of the website or application. To set up Fingerprint with ACI, see the Antifraude Gateway manual.
Implementing ClearSale Analytics
In the fraud analysis request with ClearSale, send the Payment.FraudAnalysis.Provider field as "ClearSale".
Fingerprint with ClearSale
The Fingerprint is the digital identification of the shopper's device. This identification is made up of a series of data collected on the checkout page of the website or application.
When integrating the API do Gateway de Pagamento with ClearSale fraud analysis, the session_id value must be sent in the Payment.FraudAnalisys.FingerPrintId parameter.
To configure Fingerprint with ClearSale, see the Antifraude Gateway manual.
How to integrate fraud analysisFraud analysis through the Cielo E-commerce API is a service offered by contract. It is possible to perform fraud analysis through one of the available Antifraud providers.
Check details in the API Reference:
Create a payment with fraud analysis with ClearSale;
Create a payment with fraud analysis with Cybersource.
Updated 11 days ago