Introduction to Fraud Alert Service

The Fraud Alert Service delivers fraud notifications to clients. Clients can then utilise these notifications to create alerts for their cardholders through their preferred channels, such as in-app notifications, to warn them about potential fraud incidents.

To use the Fraud Alert Service, webhooks are used to deliver fraud notifications clients. Speak to your Implementation Manager to register for this service, or see Introduction to Webhooks for more information.

The Fraud Alert Service Workflow

When this has been successfully setup, and you have opted for in-app fraud notifications, the Fraud Alert Service will notify any potential fraudulent transaction whenever an occurrence takes place.

  1. A potentially fraudulent transaction occurs.
  2. If the client has opted for in-app fraud notifications, the Fraud Detection System transmits the fraud notification to Thredd.
  3. Thredd sends the fraud notification as a webhook event to the designated client endpoint.
  4. The client processes the notification, relaying it to the cardholder through their in-app notifications. They await the cardholder's acknowledgment to authenticate the transaction.
  5. The cardholder responds to the notification.
  6. The client sends the cardholder's response back to the fraud detection system for processing the cardholder's response.
Fraud Alert Workflow

Fraud Alert Workflow

See the below example response for each of the different events.

{
  "context": {
    "notificationId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "programManagerCode": "TEST",
    "eventCode": 101,
    "eventVersion": "v1",
    "notificationTime": "2024-01-24T23:20:28Z"
  },
  "payload": {
    "fraudAlertId": "05e991e3-9058-4d79-bf01-76d4e8fe2059",
    "productId": 123,
    "cardholderName": "John Doe",
    "last4Digits": 1234,
    "transactionId": 98765432101212,
    "tokenId": 545454121,
    "transactionAmount": "50.75",
    "currency": "USD",
    "merchantName": "Sample Merchant",
    "location": "United Kingdom",
    "dateTime": "2024-01-24T14:30:00Z",
    "mcc": "4567",
    "cardProductName": "Gold Card",
    "notificationMessageContent": "Did you attempt $50.75 on card ending 1234 at Example Merchant ? We suspect fraud and blocked the card, Acknowledge if you made this purchase."
  }
}
{
  "context": {
    "notificationId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "programManagerCode": "TEST",
    "eventCode": 102,
    "eventVersion": "v1",
    "notificationTime": "2024-01-24T23:20:28Z"
  },
  "payload": {
    "fraudAlertId": "05e991e3-9058-4d79-bf01-76d4e8fe2059",
    "fraudAlertType": "Acknowledgement",
    "notificationMessageContent": "From Bank: Thank you for replying. Your card ending 1234 has been unblocked.",
    "productId": 123
  }
}

📘

Information

For more information on the fields used in the response of the Fraud Events, see the following pages:

Available Webhooks

The following table describes each of the available endpoints for the Fraud Alert Service.

NameEndpointDescription
Fraud Detection EventsThe URL specified in the Create Webhook endpoint. For information on how to retrieve this URL, see List Webhooks.Notifications sent using the Webhook Service for Fraud Alerts (Event Code 101).
Fraud Action EventsThe URL specified in the Create Webhook endpoint. For information on how to retrieve this URL, see List Webhooks.Notifications sent using the Webhook Service for Fraud Acknowledgements (Event Code 102).
Fraud Alert Response/api/v1/fraudalertresponseEnables the delivery of feedback regarding a fraud alert from the client, primarily consisting of the cardholder's response to the fraud alert

Create Fraud Alert Response

The Fraud Alert Response endpoint is used to deliver feedback regarding a fraud alert from the client, primarily consisting of the cardholder's response to the fraud alert.

You can create a fraud alert response by making a POST request to the Fraud Alert Response endpoint. For example:

/api/v1/fraudalertresponse

The POST body should include the details of the cardholder's response. The below is an example of what the body should look like.


{
"fraudAlertId": "af5d48de-2ad7-62f8-a252-743cd9e6078",
"notificationId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"response": "YES"
}

If successful, a 200 response is returned. See the below example.

{
"status": "success",
"response": "The request was successful"
}

👍

Information