Fraud Login Event - Field Descriptions
The following page details each of the fields that can be used in the request and received in the response when using the Fraud Login Event endpoint.
Request
The following table describes fields that can be included in the body of the request when using the Fraud Login Event endpoint.
| Field | Description | Type | Mandatory |
|---|---|---|---|
| channel | Channel through which the login was made. Recommended values are "online" or "mobile". Further free text examples can be added to fit the use case. | String | No |
| customerEnrollmentDate | The date in which the customer signed up to use mobile/online banking. | date-time | No |
| customerFlag | Used for specific customer flags that can determine treatment strategies, for example if a customer is a VIP or classified as vulnerable. This is an array that can include free text values. | String | No |
| customerId | The unique identifier for the customer. | String | Yes |
| customerType | The customer type. For example, Retail or Commercial. | String | No |
| device | Object that contains details of the device used for the login attempt. | ||
| anonymizerInUseFlag | If true, indicates if the anonymizer was in use during the session. | Boolean | No |
| areaCode | The device area code captured during the customer session. | String | No |
| browserType | The device browser type captured during the customer session. | String | No |
| browserVersion | The device browser version captured during the customer session. | String | No |
| city | The device city name captured during the customer session. | String | No |
| clientTimezone | The client time zone captured during the customer session. | String | No |
| continentCode | The device continent code captured during the customer session. | String | No |
| cookieId | The cookie ID used during the customer session. | String | No |
| countryCode | The device country code captured during the customer session. | String | No |
| countryName | The device country name captured during the customer session. | String | No |
| deviceFingerprint | The device fingerprint captured during the customer session by a third party. | String | No |
| deviceIMEI | The IMEI of the device used during the customer session. | String | No |
| deviceName | The device name given at point of registration. | String | No |
| flashPluginPresent | The Flash Plugin captured during the customer session. | String | No |
| httpHeader | The HTTPHeader captured during the customer session. | String | No |
| ipAddressV4 | The IP address v4 captured during the customer session. | String | No |
| ipAddressV6 | The IP address v6 captured during the customer session | String | No |
| metroCode | The device metropolitan code captured during the customer session. | String | No |
| mimeTypesPresent | The Mime-Types captured during the customer session. | String | No |
| mobileNumberDeviceLink | A concatenated string of the mobile number and device ID to establish the link. | String | No |
| networkCarrier | The network carrier captured during the customer session. | String | No |
| oS | The device Operating System captured during the customer session. | String | No |
| postalCode | The device postal code captured during the customer session. | String | No |
| proxyDescription | The proxy type description captured during the customer session. | String | No |
| proxyType | The proxy type captured during the customer session. | String | No |
| region | The device region code captured during the customer session. | String | No |
| screenResolution | The screen resolution captured during the customer session. | String | No |
| sessionLatitude | The latitude captured during the customer session. | Number | No |
| sessionLongitude | The longitude captured during the customer session. | Number | No |
| timestamp | The timestamp of the login captured during the customer session. | Date-Time | No |
| type | The device type captured during the customer session. | String | No |
| userAgentString | The user agent string captured during the customer session. | String | No |
| device | End of the device object. | ||
| deviceId | A unique identifier of the device performing the event, such as the mobile/cell phone used for a transaction (For example, Google or Apple Pay transactions). | String | No |
| eventTime | Date and time that the login occurred. | Date-Time | Yes |
| initiatingPartyId | Identifier of the initiating party, where this is not the account ID. This is mandatory for commercial use cases. | String | No |
| initiatingPartyName | A human readable string identifying the initiator as indentified in the intiatiatingPartyId attribute. | String | No |
| initiatingPartyType | This field describes how the initiating party is being used. Represents an individual user in the commercial banking setting. However it can also be used to represent the Open Banking entity that initiates the action. This field describes how the initiating party is being used. For example, "User" or "Open Banking". | String | No |
| productId | The unique product identifier. | String | No |
| programManagerCode | The unique code for the program manager. | String | Yes |
| session | Object that contains details for the login. | ||
| sessionId | Persistent identifer for a single session. | String | No |
| sessionStartTime | Start time and date of the session. | Date-Time | No |
| session | End of the session object. | ||
| traceId | Customer provided ID for tracking events. | String | No |
| thirdPartyDetails | Object that contains details sent by the third party provider. | ||
| authenticationFailedReason | Indicates the reason for failure, such as "user cancel" or "challenge response failed". | String | No |
| authenticationMethod | The authentication method used by the third party. | String | No |
| authenticationServiceType | Indicates the authentication service being registered. This field is only populated if the registration event is for an authentication service. | String | No |
| authenticationStatus | Indicates the status of the authentication. For example, auth_success. | String | No |
| browserAnomaly | Returns a value of 'yes' if an anomaly is detected with the various browser attributes collected during profiling, including Flash, JavaScript and User Agent. | String | No |
| browserCrawlerIdentification | The agent, parsed from the http user agent/ browser string, which indicates if the client is not a real browser, e.g. crawler. | String | No |
| browserHTTPInfo | The user agent/browser string presented in the HTTP header. | String | No |
| browserHTTPInfoAnomaly | Indicates if there is an anomaly in the browser string content. | String | No |
| browserInfo | The browser information, determined using a combination of Flash, JavaScript and User Agent. If browser detection was unsuccessful this will be set to Unknown. If a browser is detected that is not recognised, it will be set to Other. | String | No |
| browserLanguage | The code for the language that the browser is configured to accept. | String | No |
| browserLanguageAnomaly | Indicates if there is an anomaly between the browser_language and flash_lang values. This happens when both appear, and none of the browser's preferred languages is the same as the flash_lang. | String | No |
| browserStringMismatch | Indicates if there is a mismatch between the javascript user agent string and the HTTP user agent string. | String | No |
| browserVersionId | The version of the browser installed. | String | No |
| deviceFingerprint | The device fingerprint as calculated by the third party. | String | No |
| deviceFingerprintFirstSeen | The date that this entity was first encountered by the third party. | String | No |
| deviceFingerprintResult | Defines the result of third-party identification. If this field is set to not found, it indicates this is the first time the third party has seen this entity involved in a transaction. If the field is set to success, indicates that the third party has intelligence on this entity. | String | No |
| deviceFingerprintScore | The risk score calculated by the third party. | Integer | No |
| deviceFirstSeenDate | The date that this entity was first encountered by the third party, in yyyy-mm-dd format. | String | No |
| deviceIdConfidence | The probability of this being the same device. | Integer | No |
| deviceMatchResult | Indicates a new device, whether it was encountered before, and if not enough attributes were gathered to create a device identity. | String | No |
| deviceRootJailBreak | Indicates whether a mobile device has Root privileges on Android, or a Jailbroken iOS device. This stores a numerical value that indicates the number of jailbreak/root elements on a device. 0 indicates that there are no jailbreak/root elements detected. | Integer | No |
| deviceRootJailBreakReason | A comma separated string containing additional information that describes the elements on the device that triggered the Jailbreak or Root detection. | String | No |
| deviceScore | The risk score calculated by the third party. | Integer | No |
| deviceScoreReason | The risk score reason code. For example, InAuth. | String | No |
| digitalId | The digital identifier assigned by the third party. | String | No |
| digitalIdConfidence | Indicates the level of confidence that the event appears to be matching the behaviour from the returned digitalId. | Integer | No |
| digitalIdTrustScoreRating | The trust score rating associated with the ThirdParty ID. For example, very_high. | String | No |
| digitalIdTrustScoreReasonCode | The reason codes describing the Trust Score rating (multiple values). There can be up to 64 characters per entry and there may be an unlimited number of entries. | String | No |
| loginVerificationResult | Indicates the result of the login verification. not found indicates this is the first time the third party has seen this entity involved in a transaction. success indicates that the third party has intelligence on this entity. | String | No |
| loginVerificationScore | The login verification risk score calculated by the third party. | Integer | No |
| nameVerificationScore | The name verification risk score calculated by the third party. | Integer | No |
| nameVerificationResult | Indicates the result of the name verification. not found indicates this is the first time the third party has seen this entity involved in a transaction. success indicates that the third party has intelligence on this entity. | String | No |
| overallAssessment | The overall assessment of the verification. For example, FAIL. | String | No |
| overallAssessmentReason | Indicates the reason for failure, such as user cancel or challenge response failed. | String | No |
| phoneVerificationResult | Indicates the result of the phone verification. not found indicates this is the first time the third party has seen this entity involved in a transaction. success indicates that the third party has intelligence on this entity. | String | No |
| phoneVerificationScore | The phone verification risk score calculated by the third party. | Integer | No |
| profiledDeviceType | Indicates the type of device that was profiled, including mobile app, desktop app, or web browser on a desktop or mobile platform. | String | No |
| providerName | The name of the third party provider used to capture and assess session and behaviour biometric use. | String | No |
| refNumber | The third party provider reference number assigned when the third party assesses session risk and returns results to the customer. | String | No |
| virtualDeviceIdentification | Indicates whether a mobile device is running in an Emulator on Android, or a Simulator on iOS. This stores a numerical value that indicates the number of emulator/simulator elements on a device. | Integer | No |
| wiFIAccuracy | The accuracy of the estimated location, in meters. This represents the radius of a circle around the given location. | Integer | No |
| wiFiLatitude | The Latitude of the WiFi connection based on BSSID. | Integer | No |
| wiFiLongitude | The Longitude of the WiFi connection based on BSSID. | Integer | No |
| thirdPartyDetails | End of the thirdPartyDetails object. | ||
| verificationResult | The final result of the verification. This indicates whether the customer was successful in verifying themselves. The verificationType determines whether any specific verifications were failed or were successful. If the customer is successfully verified, then it is set to SUCC. | String | No |
| verificationType | Object that enables you to track multiple verifications required to perform the designated events. For each verification that took place, SUCC indicates successful verification, and FAIL indicates verification failed. | ||
| aa | Indicates whether the Account holder Authentication Value (AAV) was successful. | String | No |
| accountDigitalSignature | Indicates whether the Account-based digital signature authentication was successful. | String | No |
| avs | Indicates whether the Address Verification Service (AVS) was successful. | String | No |
| biometry | Indicates whether the biometric authentication of the cardholder was successful. | String | No |
| cardholderIdentificationData | Indicates whether the cardholder data provided for verification was successful. | String | No |
| cryptogramVerification | Indicates whether the verification of a cryptogram generated by a chip card or another device was successful. | String | No |
| cscVerification | Indicates whether the verification of the Card Security Code (CSC) was successful. | String | No |
| cvv | Indicates whether the Card Verification Value (CVV) was successful. | String | No |
| offlinePIN | Indicates whether the offline PIN authentication was successful. | String | No |
| oneTimePassword | Indicates whether the verification of a One-Time Password (OTP) provided by the issuer was successful. | String | No |
| onlinePIN | Indicates whether the online PIN authentication was successful. | String | No |
| other | Indicates whether the other type of verification was successful. | String | No |
| paperSignature | Indicates whether the handwritten paper signature was successful. | String | No |
| passiveAuthentication | Indicates whether the authentication based on statistical cardholder behaviour was successful. | String | No |
| password | Indicates whether the authentication by a password was successful. | String | No |
| threeDS | Indicates whether the authentication performed during a secure electronic commerce transaction was successful. | String | No |
| tokenAuthentication | Indicates whether the cryptogram generated by the token request or a customer device to validate the authorised use of a token was successful. | String | No |
| verificationType | End of the verificationType object. |
Response
If successful, a 204 No Content response is returned.
Updated about 13 hours ago