API v2 Documentation

Our v2.0 API documentation (API v1.0 documentation is located here - requires login).
Our team lives by two credos: 'Data is power' and 'Simplicity whenever possible'. Everything we create focuses on providing our members with better decision-making capabilities powered by a few straightforward requests. Our data is available to members via APIs so developers can build tools to make their enterprises faster, smarter and more efficient. Merchants should connect to Fraud.net systems using 2 APIs: the 'CHECK' API is used to score the transaaction immediately upon completion, and the 'UPDATE' API is used to relay any subsequent changes to each transaction. In doing so, you and Fraud.net create a real-time, learning fraud prevention platform that is capable of consistently and incrementally improving your fraud detection. Fraud.net controls access to data via an API Key, the primary data authentication method for your account. Don't have a key? Start by creating an account here.

Looking for pre-built libraries for interacting with Fraud.net? Take a look at our SDKs here.

Endpoint - Transaction Update

POST
https://api.fraud.net/v2/update

Example request (JSON)

{
"order_id": "447654529",
"order_status" : "fraud",
"note" :"This order was updated to fraud."
};

Example Response (JSON)

{
"success": true,
"data" : {
"id" : "f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
"link" : "https://fraud.net/transaction/f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
"timer" : 200
}
}

Request Headers

Header
Allowed Values
Description
Example
Accept
application/json (for .json requests)
The MIME type for the format you want to receive a response in.
application/json
Authorization
Basic
The user credentials for accessing the API.
Basic YWRtaW46cGFzc3dvcmQ=
Content-Type
application/json (for JSON requests)
The MIME type of the request body. Use to validate and parse the request to the API.
application/json
X-Auth-Client
String
Client ID of the requesting app.
X-Auth-Token
String
Access token authorizing the app to access resources on behalf of a user.

Auth instructions

Include the ​key and​ token​ in the Authorization field of each HTTP request header, using the following syntax Basic ​key:token where key:token is base64-encoded.
Ex. Authorization: Basic YWRtaW46ZTBhMDJiMDM5NzczNWI4NzNlZGQ5NWE1ZmQ1Y2I5YmI=

Request Parameters

Category
Field_Name
Data Type
Example
Required
Comments
Option List
order_id
string
123456
yes
Your internal transaction ID. You can use this to locate specific transactions in our reports and email alerts.
order_status
string
pending
yes
Your current internal order / transaction status.
new order, approved, authorized, review, purchase_order, invoiced, shipped, cancelled, returned, refunded, chargeback, fraud
note
string
This order was changed to fraud.
Your customer service or fraud investigators' notes, if any, regarding the change in status.
agent_code
string
EDAVIS89
Your customer service or fraud investigators' name or ID.


Response Headers

Header
Allowed Values
Description
Example
Date
An RFC 2822 date.
The date the response was sent.
Tue, 15 Nov 2011 12:45:26 GMT
Last-Modified
An RFC 2822 date.
The date the resource was last modified. Please refer to the individual resource pages for support for this header.
Tue, 15 Nov 2011 12:45:26 GMT
Content-Type
application/json (for JSON requests)
The MIME type of the response, dependent on the extension of the endpoint that was requested.
application/json
WWW-Authenticate
Basic
Indicates the authentication scheme that should be used to access the API. Sent with a 401 Unauthorized response if HTTP Basic Authentication credentials weren’t supplied.
Basic
X-Retry-After
An integer
Rate limited response, indicating the number of seconds before the quota refreshes. See the Basic Auth rate limits documentation for more information.
15
X-BC-ApiLimit-Remaining
An integer
The number of API requests remaining for the current period (rolling one hour). See the Basic Auth rate limits documentation for more information.
987
X-BC-Fn-Version
A version number
The version of Fraud.net service is running on. This header is available from versions 1.7+.
1.7

Response Codes

Every request includes an HTTP status code with the result. The status code should examined before the response. In most error cases, the response body will contain an errors JSON/XML document with more details.

Successful status codes (2xx)
200
OK
The request was successful.


Client error status codes (4xx)
400
Bad Request
The request was invalid or could not be understood by the server. Resubmitting the request will likely result in the same error.
401
Invalid Auth Token
The request was rejected due to an invalid authentication token. Please check your api key or call us to confirm use of active auth key.
404
Not Found
The resource was not found with the given identifier. The response body will explain which resource was not found.

Server error status codes (5xx)
500
Internal Server Error
TThe server encountered an error while processing your request and failed.

Response Parameters

Category
Field_Name
Data Type
Example
Comments
Options
Success
string
true
true,false


Don't see a situation that this request / response accommodates? Let us know by sending us any field and value in your request which you believe to be relevant in your fraud prevention program and we'll incorporate it into your algorithms and analytics. Otherwise, feel free to contact to let us know how we can better help you through any customization you'd like to see. Contact us at api@fraud.net with API feedback.