Authorized Payment Protection Integration Guide

Authorized Push Payment fraud happens when a fraudster tricks someone into sending a payment to an account outside of their control. Banking associations and issuing banks can use Authorized Payment Protection to slow down, investigate, and stop payment transfers to fraudulent destination accounts in real-time, without investing the time and resources required to build and maintain a fraud management system. Financial Institutions can configure risk-decisions with rules (policies) and decision flows (segments), perform manual reviews, adjust transfer approvals in real time, and spot and report fraud — all from the Kount 360 platform.

Financial Institutions also have the option to introduce Origin Account Fraud Detection to catch impersonations and account takeover. By integrating the Device Data Collector on their Payment Transfer page, they are able to detect suspicious locations, devices, IP addresses, countries, and more all on the Kount 360 platform.

Authorized Payment Protection Workflow

The basic steps to integrate Authorized Payment Protection are:

  1. Integrate the real-time API to send data about the Origin and Destination bank accounts to receive a response with our decision (Approve, Decline, or Review).

  2. Submit Fraudulent Transaction information, including investigations and outcomes, to train our AI models using our Portal or Outcomes API.

Provisioning an API Key

Sign in to Kount 360 to authenticate for API access.

  1. Sign in to Kount 360. There are two integration environments: sandbox and production. Only integrate into our sandbox environment if you are integrating a pre-production environment without production data.

  2. Select Admin, and then Product Configuration.

  3. Select Options for the organization in which you want to create an API key, and then select Create API Key.

  4. Select Create.

  5. Expand the organization.

  6. Copy the API key and save it in a secure location. You will need the API key to create a bearer token.

    Note

    Use the copy button to copy the API key. If you close the window without copying the API key, you must create a new API key using the options menu. You are allowed two active API keys per customer.

Creating a Bearer Token

After you have provisioned your API credentials in the portal, retrieve a temporary bearer token to authenticate calls to the Kount 360 API. Provide the API Key and Client ID in an HTTP POST to a specific login.kount.com URL.

With a successful exchange, the returned JSON provides a special bearer token, which is the access_token property. The exchange also provides an expiration date, the expires_in property, provided in seconds until expiration. The API to retrieve the bearer token depends on if you are calling the sandbox or production environment.

The values are:

Sandbox

Auth Server URL:

https://login.kount.com/oauth2/ausdppkujzCPQuIrY357/v1/token

API Service Host:

https://api-sandbox.kount.com

Production

Auth Server URL:

https://login.kount.com/oauth2/ausdppksgrbyM0abp357/v1/token

API Service Host:

https://api.kount.com

After obtaining the bearer token, use it to authenticate requests to the Kount 360 API. Include the token in the Authorization header of your HTTP API request, prefixed with Bearer {bearer token}.

To prevent authentication issues, refresh the token before it expires. Tokens issued by login.kount.com expire after 20 minutes, but client credentials remain valid unless revoked. Minimize calls to the /token endpoint by implementing token expiration handling in your customer applications. Always check if a token has expired before requesting a new one, as excessive calls to the /token endpoint could result in rate limiting.

Examples of retrieving and using the bearer token in popular programming languages:

Python
Bash
TypeScript
Go
Point of Payment

Authorized Payment Protection needs an API integration at the point of payment during an account-to-account transfer journey. The solution happens at the point of payment during a bank transfer with a real-time API. The API sends Kount 360 information about the origin and destination bank account. We use this information to calculate the network-based risk of the destination bank account with a machine learning model.

Sandbox Endpoint:

https://api-sandbox.kount.com/app/v1/transactions

Production Endpoint:

https://api.kount.com/app/v1/transactions

Method: POST

Header Authorization: OAuth2

Header Content Type: application/JSON

Body: Refer to the Authorized Payment Protection API Specifications.

Go to Authorized Payment Protection API Reference for the full endpoint documentation.

Was this article helpful?
0 out of 0 found this helpful