The following tables show which Orders API (Payments Fraud) properties map to a corresponding Risk Inquiry Services (RIS, Command) API property. You can use this information as a reference when upgrading from Command to Payments Fraud in Kount 360.
sidebar. Request properties
|
RIS Category |
Notes |
||
|
MERC |
System Information |
The Bearer token identifies the customer’s org/client. |
MERC does not directly compare to the bearer token. |
|
VERS |
System Information |
|
VERS was part of the endpoint URL and is not a a data point included in the Orders API request. |
|
ORDR |
System Information |
merchantOrderId |
|
|
SITE |
System Information |
channel |
|
|
SESS |
System Information |
deviceSessionId |
|
|
N/A |
creationDateTime |
New data field for the Orders API. |
|
|
IPAD |
System Information |
userIp |
|
|
N/A |
account |
||
|
UNIQ |
Misc Information |
account.id |
|
|
N/A |
account.type |
||
|
EPOC |
Misc Information |
account.creationDateTime |
|
|
N/A |
account.username |
||
|
N/A |
account.accountIsActive |
||
|
N/A |
items |
||
|
N/A |
items.id |
||
|
PROD_PRICE[0] |
Product Details |
items.price |
|
|
PROD_DESC[0] |
Product Details |
items.description |
|
|
N/A |
items.name |
||
|
PROD_QUANT[0] |
Product Details |
items.quantity |
|
|
PROD_TYPE[0] |
Product Details |
items.category |
|
|
N/A |
items.subCategory |
||
|
N/A |
items.isDigital |
||
|
PROD_ITEM[0] |
Product Details |
items.sku |
|
|
N/A |
items.upc |
||
|
N/A |
items.brand |
||
|
N/A |
items.url |
||
|
N/A |
items.imageUrl |
||
|
N/A |
items.physicalAttributes |
||
|
N/A |
items.physicalAttributes.color |
||
|
N/A |
items.physicalAttributes.size |
||
|
N/A |
items.physicalAttributes.weight |
||
|
N/A |
items.physicalAttributes.height |
||
|
N/A |
items.physicalAttributes.width |
||
|
N/A |
items.physicalAttributes.depth |
||
|
N/A |
items.descriptors |
||
|
N/A |
items.isService |
||
|
N/A |
fulfillment |
||
|
N/A |
fullfillment.merchantFulfillmentId |
||
|
SHTP |
Shipping Information |
fulfillment.type |
SHTP has been split into two properties for Orders, Type examples include |
|
N/A |
fulfillment.items |
||
|
N/A |
fulfillment.status |
||
|
N/A |
fulfillment.accessUrl |
||
|
N/A |
fulfillment.shipping |
||
|
N/A |
fulfillment.shipping.amount |
||
|
N/A |
fulfillment.shipping.provider |
||
|
N/A |
fulfillment.shipping.trackingNumbers |
||
|
SHTP |
Shipping Information |
fulfillment.shipping.method |
SHTP has been split into two properties for Orders, Fulfillment examples include |
|
N/A |
fulfillment.recipientPerson |
||
|
N/A |
fulfillment.recipientPerson.name |
||
|
S2NM |
Shipping Information |
fulfillment.recipientPerson.name.first fulfillment.recipientPerson.name.family |
|
|
N/A |
fulfillment.recipientPerson.name.middle |
||
|
N/A |
fulfillment.recipientPerson.name.prefix |
||
|
N/A |
fullfillment.recipientPerson.name.suffix |
||
|
N/A |
fulfillment.recipientPerson.name.preferred |
||
|
N/A |
fulfillment.recipientPerson.dateOfBirth |
||
|
S2EM |
Shipping Information |
fulfillment.recipientPerson.emailAddress |
|
|
S2PN |
Shipping Information |
fulfillment.recipientPerson.phoneNumber |
|
|
N/A |
fulfillment.recipientPerson.address |
||
|
S2A1 |
Shipping Information |
fulfillment.recipientPerson.address.line1 |
|
|
S2A2 |
Shipping Information |
fulfillment.recipientPerson.address.line2 |
|
|
S2CI |
Shipping Information |
fulfillment.recipientPerson.address.city |
|
|
S2ST |
Shipping Information |
fulfillment.recipientPerson.address.region |
|
|
S2CC |
Shipping Information |
fulfillment.recipientPerson.address.countryCode |
|
|
S2PC |
Shipping Information |
fulfillment.recipient.address.postalCode |
|
|
N/A |
fulfillment.store |
||
|
N/A |
fulfillment.store.id |
||
|
N/A |
fulfillment.store.name |
||
|
N/A |
fulfillment.store.address |
||
|
N/A |
fulfillment.store.address.addressType |
||
|
N/A |
fulfillment.store.address.line1 |
||
|
N/A |
fulfillment.store.address.line2 |
||
|
N/A |
fulfillment.store.address.city |
||
|
N/A |
fulfillment.store.address.region |
||
|
N/A |
fulfillment.store.address.countryCode |
||
|
N/A |
fulfillment.store.address.postalCode |
||
|
N/A |
transactions |
||
|
N/A |
transactions.merchantTransactionId |
||
|
N/A |
transactions.processor |
||
|
N/A |
transactions.processorMerchantId |
||
|
N/A |
transactions.payment |
||
|
PTYP |
Payment Information |
transactions.payment.type |
|
|
PTOK |
Payment Information |
transactions.payment.paymentToken |
The tokenized or hashed payment token used in the order. |
|
PENC |
Payment Information |
N/A |
|
|
MASK |
Payment Information |
N/A |
|
|
LBIN |
Payment Information |
transactions.payment.bin |
The first 6-8 digits of the 16 digit Primary Account Number (PAN). |
|
LAST4 |
Payment Information |
transactions.payment.last4 |
|
|
N/A |
transactions.subtotal |
||
|
TOTL |
Payment Information |
transactions.orderTotal |
|
|
CURR |
Payment Information |
transactions.currency |
|
|
N/A |
transactions.tax |
||
|
N/A |
transactions.tax.isTaxable |
||
|
N/A |
transactions.tax.taxableCountryCode |
||
|
N/A |
transactions.tax.taxAmount |
||
|
N/A |
transactions.tax.outOfStateTaxAmount |
||
|
N/A |
transactions.billedPerson |
||
|
N/A |
transactions.billedPerson.name |
||
|
NAME |
Billing Information |
transactions.billedPerson.name.first transactions.billedPerson.name.family |
|
|
N/A |
transactions.billedPerson.name.middle |
||
|
N/A |
transactions.billedPerson.name.prefix |
||
|
N/A |
transactions.billedPerson.name.suffix |
||
|
N/A |
transactions.billedPerson.name.preferred |
||
|
EMAL |
Billing Information |
transactions.billedPerson.emailAddress |
|
|
B2PN |
Billing Information |
transactions.billedPerson.phoneNumber |
|
|
N/A |
transactions.billedPerson.address |
||
|
B2A1 |
Billing Information |
transactions.billedPerson.address.line1 |
|
|
B2A2 |
Billing Information |
transactions.billedPerson.address.line2 |
|
|
B2CI |
Billing Information |
transactions.billedPerson.address.city |
|
|
B2ST |
Billing Information |
transactions.billedPerson.address.region |
|
|
B2PC |
Billing Information |
transactions.billedPerson.address.postalCode |
|
|
B2CC |
Billing Information |
transactions.billedPerson.address.countryCode |
|
|
DOB |
transactions.billedPerson.dateOfBirth |
||
|
N/A |
transactions.transactionStatus |
||
|
N/A |
transactions.authorizationStatus |
||
|
AUTH |
Payment Information |
transactions.authorizationStatus.authResult |
|
|
N/A |
transactions.authorizationStatus.dateTime |
||
|
N/A |
transactions.authorizationStatus.verificationResponse |
||
|
AVST |
transactions.authorizationStatus.verificationResponse.avsStatus |
||
|
AVSZ |
transactions.authorizationStatus.verificationResponse.avsStatus |
||
|
CVVR |
transactions.authorizationStatus.verificationResponse.cvvStatus |
||
|
N/A |
transactions.authorizationStatus.declineCode |
||
|
N/A |
transactions.authorizationStatus.processorAuthCode |
||
|
N/A |
transactions.authorizationStatus.processorTransactionId |
||
|
N/A |
transactions.authorizationStatus.acquirerReferenceNumber |
||
|
N/A |
transactions.items |
||
|
N/A |
transactions.items.id |
||
|
N/A |
transactions.items.quantity |
||
|
N/A |
promotions |
||
|
N/A |
promotions.id |
||
|
N/A |
promotions.description |
||
|
N/A |
promotions.status |
||
|
N/A |
promotions.statusReason |
||
|
N/A |
promotions.discount |
||
|
N/A |
promotions.discount.percentage |
||
|
N/A |
promotions.discount.amount |
||
|
N/A |
promotions.discount.currency |
||
|
N/A |
promotions.credit |
||
|
N/A |
promotions.credit.currency |
||
|
N/A |
promotions.credit.creditType |
||
|
N/A |
promotions.credit.amount |
||
|
N/A |
loyalty |
||
|
N/A |
loyalty.id |
||
|
N/A |
loyalty.description |
||
|
N/A |
loyalty.credit |
||
|
N/A |
loyalty.credit.creditType |
||
|
N/A |
loyalty.credit.amount |
||
|
N/A |
loyalty.credit.currency |
||
|
UDF[] |
customFields |
||
|
MACK |
System Information |
N/A |
The customer's acknowledgement to ship/process an order. In Command, this value is hardcoded as Y. |
|
ANID |
System Information |
N/A |
The Automatic Number Identification (Caller ID) submitted with an order. If the ANI cannot be determined, set the value to 0123456789. In Command, this is only available in Mode P. |
|
CASH |
Misc Information |
N/A |
The total monetary value of goods in the order. |
|
GENDER |
Misc Information |
N/A |
M for male or F for female |
|
UAGT |
Misc Information |
N/A |
Customer User-Agent HTTP header. |
|
FRMT |
Misc Information |
N/A |
Specifies the format of the RIS response if the customer is not using an SDK. The options are XML, JSON, and YAML. Hard code the RIS API to JSON. |
sidebar. Response properties
|
RIS API Property |
Orders API Property |
Notes |
|
MODE |
The Orders API |
|
|
VERS |
version |
|
|
N/A |
order |
|
|
TRAN |
order.orderId |
|
|
ORDR |
order.merchantOrderId |
|
|
SITE |
order.channel |
|
|
SESS |
order.deviceSessionId |
|
|
N/A |
order.creationDateTime |
|
|
N/A |
order.riskInquiry |
|
|
N/A |
order.riskInquiry.guidance |
|
|
AUTO |
order.riskInquiry.decision |
|
|
OMNISCORE |
order.riskInquiry.omniscore |
|
|
N/A |
order.riskInquiry.persona |
|
|
CARDS |
order.riskInquiry.persona.uniqueCards |
|
|
DEVICES |
order.riskInquiry.persona.uniqueDevices |
|
|
EMAILS |
order.riskInquiry.persona.uniqueEmails |
|
|
N/A |
order.riskInquiry.device |
|
|
FINGERPRINT |
order.riskInquiry.device.id |
If the device data collection process did not finish collecting (KAPT), then this property will not be populated. |
|
KAPT |
order.riskInquiry.device.id |
If the device data collection process did not finish collecting (KAPT), then this property will not be populated. |
|
N/A |
order.riskInquiry.device.collectionDateTime |
|
|
BROWSER |
order.riskInquiry.device.browser |
|
|
N/A |
order.riskInquiry.device.deviceAttributes |
|
|
OS |
order.riskInquiry.device.deviceAttributes.os |
The OS can be used to determine whether the device is a mobile device. It can also be used to determine the type/brand of the mobile device. For example, iPhone, Android, or iPad. |
|
MOBILE_DEVICE |
order.riskInquiry.device.deviceAttributes.os |
If device collection ran, and the Mobile SDK type is received, MOBILE_TYPE is populated with that value. Otherwise, MOBILE_DEVICE is N. |
|
MOBILE_TYPE |
order.riskInquiry.device.deviceAttributes.os |
If device collection ran, and the Mobile SDK type is received, MOBILE_TYPE is populated with that value. Otherwise, MOBILE_DEVICE is N. |
|
DDFS |
order.riskInquiry.device.deviceAttributes.firstSeenDateTime |
|
|
LANGUAGE |
order.riskInquiry.device.deviceAttributes.language |
|
|
TIMEZONE |
order.riskInquiry.device.deviceAttributes.timezoneOffset |
|
|
MOBILE_TYPE |
order.riskInquiry.device.deviceAttributes.mobileSdkType |
For mobile app integrations using the Device mobile SDKs, this field specifies the mobile operating system type. For browser-based orders, refer to order.riskInquiry.device.deviceAttributes.os. |
|
N/A |
order.riskInquiry.device.location |
|
|
N/A |
order.riskInquiry.device.location.areaCode |
|
|
N/A |
order.riskInquiry.device.location.city |
|
|
N/A |
order.riskInquiry.device.location.country |
|
|
COUNTRY |
order.riskInquiry.device.location.countryCode |
|
|
N/A |
order.riskInquiry.device.location.latitude |
|
|
N/A |
order.riskInquiry.device.location.longitude |
|
|
N/A |
order.riskInquiry.device.location.postalCode |
|
|
REGION |
order.riskInquiry.device.location.region |
|
|
N/A |
order.riskInquiry.device.location.regionCode |
|
|
N/A |
order.riskInquiry.device.tor |
|
|
N/A |
order.riskInquiry.segmentExecuted |
|
|
N/A |
order.riskInquiry.segmentExecuted.segment |
|
|
N/A |
order.riskInquiry.segmentExecuted.segment.id |
|
|
N/A |
order.riskInquiry.segmentExecuted.segment.name |
|
|
RULES_TRIGGERED |
order.riskInquiry.segmentExecuted.policiesExecuted |
Should always be present, even if 0. |
|
RULE_ID_X |
order.riskInquiry.segmentExecuted.policiesExecuted.id |
If RULES_TRIGGERED is greater than 0, then the RULE_ID_X and RULE_DESCRIPTION_X will be populated. |
|
RULE_DESCRIPTION_X |
order.riskInquiry.segmentExecuted.policiesExecuted.name |
If RULES_TRIGGERED is greater than 0, then the RULE_ID_X and RULE_DESCRIPTION_X will be populated. |
|
N/A |
order.riskInquiry.segmentExecuted.policiesExecuted.outcome |
|
|
N/A |
order.riskInquiry.segmentExecuted.policiesExecuted.outcome.type |
|
|
N/A |
order.riskInquiry.segmentExecuted.policiesExecuted.outcome.value |
|
|
N/A |
order.fulfillment |
|
|
N/A |
order.fulfillment.fulfillmentId |
|
|
N/A |
order.fulfillment.merchantFulfillmentId |
|
|
N/A |
order.transactions.transactionId |
|
|
ERROR |
The HTTP error code and the response body will indicate the errors. |
Errors A required data point is misconfigured which prevented the risk analysis. |
|
ERROR_COUNT |
The HTTP error code and the response body will indicate the errors. |
Errors Number of errors the customer's RIS POST created. |
|
ERROR_N |
The HTTP error code and the response body will indicate the errors. |
Errors The error code displayed in RIS response. |
|
WARNING_COUNT |
N/A* |
Errors Number of warnings the merchant RIS POST created. |
|
WARNING_N |
N/A* |
Errors The warning code displayed in RIS response. |
|
BRND |
order.transactions.payment.cardBrand |
Specifies the credit card brand when the payment type is credit card, such as Visa or MasterCard. |
|
DEVICE_LAYERS |
N/A-Hard Coded to return 4 dots (....) |
Device (Intentionally Excluded) Five device layers representing the operating system. |
|
COOKIES |
order.riskInquiry.device.deviceAttributes.cookiesEnabled |
Device A flag to indicate if the device placing the order has cookies enabled or not. |
|
DSR |
order.riskInquiry.device.deviceAttributes.screenResolution |
Device The device screen resolution. |
|
FLASH |
N/A* |
Device (Obsolete – Intentionally Excluded) A flag to indicate if the device placing order has flash enabled or not. |
|
HTTP_COUNTRY |
order.riskInquiry.device.location.localeCountryCode |
Device The home country the device owner has set in the device control panel. |
|
IP_IPAD |
order.riskInquiry.device.deviceAttributes.ip.address |
Device IP address of proxy:
|
|
IP_LAT |
order.riskInquiry.device.location.latitude |
Latitude of proxy IP address (Number, -90.1922). |
|
IP_LON |
order.riskInquiry.device.location.longitude |
Longitude of proxy IP address (Number, 38.6312). |
|
IP_COUNTRY |
order.riskInquiry.device.location.countryCode |
Country of proxy IP address (2, US). |
|
IP_REGION |
order.riskInquiry.device.location.region |
State/Region of proxy IP address (255 character limit). |
|
IP_CITY |
order.riskInquiry.device.location.city |
City of proxy IP address (255, Houston). |
|
IP_ORG |
order.riskInquiry.device.deviceAttributes.ip.organization |
Owner of IP address or address block (64, Organization Name). |
|
PIP_IPAD |
order.riskInquiry.device.deviceAttributes.ip.address |
Pierced device IP address. |
|
PIP_LAT |
order.riskInquiry.device.location.latitude |
Latitude of pierced proxy IP address (Number, -90.1922). |
|
PIP_LON |
order.riskInquiry.device.location.longitude |
Longitude pierced of proxy IP address (Number, 38.6312). |
|
PIP_COUNTRY |
order.riskInquiry.device.location.countryCode |
Country of pierced proxy IP address (2, US). |
|
PIP_REGION |
order.riskInquiry.device.location.region |
State/Region of pierced proxy IP address (255 character limit). |
|
PIP_CITY |
order.riskInquiry.device.location.city |
City of proxy pierced IP address (255, Houston). |
|
PIP_ORG |
order.riskInquiry.device.deviceAttributes.ip.organization |
Owner of pierced IP address or address block (64, Organization Name). |
|
LOCALTIME |
order.riskInquiry.device.deviceAttributes.localTime |
Device The local time of the device that the owner has set in the device’s Control Panel. |
|
MOBILE_FORWARDER |
N/A* |
Device Determines if the mobile device is using a forwarder to process the carrier service. |
|
NETW |
N/A* |
Device (Intentionally Excluded) Riskiest network type associated with persona within the last 14 days:
|
|
PC_REMOTE |
N/A* |
Device Indicates if the device is enabled to use PC remote software. |
|
PROXY |
order.device.tor |
Device Indicates if a proxy server is detected with this order. |
|
UAS |
order.riskInquiry.device.deviceAttributes.userAgent |
Device The user agent string. |
|
VOICE_DEVICE |
N/A* |
Device Indicates if the mobile device is voice activated. |
|
GEOX |
order.riskInquiry.persona.riskiestCountry |
Persona The Persona related country with highest probability of fraud. |
|
REAS |
N/A* |
(Deprecated) |
|
REGN |
order.riskInquiry.persona.riskiestRegion |
Persona The region associated to the GEOX location. |
|
SCOR |
order.riskInquiry.omniscore |
Persona There is no Persona score in Payments Fraud — it has been replaced with the Omniscore. The Omniscore incorporates many more signals than only the Persona clusters. The score is rounded to the nearest integer. |
|
VELO |
order.riskInquiry.persona.totalBankApprovedOrders |
Persona The quantity of orders seen from the Persona within last 14 days. AUTH field must be equal to A. |
|
VMAX |
order.riskInquiry.persona.maxVelocity |
Persona The quantity of orders from the Persona within the most active six hour window in last 14 days. AUTH field must be equal to A. |
|
COUNTER_NAME_X |
order.riskInquiry.policyManagement.tagWeights.name |
Rules/Counters |
|
COUNTER_VALUE_X |
order.riskInquiry.policyManagement.tagWeights.weight |
Rules/Counters |
|
COUNTERS_TRIGGERED |
order.riskInquiry.policyManagement.tagWeights.length |
Rules/Counters Number of unique counter names triggered during rules evaluation. |
|
REASON_CODE |
order.riskInquiry.reasonCode |
Rules/Counters The Custom Reason Code associated with Rule Action. |
|
THREE_DS_MERCHANT_RESPONSE |
N/A* |
3DS The 3D Secure recommendation based on policies defined within Equifax. |
|
PREVIOUSLY_WHITELISTED |
N/A* |
3DS Related to a 3D Secure workflow. |
|
KYCF |
N/A* |
Whether or not the system knows your customer flag. |
|
MERC |
N/A* |
(Intentionally Excluded) Merchant ID assigned to the merchant by Equifax. |
* This property is not available in the Payments Fraud API. When requested, the property is returned with Empty, Null, or ~, depending on the output format.
Command and Payments Fraud have several additional API endpoints that can be used to improve your workflow. For example, you can create, retrieve, and delete list entries.
The following table provides a comparison between the Command APIs and the Orders and Policy Management APIs.
sidebar. API endpoint comparison table
|
Functionality |
Legacy Command API |
Payments Fraud API |
Note |
|
Retrieve transaction details |
GET /orders/detail |
GET /orders/{orderId} |
|
|
Add an entry to a list |
POST /udf/delete POST /vip/address POST /vip/card POST /vip/device POST /vip/email POST /vip/gift POST /vip/payment POST /vip/udf |
POST /lists/{id}/entries |
|
|
Retrieve a list entry |
GET /udf/delete GET /vip/address GET /vip/card GET /vip/device GET /vip/email GET /vip/gift GET /vip/payment GET /vip/udf |
GET /lists/{id}/entries/{entryId} |
|
|
Delete a list entry |
POST /udf/delete POST /vip/address POST /vip/card POST /vip/device POST /vip/email POST /vip/gift POST /vip/payment POST /vip/udf |
DELETE /lists/{id}/entries/{entryId} |
|
|
Create a custom field |
POST /udf |
POST /custom-fields |
|
|
Retrieve a custom field |
GET /udf |
GET /custom-fields/{id} |
|
|
Delete a custom field |
POST /udf/delete |
DELETE /custom-fields/{id} |
|
|
Retrieve all lists |
N/A |
GET /lists |
In Command, there is a fixed set of lists and no endpoint to retrieve them. |
|
Retrieve a specific list |
N/A |
GET /lists/{id}/entries/{id} |
In Command, there is no way to get all the entries in a list via API. |
|
Create a list |
N/A |
POST /lists |
In Command, there is a fixed set of lists and no endpoint to retrieve them. |
|
Delete a list |
N/A |
DELETE /lists/{id} |
In Command, there is a fixed set of lists and no endpoint to delete them. |
The following table shows how property fields from the legacy Command Risk Inquiry Service (RIS) Mode U (Update) and RIS Mode X (Reevaluate) map to corresponding properties in the Kount 360 Orders Update API (PATCH). You can use this as a reference when upgrading your server-side integration from Command to Payments Fraud.
The Orders Update API is primarily used in pre-authorization workflows to update an order status after receiving a response from a payment gateway, ensuring accurate data for machine learning models and reporting.
Although both Mode U and Mode X updated the order, Mode X also performed a reevaluation. The Orders Update API does not provide a reevaluation, so Mode X now effectively acts like a Mode U.
sidebar. Property mapping table
|
RIS Mode U Property (Command) |
Orders Update API Property (Kount 360) |
Notes |
|---|---|---|
|
AUTH |
transactions.authorizationStatus.authResult |
Authorization status from the processor, such as Authorized or Declined. |
|
AVST |
transactions.authorizationStatus.verificationResponse.avsStatus |
Address Verification System (AVS) street response. In Command, you needed to interpret the AVST code and indicate whether it matched (“M” for Match, “N” for No Match, and so on). In Payments Fraud, you provide the code you received from the address verification service ("Y” or "Z", and so on) and Payments Fraud interprets the result. |
|
AVSZ |
transactions.authorizationStatus.verificationResponse.avsStatus |
Address Verification System (AVS) zip code response. In Kount 360, this is combined into the AVS status property. In Command, you needed to interpret the AVST code and indicate whether it matched (“M” for Match, “N” for No Match, and so on). In Payments Fraud, you provide the code you received from the address verification service ("Y” or "Z", and so on) and Payments Fraud interprets the result. |
|
CVVR |
transactions.authorizationStatus.verificationResponse.cvvStatus |
Card Verification Value (CVV) response from the processor. The values have changed from single-digit codes (“M”, “N” and “X”) to human-readable enumerations: "Match", "NoMatch" or "Unknown". |
|
LBIN |
transactions.payment.bin |
The first 6-8 digits of the payment card number. |
|
LAST4 |
transactions.payment.last4 |
The last 4 digits of the payment card number. |
|
MERC |
N/A |
This is now handled by the bearer token, which identifies your organization and client. |
|
MODE |
N/A |
The update functionality is now determined by using the HTTP PATCH method. |
|
ORDR |
merchantOrderId |
The unique identifier for the order provided by the merchant. |
|
PTOK |
transactions.payment.paymentToken |
The tokenized or hashed payment token. Value must be KHASHed. |
|
PTYP |
transactions.payment.type |
The specific type of payment used (for example, CREDIT_CARD, PYPL). |
|
SESS |
deviceSessionId |
The unique session identifier created during the Device Data Collection process. |
|
TRAN |
The {ORDER ID} query parameter in the PATCH endpoint’s URL: /commerce/v2/orders/{ORDER ID} |
The unique ID assigned to the order by Kount 360, returned in the initial POST response. |
|
VERS |
N/A |
The version is now part of the endpoint URL (for example, /commerce/v2/orders). |
|
MACK |
N/A |
The customer's acknowledgement to ship/process an order. In Command, this value is hardcoded as Y. |
|
RFCB |
These are updated in the Orders Batch Update Chargeback/Refund Request API (/commerce/v2/orders:batchUpdateReversals). |
Indication of either a refund or chargeback associated with the order. |
Key integration notes
-
Endpoint Specifications: The Orders Update API is a REST endpoint requiring OAuth 2.0 authentication with a temporary bearer token.
-
Token Expiration: Bearer tokens are valid for 20 minutes. Ensure your application handles token refreshes to avoid authentication errors.
-
Unique Session IDs: The
deviceSessionIdmust remain unique for at least 30 days. Reusing session IDs across multiple transactions can negatively impact fraud scores. -
Sensitive Data: When submitting payment information, credit or debit card numbers (PANs) must be tokenized using the Kount 360 hashing algorithm into a KHASH value.
For more information about upgrading from Command RIS to Payments Fraud, see Risk Inquiry Service to Orders API Comparison.