1. Kount Developer
  2. Command
  3. Risk Inquiry Service
  4. RIS SDKs

Integrating the Risk Inquiry Service .NET SDK

For a complete integration you must include the Device Data Collector as well as the Risk Inquiry Service POST. It is recommended that you code for the Device Data Collector first.

Note

For release notes, refer to Kount RIS .NET SDK Release Notes History.

Installing the Risk Inquiry Service .NET SDK

To install the latest Risk Inquiry Service .NET SDK, we recommend using the NuGet package manager. Enter the following command in the NuGet console:

nuget install Kount.Net.RisSDK

For information on how to build the Risk Inquiry Service .NET SDK from the GitHub SDK repository, refer to the Building the RIS .NET SDK from the GitHub repository.

Configuring the Risk Inquiry Service .NET SDK

Before you make your first Risk Inquiry Service call, you must have the following:

  • Merchant ID, 6-digit integer, referenced as Ris.MerchantId in code snippets (provided by your Kount representative)

  • URL for (test) RIS calls as Ris.Url

  • API key, an alphanumeric key used for authentication, Ris.API.Key (retrieved from the Command Agent Web Console)

  • An additional configuration key used within the SDK, Ris.Config.Key

Note

If any of these characters (", \``, or '`) are in the configuration key value, those need to be escaped on the command line.

In your app or web configuration file, in the appsettings.json section, add your basic configuration. Before using the SDK, you must set the Merchant ID and RIS URL to the config file.

Example config file (a template of appsettings.json is also included in KountRisSDK project):

{
  "Logging": {
    "IncludeScopes": false,
    "LogLevel": {
      "Default": "Warning"
    }
  },
  "ConnectionStrings": {
    "Ris.MerchantId": "900100",
    "Ris.API.Key": "INSERT_API_KEY",
    "Ris.Config.Key": "INSERT_CONFIG_KEY",
    "Ris.Url": "https://risk.test.kount.net",
    "Ris.Version": "0720",
    "Ris.CertificateFile": "certificate.pfx",
    "Ris.PrivateKeyPassword": "11111111111111111",
    "Ris.Connect.Timeout": "10000",
    "LOG.LOGGER": "SIMPLE",
    "LOG.SIMPLE.LEVEL": "DEBUG",
    "LOG.SIMPLE.ELAPSED": "ON"
  }
}

Example <project>.csproj file settings:

<Project Sdk="Microsoft.NET.Sdk">

 <PropertyGroup>
   <OutputType>Exe</OutputType>
   <TargetFramework>net7.0</TargetFramework>
   <ImplicitUsings>enable</ImplicitUsings>
   <Nullable>enable</Nullable>
 </PropertyGroup>

 <ItemGroup>
   <PackageReference Include="Microsoft.Extensions.Logging.Abstractions"
Version="6.0.0" />
   <PackageReference Include="Microsoft.Extensions.Configuration"
Version="6.0.0" />
   <PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions"
Version="6.0.0" />
   <PackageReference Include="Microsoft.Extensions.Configuration.Json"
Version="6.0.0" />
   <PackageReference Include="System.Configuration.ConfigurationManager"
Version="6.0.0" />
   <Reference Include="KountRisSdk">
    <HintPath>..\Kount.Net.RisSDK.8.1.0\lib\netstandard2.0\KountRisSdk.dll</
HintPath>
    </Reference>
   </ItemGroup>
</Project>

The following table describes the required static settings found in the SDK:

Data

Size

Description

Example

Ris.MerchantId

6

Six digit identifier issued by Kount.

999666

Ris.Url

na

HTTPS URL path to the company’s servers provided in boarding documentation from Kount.

https://risk.beta.kount.net

Ris.API.Key

Varies

API Key value copied from clipboard - originating from API Key page within Agent Web Console.

Alpha/Numeric hashed value provided by Kount

Ris.Config.Key

Varies

Config Key used in hashing method.

String key provided by Kount

Ris.Connect.Timeout

Varies

RIS connect timeout value measured in milliseconds.

30000

LOG.LOGGER

na

Specifies which logger to use: SIMPLE or NOP.

SIMPLE

LOG.SIMPLE.LEVEL

na

If SIMPLE logging is enabled, this lists logging levels in order of decreasing severity: FATAL, ERROR, WARN, INFO, DEBUG

WARN

LOG.SIMPLE.FILE

na

Name of the log file for SIMPLE logging.

Kount-Ris-DotNet-SDK.log

LOG.SIMPLE.PATH

na

SimpleLogger log path. This is the directory where the log file will be located.

C:\Logs

LOG.SIMPLE.ELAPSED

na

When is ON and SIMPLE logging is enabled, measure overall client request time in milliseconds and logging result.

ON

Note

If LOG.SIMPLE.PATH log path not exist, it is created dynamically.

Making the First Call

  1. Add the Kount.NET library to your project.

  2. Create a Kount.Ris.Inquiry Object, and then populate the setters.

  3. Add cart data.

  4. Ask for the responger(Inquiry.GetResponse()).

  5. Process the Kount.Ris.Response object returned.

    Example Risk Inquiry Service Response

    using System.Collections;
using Kount;
using KountRisSdk;
class Program
{
    static void Main(string[] args)
    {
        Console.WriteLine("Hello, World!");
        Kount.Ris.Inquiry inq = new Kount.Ris.Inquiry();
        Guid myuuid = Guid.NewGuid();
        string sessionID = myuuid.ToString().Replace("-","");   
        // Create masked inquiry with CARD payment
        inq.SetPayment(Kount.Enums.PaymentTypes.Card, "5789372819873789");
        // Merchants acknowledgement to ship/process the order
        inq.SetMack('Y');
        // client email
        inq.SetEmail("joe@domain.com");
        // Set default inquiry mode, internet order type
        inq.SetMode(Kount.Enums.InquiryTypes.ModeQ);
        inq.SetSessionId(sessionID);
        // IP address of the customer
        inq.SetIpAddress("165.53.125.33");
        inq.SetWebsite("DEFAULT");
        // total purchase amount
        inq.SetTotal(5000);
        ArrayList cart = new ArrayList();
        cart.Add(new Kount.Ris.CartItem("Electronics", "TV", "Big TV", 1, 24900));
        inq.SetCart(cart);
        Kount.Ris.Response response = inq.GetResponse();
        Console.WriteLine("RESPONSE: " + response.ToString());
    }
}

Request Explanation

This is a description of what happens during request creation.

  1. Create masked inquiry with CARD payment, and populate the setters.

    Note

    KHASH is the default implementation for payment encryption and requires a config key. Masking overrides the default KHASH implementation, masks payment tokens, and does not require a config key.

  2. Setting the request mode. As mentioned previously, there are several request modes and InquiryType.ModeQ is the most used one.

  3. Setting a session identifier. This ID should be unique for a 30-day span and is used to track all changes regarding the purchase described in the request. More information on the Advanced page.

  4. IP address of the customer. The merchant can discover it or it can be obtained through the Data Collector service.

  5. The total purchase amount represented in the lowest possible currency denomination (example: cents for US Dollars).

Risk Inquiry Service Response

After a merchant has posted Risk Inquiry Service information to Kount, a key-value pair string is returned to the merchant. The RIS response format is the same that was specified in the Risk Inquiry Service request, with the default being named pairs. Each data field must be invoked by getter methods on the response object from the SDK. The merchant can then use the Risk Inquiry Service response to automate the order management process by keying off of the AUTO field and can utilize any of the additional data returned for internal processing.

An important use of the Risk Inquiry Service response is the ability to view any warnings or errors that were made during the Risk Inquiry Service post from the merchant. All warnings are displayed in the response and if errors do occur the Risk Inquiry Service response will be returned with a MODE = E.

If the Device Data Collector was used to collect customer information, the KAPT field can be checked to determine if this process was successful. KAPT = Y means successful, KAPT = N means the process was unsuccessful.

RIS Payment Encryption Options

When using the SDK, KHASH and MASK are available.

KHASH

In .NET Risk Inquiry Service SDK version 5.0.0+, all payment tokens are hashed (one-way encryption) prior to being transmitted to Kount. No credit card numbers, Paypal payment IDs, check numbers, Google Checkout IDs, Bill Me Later IDs, Green Dot MoneyPak IDs, gift card numbers, etc are transmitted in plain text. When the payment type is a credit card (optional for all other payment types), you must send data in the LAST4 input field. The value of this field is the last four numbers/characters of the payment token. The SDK automatically sets this value prior to hashing the payment token for all payment types.

Output : BIN + 14 alpha-numeric characters.
Example: "123456A12C34E56G7DFG"

Note

When using the .NET SDK all credit card information, by default, uses the KHASH encryption method where the credit card information is irreversibly hashed prior to transmission from the merchant to Kount.

KHASH Code Example
/// <summary>
/// Create inquiry with CARD payment
/// </summary>
/// <param name="cardNumber">card number</param>
/// <param name="sid">session id</param>
/// <param name="orderNum">order number</param>
/// <returns>inquiry</returns>
public static Inquiry CreateInquiry(string cardNumber, out string sid, out string orderNum)
{
// create inquiry with default settings
Inquiry inquiry = DefaultInquiry(out sid, out orderNum);
// hashing card number
inquiry.SetCardPayment(cardNumber);

return inquiry;
}

MASK

In the SDK version 6.9.5 is implemented new method Request.SetCardPaymentMasked(string cardNumber), which sets a card payment and masks the card number.

MASK Code Example
/// <summary>
/// Create masked inquiry with CARD payment
/// </summary>
/// <param name="cardNumber">card number</param>
/// <param name="sid">session id</param>
/// <param name="orderNum">order number</param>
/// <returns>masked inquiry</returns>
public static Inquiry CreateInquiryMasked(string cardNumber, out string sid, out string orderNum)
{
// create inquiry with default settings
Inquiry inquiry = DefaultInquiry(out sid, out orderNum);
// mask card number
inquiry.SetCardPaymentMasked(cardNumber);

return inquiry;
}

Request Types and Parameters

The two major request types, Inquiry and Update, are configured by setting the MODE parameter to the correct value.

Use Inquiry for initial registration of the purchase in the Kount system. It has four available values for the MODE parameter:

Inquiry MODE

SDK Constant

Description

Q

InquiryType.ModeQ

Default inquiry mode, internet order type

P

InquiryType.ModeP

Used to analyze a phone-received order

W

InquiryType.ModeW

Kount Central full inquiry with returned thresholds

J

InquiryType.ModeJ

Kount Central fast inquiry with just thresholds

Use Update whenever there are changes to a given order that need to be updated in the Kount system. Update has two available values for the MODE parameter:

Update MODE

SDK Constant

Description

U

UpdateType.ModeU

Default update mode, only sends the update event

X

UpdateType.ModeX

Sends the update event and RIS service returns a status response

Mandatory Parameters

Parameter name

Setter

Mode Q

Mode P

Mode W

Mode J

Mode U

Mode X

MODE

SetMode

Y

Y

Y

Y

Y

Y

VERS

SetVersion

Y

Y

Y

Y

Y

Y

MERC

SetMerchantId

Y

Y

Y

Y

Y

Y

SITE

SetWebsite

Y

Y

Y

SESS

SetSessionId

Y

Y

Y

Y

Y

CURR

SetCurrency

Y

Y

Y

Y

TOTL

SetTotl

Y

Y

Y

Y

CUSTOMER_ID

SetKountCentralCustomerId

Y

Y

PTYP

Y

Y

Y

Y

IPAD

SetIpAddress

Y

Y

Y

Y

MACK

SetMack

Y

Y

Y

Y

Y

TRAN

SetTransactionId

Y

Y

PROD_TYPE

*

Y

Y

Y

PROD_ITEM

*

Y

Y

Y

PROD_QUANT

*

Y

Y

Y

PROD_PRICE

*

Y

Y

Y

ANID

SetAnid

Y

Note

Parameters marked with an asterisk (*) are the shopping cart parameters. They are bulk-set by the Inquiry.setCart(collection<CartItem> cart) method. If the shopping cart contains more than one entry, values for each parameter are transformed to single concatenated strings and then set to the corresponding parameter.

Optional Parameters

The Risk Inquiry Service provides many optional request parameters to increase precision when making a decision about a given purchase/order.

  • AUTH: Authorization Status returned to merchant from processor. Acceptable values for the AUTH field are A for Authorized or D for Decline. In orders where AUTH = A will aggregate towards order velocity of the persona while orders where AUTH = D will decrement the velocity of the persona.

  • AVST: Address Verification System Street verification response returned to merchant from processor. Acceptable values are M for match, N for no-match, or X for unsupported or unavailable.

  • AVSZ: Address Verification System Zip Code verification response returned to merchant from processor. Acceptable values are M for match, N for no match, or X for unsupported or unavailable.

  • CVVR: Card Verification Value response returned to merchant from processor. Acceptable values are M for match, N for no-match, or X unsupported or unavailable.

  • LAST4: Last 4 numbers of Credit Card Value.

  • LBIN: Captures 6-8 characters of BIN data

User Defined Fields

You can create User Defined Fields (UDFs) to include additional information related to your business that is not a standard field in the Transactions Details page in the Agent Web Console. Once you have defined the UDF in the Agent Web Console, you can pass this data into Kount via an array called UDF as key-value pairs where the label is the key and the data passed in is the value. For more information on creating UDF, review Managing User Defined Fields.

Session Related Parameters

There are parameters responsible for maintaining the connection between linked interactions with the RIS. They are transported as a part of the Request/Response objects during standard RIS communication.

SESS parameter

This parameter is created by the customer (merchant) at the start of each new end-user purchase. SESS is used to join the customer device data with the order data sent with the RIS request. If the merchant uses the Kount Device Data Collector service to obtain customer device information, then the same SESS value must be used for all RIS calls - starting with the call to the Device Data Collector service.

Requirements for the SESS parameter value:

  • Alphanumeric

  • 1-32 characters

  • Value must be unique over a thirty-day period of time SESS is a mandatory parameter set by Request.SetSessionId(string sessionId); method.

TRAN parameter

The TRAN parameter is required for update calls to Kount RIS. Its value is created by Kount and is returned within the Response object for the first RIS Inquiry. For all subsequent events, modifying this customer order, the TRAN parameter should be set to the Kount-created value.

Configuring the Logger

The Kount Risk Inquiry Service .NET SDK includes a basic logging framework abstraction. This allows your logging framework to be integrated with the SDK. By default, the SDK provides two basic loggers: NOP and SIMPLE.

NOP is a logger that silently discards all logging. This is the default logger used by the .NET RIS SDK. SIMPLE is a logger that logs messages to a specified file on the SDK host-machine.

SIMPLE logger can be configured in your App.config. The following logging levels are available in order of decreasing severity: FATAL, ERROR, WARN, INFO, and DEBUG.

Kount recommends the following steps to integrate a custom logger with the SDK.

  1. Create the class Kount.Log.Factory.LoggerXFactory that implements Kount.Log.Factory.LoggerFactory.

  2. Create Kount.Log.Binding.LoggerX class that implements Kount.Log.Binding.Logger. This class is the interface to your custom loggerX.

  3. Set your logger factory using the method Kount.Log.Factory.LogFactory.SetLoggerFactory().

Logging Code Example

/// <summary>
/// A class demonstrating how to use logging
/// </summary>
public class ExampleClient
{
/// <summary>
/// The main entry point for the application.<br/>
/// <b>Author:</b> Kount <a>custserv@kount.com</a>;<br/>
/// <b>Version:</b> 6.5.0. <br/>
/// <b>Copyright:</b> 2010 Keynetics Inc <br/>
/// </summary>
[STAThread]
public static void Main()
{
ILoggerFactory factory = LogFactory.GetLoggerFactory();
ILogger logger = factory.GetLogger("Example Client");
logger.Debug("Hello World");
logger.Info("Hello World");
logger.Warn("Hello World");
logger.Error("Hello World");
logger.Fatal("Hello World");

// How to log messages and exceptions.
try
{
Exception e = new Exception("Logging an exception");
throw e;
}
catch (Exception e)
{
logger.Debug("Hello World", e);
logger.Info("Hello World", e);
logger.Warn("Hello World", e);
logger.Error("Hello World", e);
logger.Fatal("Hello World", e);
}
}
}

Abstract Logger

The end-user can provide their implementation of ILogger and use it to capture Kount SDK logs. The abstract logger overrides the SimpleLogger configuration.

Create the ILogger instance and pass it to the Kount Inquiry object constructor.

Example

using var loggerFactory = LoggerFactory.Create(builder =>
{
builder.
SetMinimumLevel(LogLevel.Error)
.AddConsole().AddFile("C:/Logs/logfilename.txt");
});
ILogger logger = loggerFactory.CreateLogger<Program>();
// Passing ILogger reference to Kount.Ris.Inquiry
Inquiry inquryObj = new Inquiry(logger);

Building the Risk Inquiry Service .NET SDK from the GitHub repository

Kount recommends using the Package Manager. Only build the RIS .NET SDK if required for your environment.

There are two integration test modules in the folder structure: pre-configuration (KountRisTest) and post-configuration (KountRisConfigTest).

Option 1: Pre-Configuration

  1. Before running build_sdk.bat change paths settings in zipBuild.ps1(PS script file) according to the installed Visual Studio version.

    Visual Studio 2013

    # Paths settings for VS 2013
$VSPath = "C:\Program Files (x86)\Microsoft Visual Studio 12.0" 
$MSBuildPath = "C:\Program Files (x86)\MSBuild\12.0\Bin"

    Visual Studio 2015

    # Paths settings for VS 2015
$VSPath = "C:\Program Files (x86)\Microsoft Visual Studio 14.0" 
$MSBuildPath = "C:\Program Files (x86)\MSBuild\14.0\Bin"

    Visual Studio 2017

    # Paths settings for VS 2017
$VSPath = "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community" 
$MSBuildPath = "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin"

  2. Run build_sdk.bat from the builds folder.

Option 2: Post-Configuration

Open KountSdk.sln in Visual Studio and build KountSdk.sln.

Where can I find User Defined Fields? Refer to How to Manage User Defined Fields (UDFs). Where can I find accepted payment types and corresponding codes? Refer to Accepted Payment Types and Corresponding Codes. Where can I find RIS error codes? Refer to RIS Error Codes. What are the other RIS modes? Refer to Risk Inquiry Service Modes.

Was this article helpful?
0 out of 1 found this helpful
RIS SDKs
How to Integrate the RIS Java SDK
How to Integrate the RIS Python SDK
How to Integrate the RIS PHP SDK
How to Integrate the RIS Ruby SDK
Integrating the Risk Inquiry Service .NET SDK
Kount RIS Python SDK Release Notes History
Kount RIS Java SDK Release Notes History
Kount RIS PHP SDK Release Notes History
Kount RIS Ruby SDK Release Notes History
Kount RIS .NET SDK Release Notes History